Version : 2024.02
Dernière mise-à-jour : 2024/10/16 12:02
Dans l'ordinateur les périphériques sont reliés à un contrôleur qui communique avec le processeur à l'aide d'un bus. Le contrôleur ainsi que les périphériques nécessitent des pilotes. Sous Linux, les pilotes sont généralement fournis sous la forme d'un module. Chaque périphérique est représenté par un fichier spécial dans le répertoire /dev et c'est dans ce fichier que le système trouve les informations nécessaires pour s'adresser au pilote.
Important : Les périphériques qui nécessitent à ce que l'ordinateur soit éteint afin des les brancher/débrancher sont appelés communément Cold Plug Devices. Les périphériques qui peuvent être brancher/débrancher à chaud sont appelés des Hot Plug Devices.
Consultez le contenu du répertoire /dev :
root@debian11:~# ls -l /dev | more total 0 crw-r--r-- 1 root root 10, 235 Apr 26 13:08 autofs drwxr-xr-x 2 root root 480 Apr 28 06:26 block drwxr-xr-x 2 root root 120 Apr 26 13:08 bsg crw-rw---- 1 root disk 10, 234 Apr 28 05:31 btrfs-control drwxr-xr-x 3 root root 60 Apr 26 13:08 bus lrwxrwxrwx 1 root root 3 Apr 26 13:08 cdrom -> sr0 drwxr-xr-x 2 root root 2800 Apr 28 06:02 char crw--w---- 1 root tty 5, 1 Apr 30 12:19 console lrwxrwxrwx 1 root root 11 Apr 26 13:08 core -> /proc/kcore crw------- 1 root root 10, 62 Apr 26 13:08 cpu_dma_latency crw------- 1 root root 10, 203 Apr 26 13:08 cuse drwxr-xr-x 7 root root 140 Apr 26 13:08 disk brw-rw---- 1 root disk 254, 0 Apr 27 15:21 dm-0 brw-rw---- 1 root disk 254, 1 Apr 26 16:33 dm-1 brw-rw---- 1 root disk 254, 2 Apr 28 06:27 dm-2 drwxr-xr-x 3 root root 80 Apr 26 13:08 dri lrwxrwxrwx 1 root root 3 Apr 26 13:08 dvd -> sr0 crw------- 1 root root 10, 61 Apr 28 06:02 ecryptfs crw-rw---- 1 root video 29, 0 Apr 26 13:08 fb0 lrwxrwxrwx 1 root root 13 Apr 26 13:08 fd -> /proc/self/fd crw-rw-rw- 1 root root 1, 7 Apr 26 13:08 full crw-rw-rw- 1 root root 10, 229 Apr 26 13:08 fuse crw------- 1 root root 248, 0 Apr 26 13:08 hidraw0 crw------- 1 root root 10, 228 Apr 26 13:08 hpet drwxr-xr-x 2 root root 0 Apr 26 13:08 hugepages lrwxrwxrwx 1 root root 12 Apr 26 13:08 initctl -> /run/initctl drwxr-xr-x 4 root root 280 Apr 26 13:08 input crw-r--r-- 1 root root 1, 11 Apr 26 13:08 kmsg lrwxrwxrwx 1 root root 28 Apr 26 13:08 log -> /run/systemd/journal/dev-log crw-rw---- 1 root disk 10, 237 Apr 26 13:08 loop-control drwxr-xr-x 2 root root 120 Apr 28 06:26 mapper crw-r----- 1 root kmem 1, 1 Apr 26 13:08 mem drwxrwxrwt 2 root root 40 Apr 26 13:08 mqueue drwxr-xr-x 2 root root 60 Apr 26 13:08 net crw-rw-rw- 1 root root 1, 3 Apr 26 13:08 null crw------- 1 root root 10, 144 Apr 26 13:08 nvram crw-r----- 1 root kmem 1, 4 Apr 26 13:08 port crw------- 1 root root 108, 0 Apr 26 13:08 ppp crw------- 1 root root 10, 1 Apr 26 13:08 psaux crw-rw-rw- 1 root tty 5, 2 Apr 30 15:29 ptmx drwxr-xr-x 2 root root 0 Apr 26 13:08 pts crw-rw-rw- 1 root root 1, 8 Apr 26 13:08 random crw-rw-r-- 1 root netdev 10, 242 Apr 26 13:08 rfkill lrwxrwxrwx 1 root root 4 Apr 26 13:08 rtc -> rtc0 crw------- 1 root root 252, 0 Apr 26 13:08 rtc0 --More-- [q]
On peut noter dans la sortie de la commande que certains fichiers sont de type bloc (b), tandis que d'autre sont de type caractère (c).
... brw-rw---- 1 root disk 8, 33 Apr 26 13:46 sdc1 ... crw--w---- 1 root tty 5, 1 Apr 30 12:19 console ...
La différence entre les deux repose sur le type de communication entre le système et le module. Dans le premier cas le système accède au périphérique par des coordonnées du bloc de données sur le support tandis que dans le deuxième cas la communication d'échange de données se fait octet par octet sans utiliser des tampons.
Les deux informations clefs du fichier spécial sont situées à la place de la taille d'un fichier normal et se nomment le majeur et le mineur :
Cette commande vous renseigne sur les adaptateurs reliés aux bus PCI, AGP et PCI express :
root@debian11:~# lspci 00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02) 00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II] 00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton II] 00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton II] (rev 01) 00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03) 00:02.0 VGA compatible controller: Device 1234:1111 (rev 02) 00:03.0 Unclassified device [00ff]: Red Hat, Inc. Virtio memory balloon 00:05.0 SCSI storage controller: Red Hat, Inc. Virtio SCSI 00:12.0 Ethernet controller: Red Hat, Inc. Virtio network device 00:1e.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge 00:1f.0 PCI bridge: Red Hat, Inc. QEMU PCI-PCI bridge
Pour obtenir de l'information sur un adaptateur spécifique, il convient d'utiliser la même commande avec l'option -v en spécifiant l'identifiant concerné :
root@debian11:~# lspci -v -s 00:03.0
00:03.0 Unclassified device [00ff]: Red Hat, Inc. Virtio memory balloon
Subsystem: Red Hat, Inc. Virtio memory balloon
Physical Slot: 3
Flags: bus master, fast devsel, latency 0, IRQ 10
I/O ports at e000 [size=64]
Memory at fe400000 (64-bit, prefetchable) [size=16K]
Capabilities: [84] Vendor Specific Information: VirtIO: <unknown>
Capabilities: [70] Vendor Specific Information: VirtIO: Notify
Capabilities: [60] Vendor Specific Information: VirtIO: DeviceCfg
Capabilities: [50] Vendor Specific Information: VirtIO: ISR
Capabilities: [40] Vendor Specific Information: VirtIO: CommonCfg
Kernel driver in use: virtio-pci
Kernel modules: virtio_pci
ou :
root@debian11:~# lspci -vv -s 00:03.0
00:03.0 Unclassified device [00ff]: Red Hat, Inc. Virtio memory balloon
Subsystem: Red Hat, Inc. Virtio memory balloon
Physical Slot: 3
Control: I/O+ Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
Latency: 0
Interrupt: pin A routed to IRQ 10
Region 0: I/O ports at e000 [size=64]
Region 4: Memory at fe400000 (64-bit, prefetchable) [size=16K]
Capabilities: [84] Vendor Specific Information: VirtIO: <unknown>
BAR=0 offset=00000000 size=00000000
Capabilities: [70] Vendor Specific Information: VirtIO: Notify
BAR=4 offset=00003000 size=00001000 multiplier=00000004
Capabilities: [60] Vendor Specific Information: VirtIO: DeviceCfg
BAR=4 offset=00002000 size=00001000
Capabilities: [50] Vendor Specific Information: VirtIO: ISR
BAR=4 offset=00001000 size=00001000
Capabilities: [40] Vendor Specific Information: VirtIO: CommonCfg
BAR=4 offset=00000000 size=00001000
Kernel driver in use: virtio-pci
Kernel modules: virtio_pci
Les options de cette commande sont :
root@debian11:~# lspci --help lspci: invalid option -- '-' Usage: lspci [<switches>] Basic display modes: -mm Produce machine-readable output (single -m for an obsolete format) -t Show bus tree Display options: -v Be verbose (-vv or -vvv for higher verbosity) -k Show kernel drivers handling each device -x Show hex-dump of the standard part of the config space -xxx Show hex-dump of the whole config space (dangerous; root only) -xxxx Show hex-dump of the 4096-byte extended config space (root only) -b Bus-centric view (addresses and IRQ's as seen by the bus) -D Always show domain numbers -P Display bridge path in addition to bus and device number -PP Display bus path in addition to bus and device number Resolving of device ID's to names: -n Show numeric ID's -nn Show both textual and numeric ID's (names & numbers) -q Query the PCI ID database for unknown ID's via DNS -qq As above, but re-query locally cached entries -Q Query the PCI ID database for all ID's via DNS Selection of devices: -s [[[[<domain>]:]<bus>]:][<slot>][.[<func>]] Show only devices in selected slots -d [<vendor>]:[<device>][:<class>] Show only devices with specified ID's Other options: -i <file> Use specified ID database instead of /usr/share/misc/pci.ids.gz -p <file> Look up kernel modules in a given file instead of default modules.pcimap -M Enable `bus mapping' mode (dangerous; root only) PCI access options: -A <method> Use the specified PCI access method (see `-A help' for a list) -O <par>=<val> Set PCI access parameter (see `-O help' for a list) -G Enable PCI access debugging -H <mode> Use direct hardware access (<mode> = 1 or 2) -F <file> Read PCI configuration dump from a given file
Cette commande vous renseigne sur les adaptateurs reliés au bus usb :
root@debian11:~# lsusb
Bus 001 Device 002: ID 0627:0001 Adomax Technology Co., Ltd QEMU USB Tablet
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
root@debian11:~# lsusb -vt
/: Bus 01.Port 1: Dev 1, Class=root_hub, Driver=uhci_hcd/2p, 12M
ID 1d6b:0001 Linux Foundation 1.1 root hub
|__ Port 1: Dev 2, If 0, Class=Human Interface Device, Driver=usbhid, 12M
ID 0627:0001 Adomax Technology Co., Ltd
Les options de cette commande sont :
root@debian11:~# lsusb --help
Usage: lsusb [options]...
List USB devices
-v, --verbose
Increase verbosity (show descriptors)
-s [[bus]:][devnum]
Show only devices with specified device and/or
bus numbers (in decimal)
-d vendor:[product]
Show only devices with the specified vendor and
product ID numbers (in hexadecimal)
-D device
Selects which device lsusb will examine
-t, --tree
Dump the physical USB device hierarchy as a tree
-V, --version
Show version of program
-h, --help
Show usage and help
Cette commande vous renseigne sur les périphériques de type bloc :
root@debian11:~# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 32G 0 disk ├─sda1 8:1 0 31G 0 part / ├─sda2 8:2 0 1K 0 part └─sda5 8:5 0 975M 0 part [SWAP] sdb 8:16 0 64G 0 disk sdc 8:32 0 4G 0 disk ├─sdc1 8:33 0 100M 0 part ├─sdc2 8:34 0 100M 0 part ├─sdc3 8:35 0 100M 0 part ├─sdc4 8:36 0 1K 0 part ├─sdc5 8:37 0 500M 0 part ├─sdc6 8:38 0 200M 0 part │ └─vg0-lv1 254:0 0 104M 0 lvm ├─sdc7 8:39 0 300M 0 part │ └─vg0-lv2 254:1 0 112M 0 lvm ├─sdc8 8:40 0 500M 0 part │ └─md1 9:1 0 996M 0 raid5 ├─sdc9 8:41 0 400M 0 part │ └─vg0-lv2 254:1 0 112M 0 lvm ├─sdc10 8:42 0 500M 0 part │ └─md1 9:1 0 996M 0 raid5 ├─sdc11 8:43 0 500M 0 part │ └─md1 9:1 0 996M 0 raid5 └─sdc12 8:44 0 200M 0 part sr0 11:0 1 378M 0 rom
Les options de cette commande sont :
root@debian11:~# lsblk --help
Usage:
lsblk [options] [<device> ...]
List information about block devices.
Options:
-D, --discard print discard capabilities
-E, --dedup <column> de-duplicate output by <column>
-I, --include <list> show only devices with specified major numbers
-J, --json use JSON output format
-O, --output-all output all columns
-P, --pairs use key="value" output format
-S, --scsi output info about SCSI devices
-T, --tree[=<column>] use tree format output
-a, --all print all devices
-b, --bytes print SIZE in bytes rather than in human readable format
-d, --nodeps don't print slaves or holders
-e, --exclude <list> exclude devices by major number (default: RAM disks)
-f, --fs output info about filesystems
-i, --ascii use ascii characters only
-l, --list use list format output
-M, --merge group parents of sub-trees (usable for RAIDs, Multi-path)
-m, --perms output info about permissions
-n, --noheadings don't print headings
-o, --output <list> output columns
-p, --paths print complete device path
-r, --raw use raw output format
-s, --inverse inverse dependencies
-t, --topology output info about topology
-z, --zoned print zone model
-x, --sort <column> sort output by <column>
--sysroot <dir> use specified directory as system root
-h, --help display this help
-V, --version display version
Available output columns:
NAME device name
KNAME internal kernel device name
PATH path to the device node
MAJ:MIN major:minor device number
FSAVAIL filesystem size available
FSSIZE filesystem size
FSTYPE filesystem type
FSUSED filesystem size used
FSUSE% filesystem use percentage
FSVER filesystem version
MOUNTPOINT where the device is mounted
LABEL filesystem LABEL
UUID filesystem UUID
PTUUID partition table identifier (usually UUID)
PTTYPE partition table type
PARTTYPE partition type code or UUID
PARTTYPENAME partition type name
PARTLABEL partition LABEL
PARTUUID partition UUID
PARTFLAGS partition flags
RA read-ahead of the device
RO read-only device
RM removable device
HOTPLUG removable or hotplug device (usb, pcmcia, ...)
MODEL device identifier
SERIAL disk serial number
SIZE size of the device
STATE state of the device
OWNER user name
GROUP group name
MODE device node permissions
ALIGNMENT alignment offset
MIN-IO minimum I/O size
OPT-IO optimal I/O size
PHY-SEC physical sector size
LOG-SEC logical sector size
ROTA rotational device
SCHED I/O scheduler name
RQ-SIZE request queue size
TYPE device type
DISC-ALN discard alignment offset
DISC-GRAN discard granularity
DISC-MAX discard max bytes
DISC-ZERO discard zeroes data
WSAME write same max bytes
WWN unique storage identifier
RAND adds randomness
PKNAME internal parent kernel device name
HCTL Host:Channel:Target:Lun for SCSI
TRAN device transport type
SUBSYSTEMS de-duplicated chain of subsystems
REV device revision
VENDOR device vendor
ZONED zone model
DAX dax-capable device
For more details see lsblk(8).
Cette commmande vous renseigne sur les périphériques SCSI et NVMe :
root@debian11:~# apt install lsscsi root@debian11:~# lsscsi [1:0:0:0] cd/dvd QEMU QEMU DVD-ROM 2.5+ /dev/sr0 [2:0:0:0] disk QEMU QEMU HARDDISK 2.5+ /dev/sda [2:0:0:1] disk QEMU QEMU HARDDISK 2.5+ /dev/sdc [2:0:0:2] disk QEMU QEMU HARDDISK 2.5+ /dev/sdb
Les options de cette commande sont :
root@debian11:~# lsscsi --help
Usage: lsscsi [--brief] [--classic] [--controllers] [--device] [--generic]
[--help] [--hosts] [--kname] [--list] [--long] [--long-unit]
[--lunhex] [--no-nvme] [--pdt] [--protection] [--prot-mode]
[--scsi_id] [--size] [--sz-lbs] [--sysfsroot=PATH] [--transport]
[--unit] [--verbose] [--version] [--wwn] [<h:c:t:l>]
where:
--brief|-b tuple and device name only
--classic|-c alternate output similar to 'cat /proc/scsi/scsi'
--controllers|-C synonym for --hosts since NVMe controllers treated
like SCSI hosts
--device|-d show device node's major + minor numbers
--generic|-g show scsi generic device name
--help|-h this usage information
--hosts|-H lists scsi hosts rather than scsi devices
--kname|-k show kernel name instead of device node name
--list|-L additional information output one
attribute=value per line
--long|-l additional information output
--long-unit|-U print LU name in full, use twice to prefix with
'.naa', 'eui.', 'uuid.' or 't10.'
--lunhex|-x show LUN part of tuple as hex number in T10 format;
use twice to get full 16 digit hexadecimal LUN
--no-nvme|-N exclude NVMe devices from output
--pdt|-D show the peripheral device type in hex
--protection|-p show target and initiator protection information
--protmode|-P show negotiated protection information mode
--scsi_id|-i show udev derived /dev/disk/by-id/scsi* entry
--size|-s show disk size, (once for decimal (e.g. 3 GB),
twice for power of two (e.g. 2.7 GiB),
thrice for number of blocks))
--sysfsroot=PATH|-y PATH set sysfs mount point to PATH (def: /sys)
--sz-lbs|-S show size as a number of logical blocks; if used twice
adds comma followed by logical block size in bytes
--transport|-t transport information for target or, if '--hosts'
given, for initiator
--unit|-u logical unit (LU) name (aka WWN for ATA/SATA)
--verbose|-v output path names where data is found
--version|-V output version string and exit
--wwn|-w output WWN for disks (from /dev/disk/by-id/wwn*)
<h:c:t:l> filter output list (def: '*:*:*:*' (all)). Meaning:
<host_num:controller:target:lun> or for NVMe:
<'N':ctl_num:cntlid:namespace_id>
List SCSI devices or hosts, followed by NVMe namespaces or controllers.
Many storage devices (e.g. SATA disks and USB attached storage) use SCSI
command sets and hence are also listed by this utility. Hyphenated long
options can also take underscore (and vice versa).
Cett commande vous renseigne sur l'architecture des CPUs :
root@debian11:~# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
Address sizes: 40 bits physical, 48 bits virtual
CPU(s): 8
On-line CPU(s) list: 0-7
Thread(s) per core: 1
Core(s) per socket: 4
Socket(s): 2
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 15
Model: 6
Model name: Common KVM processor
Stepping: 1
CPU MHz: 3791.998
BogoMIPS: 7583.99
Hypervisor vendor: KVM
Virtualization type: full
L1d cache: 256 KiB
L1i cache: 256 KiB
L2 cache: 32 MiB
L3 cache: 32 MiB
NUMA node0 CPU(s): 0-7
Vulnerability Itlb multihit: KVM: Mitigation: VMX unsupported
Vulnerability L1tf: Mitigation; PTE Inversion
Vulnerability Mds: Vulnerable: Clear CPU buffers attempted, no microcode
; SMT Host state unknown
Vulnerability Meltdown: Mitigation; PTI
Vulnerability Spec store bypass: Vulnerable
Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user point
er sanitization
Vulnerability Spectre v2: Mitigation; Retpolines, STIBP disabled, RSB filling
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort: Not affected
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge
mca cmov pat pse36 clflush mmx fxsr sse sse2 ht sysca
ll nx lm constant_tsc nopl xtopology cpuid tsc_known_
freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault p
ti
root@debian11:~# lscpu
Architecture: x86_64
CPU op-mode(s): 32-bit, 64-bit
Byte Order: Little Endian
Address sizes: 40 bits physical, 48 bits virtual
CPU(s): 8
On-line CPU(s) list: 0-7
Thread(s) per core: 1
Core(s) per socket: 4
Socket(s): 2
NUMA node(s): 1
Vendor ID: GenuineIntel
CPU family: 15
Model: 6
Model name: Common KVM processor
Stepping: 1
CPU MHz: 3791.998
BogoMIPS: 7583.99
Hypervisor vendor: KVM
Virtualization type: full
L1d cache: 256 KiB
L1i cache: 256 KiB
L2 cache: 32 MiB
L3 cache: 32 MiB
NUMA node0 CPU(s): 0-7
Vulnerability Itlb multihit: KVM: Mitigation: VMX unsupported
Vulnerability L1tf: Mitigation; PTE Inversion
Vulnerability Mds: Vulnerable: Clear CPU buffers attempted, no microcode; SMT Host state unknown
Vulnerability Meltdown: Mitigation; PTI
Vulnerability Spec store bypass: Vulnerable
Vulnerability Spectre v1: Mitigation; usercopy/swapgs barriers and __user pointer sanitization
Vulnerability Spectre v2: Mitigation; Retpolines, STIBP disabled, RSB filling
Vulnerability Srbds: Not affected
Vulnerability Tsx async abort: Not affected
Flags: fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2ap
ic hypervisor lahf_lm cpuid_fault pti
Les options de cette commande sont :
root@debian11:~# lscpu --help
Usage:
lscpu [options]
Display information about the CPU architecture.
Options:
-a, --all print both online and offline CPUs (default for -e)
-b, --online print online CPUs only (default for -p)
-B, --bytes print sizes in bytes rather than in human readable format
-C, --caches[=<list>] info about caches in extended readable format
-c, --offline print offline CPUs only
-J, --json use JSON for default or extended format
-e, --extended[=<list>] print out an extended readable format
-p, --parse[=<list>] print out a parsable format
-s, --sysroot <dir> use specified directory as system root
-x, --hex print hexadecimal masks rather than lists of CPUs
-y, --physical print physical instead of logical IDs
--output-all print all available columns for -e, -p or -C
-h, --help display this help
-V, --version display version
Available output columns for -e or -p:
CPU logical CPU number
CORE logical core number
SOCKET logical socket number
NODE logical NUMA node number
BOOK logical book number
DRAWER logical drawer number
CACHE shows how caches are shared between CPUs
POLARIZATION CPU dispatching mode on virtual hardware
ADDRESS physical address of a CPU
CONFIGURED shows if the hypervisor has allocated the CPU
ONLINE shows if Linux currently makes use of the CPU
MAXMHZ shows the maximum MHz of the CPU
MINMHZ shows the minimum MHz of the CPU
Available output columns for -C:
ALL-SIZE size of all system caches
LEVEL cache level
NAME cache name
ONE-SIZE size of one cache
TYPE cache type
WAYS ways of associativity
ALLOC-POLICY allocation policy
WRITE-POLICY write policy
PHY-LINE number of physical cache line per cache t
SETS number of sets in the cache; set lines has the same cache index
COHERENCY-SIZE minimum amount of data in bytes transferred from memory to cache
For more details see lscpu(1).
Cette commande vous renseigne sur le matériel selon la classe de celui-ci. Commencez par visualiser les périphériques et leurs classes répectives :
root@debian11:~# apt install lshw
root@debian11:~# lshw -businfo
Bus info Device Class Description
====================================================
system Standard PC (i440FX + PIIX, 1996)
bus Motherboard
memory 96KiB BIOS
cpu@0 processor Common KVM processor
cpu@1 processor Common KVM processor
memory 16GiB System Memory
memory 16GiB DIMM RAM
pci@0000:00:00.0 bridge 440FX - 82441FX PMC [Natoma]
pci@0000:00:01.0 bridge 82371SB PIIX3 ISA [Natoma/Triton II]
pci@0000:00:01.1 scsi1 storage 82371SB PIIX3 IDE [Natoma/Triton II]
scsi@1:0.0.0 /dev/cdrom disk QEMU DVD-ROM
pci@0000:00:01.2 bus 82371SB PIIX3 USB [Natoma/Triton II]
usb@1 usb1 bus UHCI Host Controller
usb@1:1 input QEMU USB Tablet
pci@0000:00:01.3 bridge 82371AB/EB/MB PIIX4 ACPI
pci@0000:00:02.0 display VGA compatible controller
pci@0000:00:03.0 generic Virtio memory balloon
virtio@0 generic Virtual I/O device
pci@0000:00:05.0 storage Virtio SCSI
virtio@1 scsi2 generic Virtual I/O device
scsi@2:0.0.0 /dev/sda disk 34GB QEMU HARDDISK
scsi@2:0.0.0,1 /dev/sda1 volume 31GiB EXT4 volume
scsi@2:0.0.0,2 /dev/sda2 volume 975MiB Extended partition
/dev/sda5 volume 975MiB Linux swap volume
scsi@2:0.0.2 /dev/sdb disk 68GB QEMU HARDDISK
scsi@2:0.0.1 /dev/sdc disk 4294MB QEMU HARDDISK
pci@0000:00:12.0 network Virtio network device
virtio@2 ens18 network Ethernet interface
pci@0000:00:1e.0 bridge QEMU PCI-PCI bridge
pci@0000:00:1f.0 bridge QEMU PCI-PCI bridge
input PnP device PNP0303
input PnP device PNP0f13
storage PnP device PNP0700
system PnP device PNP0b00
Consultez maintenant le matériel de la classe system :
root@debian11:~# lshw -c system
debian11
description: Computer
product: Standard PC (i440FX + PIIX, 1996)
vendor: QEMU
version: pc-i440fx-7.0
width: 64 bits
capabilities: smbios-2.8 dmi-2.8 smp vsyscall32
configuration: boot=normal uuid=486E81CE-A4FA-B94C-A03E-F0F58040C52B
*-pnp00:03
product: PnP device PNP0b00
physical id: 4
capabilities: pnp
configuration: driver=rtc_cmos
Consultez maintenant le matériel des autres classes principales :
root@debian11:~# lshw -c memory
*-firmware
description: BIOS
vendor: SeaBIOS
physical id: 0
version: rel-1.16.0-0-gd239552ce722-prebuilt.qemu.org
date: 04/01/2014
size: 96KiB
*-memory
description: System Memory
physical id: 1000
size: 16GiB
capabilities: ecc
configuration: errordetection=multi-bit-ecc
*-bank
description: DIMM RAM
vendor: QEMU
physical id: 0
slot: DIMM 0
size: 16GiB
root@debian11:~# lshw -c video
*-display
description: VGA compatible controller
physical id: 2
bus info: pci@0000:00:02.0
version: 02
width: 32 bits
clock: 33MHz
capabilities: vga_controller bus_master rom
configuration: driver=bochs-drm latency=0
resources: irq:0 memory:fd000000-fdffffff memory:fea50000-fea50fff memory:c0000-dffff
root@debian11:~# lshw -c storage
*-ide
description: IDE interface
product: 82371SB PIIX3 IDE [Natoma/Triton II]
vendor: Intel Corporation
physical id: 1.1
bus info: pci@0000:00:01.1
logical name: scsi1
version: 00
width: 32 bits
clock: 33MHz
capabilities: ide isa_compat_mode bus_master emulated
configuration: driver=ata_piix latency=0
resources: irq:0 ioport:1f0(size=8) ioport:3f6 ioport:170(size=8) ioport:376 ioport:e0c0(size=16)
*-scsi
description: SCSI storage controller
product: Virtio SCSI
vendor: Red Hat, Inc.
physical id: 5
bus info: pci@0000:00:05.0
version: 00
width: 64 bits
clock: 33MHz
capabilities: scsi msix bus_master cap_list
configuration: driver=virtio-pci latency=0
resources: irq:10 ioport:e040(size=64) memory:fea51000-fea51fff memory:fe404000-fe407fff
*-pnp00:02
product: PnP device PNP0700
physical id: 3
capabilities: pnp
root@debian11:~# lshw -c disk
*-cdrom
description: DVD reader
product: QEMU DVD-ROM
vendor: QEMU
physical id: 0.0.0
bus info: scsi@1:0.0.0
logical name: /dev/cdrom
logical name: /dev/dvd
logical name: /dev/sr0
version: 2.5+
capabilities: removable audio dvd
configuration: ansiversion=5 status=nodisc
*-disk:0
description: SCSI Disk
product: QEMU HARDDISK
vendor: QEMU
physical id: 0.0.0
bus info: scsi@2:0.0.0
logical name: /dev/sda
version: 2.5+
size: 32GiB (34GB)
capabilities: 5400rpm partitioned partitioned:dos
configuration: ansiversion=5 logicalsectorsize=512 sectorsize=512 signature=f2e3a71a
*-disk:1
description: SCSI Disk
product: QEMU HARDDISK
vendor: QEMU
physical id: 0.0.2
bus info: scsi@2:0.0.2
logical name: /dev/sdb
version: 2.5+
size: 64GiB (68GB)
capabilities: 5400rpm
configuration: ansiversion=5 logicalsectorsize=512 sectorsize=512
*-disk:2
description: SCSI Disk
product: QEMU HARDDISK
vendor: QEMU
physical id: 0.0.1
bus info: scsi@2:0.0.1
logical name: /dev/sdc
version: 2.5+
size: 4GiB (4294MB)
capabilities: 5400rpm
configuration: ansiversion=5 logicalsectorsize=512 sectorsize=512
root@debian11:~# lshw -c volume
*-volume:0
description: EXT4 volume
vendor: Linux
physical id: 1
bus info: scsi@2:0.0.0,1
logical name: /dev/sda1
logical name: /
version: 1.0
serial: 9887a74f-a680-4bde-8f04-db5ae9ea186e
size: 31GiB
capacity: 31GiB
capabilities: primary bootable journaled extended_attributes large_files huge_files dir_nlink 64bit extents ext4 ext2 initialized
configuration: created=2022-04-25 06:26:50 filesystem=ext4 lastmountpoint=/ modified=2022-11-14 14:37:33 mount.fstype=ext4 mount.options=rw,relatime,errors=remount-ro mounted=2022-11-13 07:42:24 state=mounted
*-volume:1
description: Extended partition
physical id: 2
bus info: scsi@2:0.0.0,2
logical name: /dev/sda2
size: 975MiB
capacity: 975MiB
capabilities: primary extended partitioned partitioned:extended
*-logicalvolume
description: Linux swap volume
physical id: 5
logical name: /dev/sda5
version: 1
serial: 1f9439f5-4b19-49b1-b292-60c2c674cee9
size: 975MiB
capacity: 975MiB
capabilities: nofs swap initialized
configuration: filesystem=swap pagesize=4096
root@debian11:~# lshw -c network
*-network
description: Ethernet controller
product: Virtio network device
vendor: Red Hat, Inc.
physical id: 12
bus info: pci@0000:00:12.0
version: 00
width: 64 bits
clock: 33MHz
capabilities: msix bus_master cap_list rom
configuration: driver=virtio-pci latency=0
resources: irq:11 ioport:e0a0(size=32) memory:fea52000-fea52fff memory:fe408000-fe40bfff memory:fea00000-fea3ffff
*-virtio2
description: Ethernet interface
physical id: 0
bus info: virtio@2
logical name: ens18
serial: 56:a3:fd:18:02:6d
capabilities: ethernet physical
configuration: autonegotiation=off broadcast=yes driver=virtio_net driverversion=1.0.0 ip=10.0.2.46 link=yes multicast=yes
Les options de cette commande sont :
root@debian11:~# lshw -h
Hardware Lister (lshw) -
usage: lshw [-format] [-options ...]
lshw -version
-version print program version ()
format can be
-html output hardware tree as HTML
-xml output hardware tree as XML
-json output hardware tree as a JSON object
-short output hardware paths
-businfo output bus information
options can be
-class CLASS only show a certain class of hardware
-C CLASS same as '-class CLASS'
-c CLASS same as '-class CLASS'
-disable TEST disable a test (like pci, isapnp, cpuid, etc. )
-enable TEST enable a test (like pci, isapnp, cpuid, etc. )
-quiet don't display status
-sanitize sanitize output (remove sensitive information like serial numbers, etc.)
-numeric output numeric IDs (for PCI, USB, etc.)
-notime exclude volatile attributes (timestamps) from output
La commande dmidecode lit la table DMI (Desktop Management Interface) aussi appelée SMBIOS (System Management BIOS) et fourni les informations sur :
root@debian11:~# dmidecode
# dmidecode 3.3
Getting SMBIOS data from sysfs.
SMBIOS 2.8 present.
10 structures occupying 443 bytes.
Table at 0x000F58C0.
Handle 0x0000, DMI type 0, 24 bytes
BIOS Information
Vendor: SeaBIOS
Version: rel-1.14.0-0-g155821a1990b-prebuilt.qemu.org
Release Date: 04/01/2014
Address: 0xE8000
Runtime Size: 96 kB
ROM Size: 64 kB
Characteristics:
BIOS characteristics not supported
Targeted content distribution is supported
BIOS Revision: 0.0
Handle 0x0100, DMI type 1, 27 bytes
System Information
Manufacturer: QEMU
Product Name: Standard PC (i440FX + PIIX, 1996)
Version: pc-i440fx-5.2
Serial Number: Not Specified
UUID: ce816e48-faa4-4cb9-a03e-f0f58040c52b
Wake-up Type: Power Switch
SKU Number: Not Specified
Family: Not Specified
Handle 0x0300, DMI type 3, 22 bytes
Chassis Information
Manufacturer: QEMU
Type: Other
Lock: Not Present
Version: pc-i440fx-5.2
Serial Number: Not Specified
Asset Tag: Not Specified
Boot-up State: Safe
Power Supply State: Safe
Thermal State: Safe
Security Status: Unknown
OEM Information: 0x00000000
Height: Unspecified
Number Of Power Cords: Unspecified
Contained Elements: 0
SKU Number: Not Specified
Handle 0x0400, DMI type 4, 42 bytes
Processor Information
Socket Designation: CPU 0
Type: Central Processor
Family: Other
Manufacturer: QEMU
ID: 61 0F 00 00 FF FB 8B 07
Version: pc-i440fx-5.2
Voltage: Unknown
External Clock: Unknown
Max Speed: 2000 MHz
Current Speed: 2000 MHz
Status: Populated, Enabled
Upgrade: Other
L1 Cache Handle: Not Provided
L2 Cache Handle: Not Provided
L3 Cache Handle: Not Provided
Serial Number: Not Specified
Asset Tag: Not Specified
Part Number: Not Specified
Core Count: 2
Core Enabled: 2
Thread Count: 1
Characteristics: None
Handle 0x1000, DMI type 16, 23 bytes
Physical Memory Array
Location: Other
Use: System Memory
Error Correction Type: Multi-bit ECC
Maximum Capacity: 4 GB
Error Information Handle: Not Provided
Number Of Devices: 1
Handle 0x1100, DMI type 17, 40 bytes
Memory Device
Array Handle: 0x1000
Error Information Handle: Not Provided
Total Width: Unknown
Data Width: Unknown
Size: 4 GB
Form Factor: DIMM
Set: None
Locator: DIMM 0
Bank Locator: Not Specified
Type: RAM
Type Detail: Other
Speed: Unknown
Manufacturer: QEMU
Serial Number: Not Specified
Asset Tag: Not Specified
Part Number: Not Specified
Rank: Unknown
Configured Memory Speed: Unknown
Minimum Voltage: Unknown
Maximum Voltage: Unknown
Configured Voltage: Unknown
Handle 0x1300, DMI type 19, 31 bytes
Memory Array Mapped Address
Starting Address: 0x00000000000
Ending Address: 0x000BFFFFFFF
Range Size: 3 GB
Physical Array Handle: 0x1000
Partition Width: 1
Handle 0x1301, DMI type 19, 31 bytes
Memory Array Mapped Address
Starting Address: 0x00100000000
Ending Address: 0x0013FFFFFFF
Range Size: 1 GB
Physical Array Handle: 0x1000
Partition Width: 1
Handle 0x2000, DMI type 32, 11 bytes
System Boot Information
Status: No errors detected
Handle 0x7F00, DMI type 127, 4 bytes
End Of Table
Les options de cette commande sont :
root@debian11:~# dmidecode --help
Usage: dmidecode [OPTIONS]
Options are:
-d, --dev-mem FILE Read memory from device FILE (default: /dev/mem)
-h, --help Display this help text and exit
-q, --quiet Less verbose output
-s, --string KEYWORD Only display the value of the given DMI string
-t, --type TYPE Only display the entries of given type
-H, --handle HANDLE Only display the entry of given handle
-u, --dump Do not decode the entries
--dump-bin FILE Dump the DMI data to a binary file
--from-dump FILE Read the DMI data from a binary file
--no-sysfs Do not attempt to read DMI data from sysfs files
--oem-string N Only display the value of the given OEM string
-V, --version Display the version and exit
smartctl contrôle le système SMART (Self-Monitoring, Analysis and Reporting Technology) intégré à la plupart des disques durs et disques SSD ATA/SATA et SCSI/SAS :
root@debian11:~# apt install smartmontools -y root@debian11:~# smartctl --smart=on --saveauto=on --offlineauto=on -T permissive /dev/sdb smartctl 7.2 2020-12-30 r5155 [x86_64-linux-5.10.0-13-amd64] (local build) Copyright (C) 2002-20, Bruce Allen, Christian Franke, www.smartmontools.org === START OF ENABLE/DISABLE COMMANDS SECTION === unable to fetch IEC (SMART) mode page [unsupported field in scsi command] Enable autosave (clear GLTSD bit) failed root@debian11:~# smartctl -a /dev/sdb smartctl 7.2 2020-12-30 r5155 [x86_64-linux-5.10.0-13-amd64] (local build) Copyright (C) 2002-20, Bruce Allen, Christian Franke, www.smartmontools.org === START OF INFORMATION SECTION === Vendor: QEMU Product: QEMU HARDDISK Revision: 2.5+ Compliance: SPC-3 User Capacity: 68,719,476,736 bytes [68.7 GB] Logical block size: 512 bytes LU is thin provisioned, LBPRZ=0 Device type: disk Local Time is: Tue Nov 15 09:56:55 2022 CET SMART support is: Unavailable - device lacks SMART capability. === START OF READ SMART DATA SECTION === Current Drive Temperature: 0 C Drive Trip Temperature: 0 C Error Counter logging not supported Device does not support Self Test logging
Les options de cette commande sont :
root@debian11:~# smartctl --help
smartctl 7.2 2020-12-30 r5155 [x86_64-linux-5.10.0-13-amd64] (local build)
Copyright (C) 2002-20, Bruce Allen, Christian Franke, www.smartmontools.org
Usage: smartctl [options] device
============================================ SHOW INFORMATION OPTIONS =====
-h, --help, --usage
Display this help and exit
-V, --version, --copyright, --license
Print license, copyright, and version information and exit
-i, --info
Show identity information for device
--identify[=[w][nvb]]
Show words and bits from IDENTIFY DEVICE data (ATA)
-g NAME, --get=NAME
Get device setting: all, aam, apm, dsn, lookahead, security,
wcache, rcache, wcreorder, wcache-sct
-a, --all
Show all SMART information for device
-x, --xall
Show all information for device
--scan
Scan for devices
--scan-open
Scan for devices and try to open each device
================================== SMARTCTL RUN-TIME BEHAVIOR OPTIONS =====
-j, --json[=cgiosuvy]
Print output in JSON or YAML format
-q TYPE, --quietmode=TYPE (ATA)
Set smartctl quiet mode to one of: errorsonly, silent, noserial
-d TYPE, --device=TYPE
Specify device type to one of:
ata, scsi[+TYPE], nvme[,NSID], sat[,auto][,N][+TYPE], usbcypress[,X], usbjmicron[,p][,x][,N], usbprolific, usbsunplus, sntjmicron[,NSID], sntrealtek, intelliprop,N[+TYPE], jmb39x[-q],N[,sLBA][,force][+TYPE], jms56x,N[,sLBA][,force][+TYPE], marvell, areca,N/E, 3ware,N, hpt,L/M/N, megaraid,N, aacraid,H,L,ID, cciss,N, auto, test
-T TYPE, --tolerance=TYPE (ATA)
Tolerance: normal, conservative, permissive, verypermissive
-b TYPE, --badsum=TYPE (ATA)
Set action on bad checksum to one of: warn, exit, ignore
-r TYPE, --report=TYPE
Report transactions (see man page)
-n MODE[,STATUS], --nocheck=MODE[,STATUS] (ATA, SCSI)
No check if: never, sleep, standby, idle (see man page)
============================== DEVICE FEATURE ENABLE/DISABLE COMMANDS =====
-s VALUE, --smart=VALUE
Enable/disable SMART on device (on/off)
-o VALUE, --offlineauto=VALUE (ATA)
Enable/disable automatic offline testing on device (on/off)
-S VALUE, --saveauto=VALUE (ATA)
Enable/disable Attribute autosave on device (on/off)
-s NAME[,VALUE], --set=NAME[,VALUE]
Enable/disable/change device setting: aam,[N|off], apm,[N|off],
dsn,[on|off], lookahead,[on|off], security-freeze,
standby,[N|off|now], wcache,[on|off], rcache,[on|off],
wcreorder,[on|off[,p]], wcache-sct,[ata|on|off[,p]]
======================================= READ AND DISPLAY DATA OPTIONS =====
-H, --health
Show device SMART health status
-c, --capabilities (ATA, NVMe)
Show device SMART capabilities
-A, --attributes
Show device SMART vendor-specific Attributes and values
-f FORMAT, --format=FORMAT (ATA)
Set output format for attributes: old, brief, hex[,id|val]
-l TYPE, --log=TYPE
Show device log. TYPE: error, selftest, selective, directory[,g|s],
xerror[,N][,error], xselftest[,N][,selftest], background,
sasphy[,reset], sataphy[,reset], scttemp[sts,hist],
scttempint,N[,p], scterc[,N,M], devstat[,N], defects[,N], ssd,
gplog,N[,RANGE], smartlog,N[,RANGE], nvmelog,N,SIZE
-v N,OPTION , --vendorattribute=N,OPTION (ATA)
Set display OPTION for vendor Attribute N (see man page)
-F TYPE, --firmwarebug=TYPE (ATA)
Use firmware bug workaround:
none, nologdir, samsung, samsung2, samsung3, xerrorlba, swapid
-P TYPE, --presets=TYPE (ATA)
Drive-specific presets: use, ignore, show, showall
-B [+]FILE, --drivedb=[+]FILE (ATA)
Read and replace [add] drive database from FILE
[default is +/etc/smart_drivedb.h
and then /var/lib/smartmontools/drivedb/drivedb.h]
============================================ DEVICE SELF-TEST OPTIONS =====
-t TEST, --test=TEST
Run test. TEST: offline, short, long, conveyance, force, vendor,N,
select,M-N, pending,N, afterselect,[on|off]
-C, --captive
Do test in captive mode (along with -t)
-X, --abort
Abort any non-captive test on device
=================================================== SMARTCTL EXAMPLES =====
smartctl --all /dev/sda (Prints all SMART information)
smartctl --smart=on --offlineauto=on --saveauto=on /dev/sda
(Enables SMART on first disk)
smartctl --test=long /dev/sda (Executes extended disk self-test)
smartctl --attributes --log=selftest --quietmode=errorsonly /dev/sda
(Prints Self-Test & Attribute errors)
smartctl --all --device=3ware,2 /dev/sda
smartctl --all --device=3ware,2 /dev/twe0
smartctl --all --device=3ware,2 /dev/twa0
smartctl --all --device=3ware,2 /dev/twl0
(Prints all SMART info for 3rd ATA disk on 3ware RAID controller)
smartctl --all --device=hpt,1/1/3 /dev/sda
(Prints all SMART info for the SATA disk attached to the 3rd PMPort
of the 1st channel on the 1st HighPoint RAID controller)
smartctl --all --device=areca,3/1 /dev/sg2
(Prints all SMART info for 3rd ATA disk of the 1st enclosure
on Areca RAID controller)
Cette commande permet d'activer ou désactiver la comptabilisation des processus :
root@debian11:~# apt install acct -y root@debian11:~# accton on Turning on process accounting, file set to the default '/var/log/account/pacct'.
Par contre le fichier /var/log/account/pacct ne peut pas être lu avec les utilitaires de consultation de fichiers texte :
root@debian11:~# cat /var/log/account/pacct
m Usc acctonl h Uscg&Jsystemd-tty-askh * Usc?$Isystemctl* ) UsctBt aacct.postinst
p o Usc$mandb
q o Usc$mandb
s r Usc$mandb
r o Usc$mandb
to Usc$mandb
u o Usc$mandb
w v Usc$mandb
v o Usc$mandb
x o Usc$mandb
y o Usc$mandb
{ z Usc$mandb
z o Usc$mandb
...
Usc$mandb
o Usc$mandb
o Usc$mandb
o Usc$mandb
Usc$mandb
o Usc$mandb
o Usc$mandb
o Usc$mandb
Usc$mandb
o Usc$mandb
o Usc$mandb
Usc$mandb
o Usc$mandb
o n Usc
Brmandbn ) UscBt `man-db.postinst ) Usct :sh) UscCm&)
dpkg Uscq$dpkg Uscq$dpkg Uscq$dpkg Usc<test Usc<test UscIgdbus Usc<echo Usct ;sh UscR?aapt UscC')$apt Uscaccton Usc Waccton2RscGkworker/dying Uscless Usc$systemctl Uscless Usc$systemctlroot@debian11:~#
La commande dump-acct permet de voir son contenu mais pas de l'exploiter :
root@debian11:~# dump-acct /var/log/account/pacct accton |v3| 0.00| 0.00| 0.00| 0| 0| 2304.00| 0.00| 2413| 1|S | 0|__ |Tue Nov 15 10:02:13 2022 systemd-tty-ask |v3| 0.00| 0.00| 0.00| 0| 0| 13112.00| 0.00| 2412| 2408|S | 0|pts/1 |Tue Nov 15 10:02:13 2022 systemctl |v3| 0.00| 0.00| 1.00| 0| 0| 10080.00| 0.00| 2408| 2346|S | 0|pts/1 |Tue Nov 15 10:02:13 2022 acct.postinst |v3| 0.00| 0.00| 61.00| 0| 0| 2420.00| 0.00| 2346| 2345| | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2416| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2417| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2419| 2418| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9520.00| 0.00| 2418| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2420| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2421| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2423| 2422| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9536.00| 0.00| 2422| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2424| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2425| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2427| 2426| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9536.00| 0.00| 2426| 2415| F | 0|pts/1 |Tue Nov 15 10:02:13 2022 mandb |v3| 0.00| 0.00| 0.00| 6| 12| 9352.00| 0.00| 2428| 2415| F X| 0|pts/1 |Tue Nov 15 10:02:13 2022 ...
Les options de cette commande sont :
root@debian11:~# dump-acct --help
Usage: dump-acct [-hrR] [-n <recs>] <files>
[--num <recs>] [--raw] [--reverse] [--help]
[--format <version>] [--byteswap]
[--ahz <freq>]
The system's default process accounting file is /var/log/account/pacct.
Cette commande vous renseigne sur l'historique et les statistiques des commandes par utilisateur :
root@debian11:~# lastcomm kworker/dying F root __ 0.00 secs Tue Nov 15 09:58 dump-acct root pts/0 0.00 secs Tue Nov 15 10:08 kworker/dying F root __ 0.06 secs Tue Nov 15 09:10 kworker/dying F root __ 0.00 secs Tue Nov 15 00:20 dump-acct root pts/0 0.00 secs Tue Nov 15 10:07 cat root pts/0 0.00 secs Tue Nov 15 10:05 systemctl S root pts/0 0.00 secs Tue Nov 15 10:03 less S root pts/0 0.00 secs Tue Nov 15 10:03 systemctl S root pts/0 0.00 secs Tue Nov 15 10:03 less S root pts/0 0.00 secs Tue Nov 15 10:03 kworker/dying F root __ 0.00 secs Tue Nov 15 09:47 accton S root pts/0 0.00 secs Tue Nov 15 10:02 accton root pts/0 0.00 secs Tue Nov 15 10:02 apt S root pts/0 0.46 secs Tue Nov 15 10:02 apt F root pts/0 0.00 secs Tue Nov 15 10:02 sh root pts/0 0.00 secs Tue Nov 15 10:02 echo root pts/0 0.00 secs Tue Nov 15 10:02 gdbus S X root pts/0 0.00 secs Tue Nov 15 10:02 test root pts/0 0.00 secs Tue Nov 15 10:02 test root pts/0 0.00 secs Tue Nov 15 10:02 dpkg S root pts/0 0.00 secs Tue Nov 15 10:02 dpkg S root pts/0 0.00 secs Tue Nov 15 10:02 dpkg S root pts/0 0.00 secs Tue Nov 15 10:02 dpkg S root pts/1 0.01 secs Tue Nov 15 10:02 sh root pts/1 0.00 secs Tue Nov 15 10:02 man-db.postinst root pts/1 0.00 secs Tue Nov 15 10:02 mandb S man pts/1 0.07 secs Tue Nov 15 10:02 mandb F man pts/1 0.00 secs Tue Nov 15 10:02 mandb F man pts/1 0.00 secs Tue Nov 15 10:02 mandb F man pts/1 0.00 secs Tue Nov 15 10:02 mandb F man pts/1 0.00 secs Tue Nov 15 10:02 mandb F man pts/1 0.00 secs Tue Nov 15 10:02 ... acct.postinst root pts/1 0.00 secs Tue Nov 15 10:02 systemctl S root pts/1 0.00 secs Tue Nov 15 10:02 systemd-tty-ask S root pts/1 0.00 secs Tue Nov 15 10:02 accton S root __ 0.00 secs Tue Nov 15 10:02 root@debian11:~# lastcomm systemctl systemctl S root pts/0 0.00 secs Tue Nov 15 10:03 systemctl S root pts/0 0.00 secs Tue Nov 15 10:03 systemctl S root pts/1 0.00 secs Tue Nov 15 10:02
Les options de cette commande sont :
systemctl S root pts/1 0.00 secs Tue Nov 15 10:02
root@debian11:~# lastcomm --help
Usage: lastcomm [-hpV] [-f file] [command] ... [user] ... [terminal] ...
[--forwards] [--file <file>] [--strict-match] [--print-controls]
[--user <name>] [--tty <name>] [--command <name>] [--debug]
[--show-paging] [--pid] [--ahz <freq>] [--version] [--help]
The system's default process accounting file is /var/log/account/pacct.
Cette commande vous renseigne sur les statistiques sur les processus lancés et leurs ressources systèmes:
root@debian11:~# sa -u | egrep "root" root 0.00 cpu 576k mem 0 io accton root 0.00 cpu 3278k mem 0 io systemd-tty-ask root 0.00 cpu 2520k mem 0 io systemctl root 0.00 cpu 605k mem 0 io acct.postinst root 0.00 cpu 605k mem 0 io man-db.postinst root 0.00 cpu 605k mem 0 io sh root 0.01 cpu 3290k mem 0 io dpkg root 0.00 cpu 2274k mem 0 io dpkg root 0.00 cpu 2274k mem 0 io dpkg root 0.00 cpu 2274k mem 0 io dpkg root 0.00 cpu 1329k mem 0 io test root 0.00 cpu 1329k mem 0 io test root 0.00 cpu 39712k mem 0 io gdbus root 0.00 cpu 1325k mem 0 io echo root 0.00 cpu 605k mem 0 io sh root 0.00 cpu 16036k mem 0 io apt * root 0.46 cpu 5006k mem 0 io apt root 0.00 cpu 0k mem 0 io accton root 0.00 cpu 576k mem 0 io accton root 0.00 cpu 0k mem 0 io kworker/dying * root 0.00 cpu 1412k mem 0 io less root 0.00 cpu 2520k mem 0 io systemctl root 0.00 cpu 1412k mem 0 io less root 0.00 cpu 2520k mem 0 io systemctl root 0.00 cpu 1326k mem 0 io cat root 0.00 cpu 907k mem 0 io dump-acct root 0.00 cpu 0k mem 0 io kworker/dying * root 0.06 cpu 0k mem 0 io kworker/dying * root 0.00 cpu 1006k mem 0 io dump-acct root 0.00 cpu 0k mem 0 io kworker/dying * root 0.00 cpu 1028k mem 0 io lastcomm root 0.00 cpu 1027k mem 0 io lastcomm root 0.00 cpu 1027k mem 0 io lastcomm root 0.00 cpu 908k mem 0 io lastcomm root 0.00 cpu 0k mem 0 io kworker/dying *
Les options de cette commande sont :
root@debian11:~# sa --help
Usage: sa [ options ] [ file ]
options: [-abcdfiljkmnprstuDKP] [-v <num>] [--version] [--help]
[--other-acct-file <name>] [--other-usracct-file <name>]
[--print-seconds] [--dont-read-summary-files] [--debug]
[--separate-times] [--other-savacct-file <name>] [--percentages]
[--print-ratio] [--print-users] [--merge] [--user-summary] [--group-summary]
[--list-all-names] [--not-interactive] [--threshold <num>]
[--sort-ksec] [--sort-tio] [--sort-sys-user-div-calls] [--sort-avio]
[--sort-cpu-avmem] [--sort-num-calls] [--sort-real-time] [--ahz hz]
[--show-paging] [--show-paging-avg]
The system's default process accounting files are:
raw process accounting data: /var/log/account/pacct
summary by command name: /var/log/account/savacct
summary by username: /var/log/account/usracct
Cette commande vous renseigne sur les statistiques des temps de connexion des utilisateurs :
root@debian11:~# ac -p
trainee 182.84
total 182.84
root@debian11:~# ac -d
Apr 25 total 16.95
May 1 total 0.02
Jun 18 total 0.09
Jul 4 total 10.46
Jul 10 total 0.03
Oct 9 total 4.94
Oct 10 total 24.34
Oct 11 total 37.57
Oct 13 total 85.76
Nov 14 total 2.29
Today total 0.40
Les options de cette commande sont :
root@debian11:~# ac --help Usage: ac [OPTION] ... OPTIONS: -d, --daily-totals Print totals for each day -p, --individual-totals Print time totals for each user -f, --file <file> Read from <file> --complain Print errors for whatever problem --reboots Count the time between login and reboot --supplants Count the time between logins on the terminal --timewarps Count the time between login and time warp --compatibility Shortcut for --reboots --supplants --timewarps -a, --all-days Do not skip days without login activity --tw-leniency <value> Set the time warp leniency <value> in seconds --tw-suspicious <value> Set the time warp suspicious <value> in seconds --print-year Print year when displaying dates --print-zeros Don't suppress zeros in category totals --debug Print verbose internal information -V, --version Show version and exit -h, --help Show help and exit The system's default login accounting file is /var/log/wtmp.
Le répertoire /proc contient des fichiers et des répertoires virtuels. Le contenu de ces fichiers est créé dynamiquement lors de la consultation. Seul root peut consulter la totalité des informations dans le répertoire /proc.
root@debian11:~# ls /proc 1 128 24 34952 46798 54400 55364 56363 57690 68 acpi dynamic_debug key-users mtrr sys 10 13 244 4 46804 54401 55367 56440 57691 71 buddyinfo execdomains kmsg net sysrq-trigger 11 15 25 42378 46805 54405 55368 56894 57772 72 bus fb kpagecgroup pagetypeinfo sysvipc 116 16 27 42390 46806 54406 55385 56910 57773 7576 cgroups filesystems kpagecount partitions thread-self 119 17 28 42391 46808 54407 55392 56911 57781 7708 cmdline fs kpageflags pressure timer_list 12 176 287 42392 46812 54408 55549 56912 57785 7709 consoles interrupts loadavg sched_debug tty 120 177 29 42401 46813 55 55563 57 57792 7883 cpuinfo iomem locks schedstat uptime 121 18 3 42402 50 55345 55565 57148 57798 7894 crypto ioports mdstat self version 122 2 30 46777 51 55347 55569 57149 57800 8 devices irq meminfo slabinfo vmallocinfo 123 20 31 46780 52 55348 55571 57150 58 8904 diskstats kallsyms misc softirqs vmstat 126 214 32 46782 53 55350 56 57308 59 8905 dma kcore modules stat zoneinfo 127 23 34924 46797 54 55353 56135 57689 6 9 driver keys mounts swaps
root@debian11:~# cat /proc/cpuinfo processor : 0 vendor_id : GenuineIntel cpu family : 15 model : 6 model name : Common KVM processor stepping : 1 microcode : 0x1 cpu MHz : 2399.982 cache size : 16384 KB physical id : 0 siblings : 2 core id : 0 cpu cores : 2 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit bogomips : 4799.96 clflush size : 64 cache_alignment : 128 address sizes : 40 bits physical, 48 bits virtual power management: processor : 1 vendor_id : GenuineIntel cpu family : 15 model : 6 model name : Common KVM processor stepping : 1 microcode : 0x1 cpu MHz : 2399.982 cache size : 16384 KB physical id : 0 siblings : 2 core id : 1 cpu cores : 2 apicid : 1 initial apicid : 1 fpu : yes fpu_exception : yes cpuid level : 13 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx lm constant_tsc nopl xtopology cpuid tsc_known_freq pni cx16 x2apic hypervisor lahf_lm cpuid_fault pti bugs : cpu_meltdown spectre_v1 spectre_v2 spec_store_bypass l1tf mds swapgs itlb_multihit bogomips : 4799.96 clflush size : 64 cache_alignment : 128 address sizes : 40 bits physical, 48 bits virtual power management:
root@debian11:~# cat /proc/interrupts
CPU0 CPU1
0: 29 0 IO-APIC 2-edge timer
1: 0 9 IO-APIC 1-edge i8042
6: 0 3 IO-APIC 6-edge floppy
8: 1 0 IO-APIC 8-edge rtc0
9: 0 0 IO-APIC 9-fasteoi acpi
10: 0 177277 IO-APIC 10-fasteoi virtio0
11: 40 0 IO-APIC 11-fasteoi uhci_hcd:usb1
12: 15 0 IO-APIC 12-edge i8042
14: 0 0 IO-APIC 14-edge ata_piix
15: 0 352265 IO-APIC 15-edge ata_piix
24: 0 0 PCI-MSI 294912-edge virtio2-config
25: 24163 0 PCI-MSI 294913-edge virtio2-input.0
26: 0 18954 PCI-MSI 294914-edge virtio2-output.0
27: 0 0 PCI-MSI 81920-edge virtio1-config
28: 0 0 PCI-MSI 81921-edge virtio1-control
29: 0 0 PCI-MSI 81922-edge virtio1-event
30: 74023 0 PCI-MSI 81923-edge virtio1-request
31: 0 71408 PCI-MSI 81924-edge virtio1-request
NMI: 0 0 Non-maskable interrupts
LOC: 1701175 2400564 Local timer interrupts
SPU: 0 0 Spurious interrupts
PMI: 0 0 Performance monitoring interrupts
IWI: 1 0 IRQ work interrupts
RTR: 0 0 APIC ICR read retries
RES: 284026 248715 Rescheduling interrupts
CAL: 47419 21994 Function call interrupts
TLB: 23047 13223 TLB shootdowns
TRM: 0 0 Thermal event interrupts
THR: 0 0 Threshold APIC interrupts
DFR: 0 0 Deferred Error APIC interrupts
MCE: 0 0 Machine check exceptions
MCP: 1140 1140 Machine check polls
ERR: 0
MIS: 0
PIN: 0 0 Posted-interrupt notification event
NPI: 0 0 Nested posted-interrupt event
PIW: 0 0 Posted-interrupt wakeup event
Important : Un pilote de périphérique demande au processeur de fournir un service en utilisant un IRQ. Quand la demande est faite, le processeur interrompe ses activités et passe le contrôle au pilote identifié par l'IRQ. Techniquement l'attribution d'un IRQ à un périphérique doit être exclusive. Dans le cas où deux périphériques demandent un service en même temps, c'est le périphérique ayant l'IRQ le plus bas qui est prioritaire.
root@debian11:~# cat /proc/dma 2: floppy 4: cascade
root@debian11:~# cat /proc/ioports
0000-0cf7 : PCI Bus 0000:00
0000-001f : dma1
0020-0021 : pic1
0040-0043 : timer0
0050-0053 : timer1
0060-0060 : keyboard
0064-0064 : keyboard
0070-0077 : rtc0
0080-008f : dma page reg
00a0-00a1 : pic2
00c0-00df : dma2
00f0-00ff : fpu
0170-0177 : 0000:00:01.1
0170-0177 : ata_piix
01f0-01f7 : 0000:00:01.1
01f0-01f7 : ata_piix
0376-0376 : 0000:00:01.1
0376-0376 : ata_piix
03c0-03df : vga+
03f2-03f2 : floppy
03f4-03f5 : floppy
03f6-03f6 : 0000:00:01.1
03f6-03f6 : ata_piix
03f7-03f7 : floppy
0510-051b : QEMU0002:00
0510-051b : fw_cfg_io
0600-063f : 0000:00:01.3
0600-0603 : ACPI PM1a_EVT_BLK
0604-0605 : ACPI PM1a_CNT_BLK
0608-060b : ACPI PM_TMR
0700-070f : 0000:00:01.3
0700-0708 : piix4_smbus
0cf8-0cff : PCI conf1
0d00-ffff : PCI Bus 0000:00
afe0-afe3 : ACPI GPE0_BLK
c000-cfff : PCI Bus 0000:02
d000-dfff : PCI Bus 0000:01
e000-e03f : 0000:00:03.0
e040-e07f : 0000:00:05.0
e080-e09f : 0000:00:01.2
e080-e09f : uhci_hcd
e0a0-e0bf : 0000:00:12.0
e0c0-e0cf : 0000:00:01.1
e0c0-e0cf : ata_piix
Important - Si deux périphériques ont le même port, les deux périphériques seront inutilisables.
root@debian11:~# cat /proc/devices Character devices: 1 mem 4 /dev/vc/0 4 tty 4 ttyS 5 /dev/tty 5 /dev/console 5 /dev/ptmx 6 lp 7 vcs 10 misc 13 input 21 sg 29 fb 99 ppdev 128 ptm 136 pts 153 spi 180 usb 189 usb_device 226 drm 248 hidraw 249 aux 250 cec 251 bsg 252 rtc 253 dax 254 gpiochip Block devices: 2 fd 8 sd 9 md 11 sr 65 sd 66 sd 67 sd 68 sd 69 sd 70 sd 71 sd 128 sd 129 sd 130 sd 131 sd 132 sd 133 sd 134 sd 135 sd 253 mdp 254 device-mapper 259 blkext
root@debian11:~# cat /proc/modules | more ufs 94208 0 - Live 0xffffffffc0cde000 qnx4 16384 0 - Live 0xffffffffc07a3000 hfsplus 126976 0 - Live 0xffffffffc0d2b000 hfs 73728 0 - Live 0xffffffffc0cc4000 minix 45056 0 - Live 0xffffffffc0cb8000 vfat 20480 0 - Live 0xffffffffc0cb2000 msdos 20480 0 - Live 0xffffffffc0cac000 fat 86016 2 vfat,msdos, Live 0xffffffffc0c8f000 jfs 212992 0 - Live 0xffffffffc0cf6000 xfs 1773568 0 - Live 0xffffffffc0add000 xts 16384 1 - Live 0xffffffffc0ad2000 dm_crypt 53248 1 - Live 0xffffffffc0ac4000 cbc 16384 0 - Live 0xffffffffc0abf000 aes_generic 36864 3 - Live 0xffffffffc0ab5000 libaes 16384 1 aes_generic, Live 0xffffffffc0ab0000 crypto_simd 16384 0 - Live 0xffffffffc0aab000 cryptd 24576 1 crypto_simd, Live 0xffffffffc0a9f000 glue_helper 16384 0 - Live 0xffffffffc08dd000 ecb 16384 2 - Live 0xffffffffc0883000 ecryptfs 122880 0 - Live 0xffffffffc0a80000 btrfs 1568768 0 - Live 0xffffffffc0900000 blake2b_generic 20480 0 - Live 0xffffffffc087d000 raid1 53248 0 - Live 0xffffffffc08f2000 dm_raid 45056 0 - Live 0xffffffffc08e6000 raid456 180224 1 dm_raid, Live 0xffffffffc08b0000 async_raid6_recov 24576 1 raid456, Live 0xffffffffc08a7000 async_memcpy 20480 2 raid456,async_raid6_recov, Live 0xffffffffc089f000 async_pq 20480 2 raid456,async_raid6_recov, Live 0xffffffffc0899000 async_xor 20480 3 raid456,async_raid6_recov,async_pq, Live 0xffffffffc0893000 async_tx 20480 5 raid456,async_raid6_recov,async_memcpy,async_pq,async_xor, Live 0xffffffffc088a000 md_mod 180224 3 raid1,dm_raid,raid456, Live 0xffffffffc0850000 xor 24576 2 btrfs,async_xor, Live 0xffffffffc0845000 raid6_pq 122880 4 btrfs,raid456,async_raid6_recov,async_pq, Live 0xffffffffc0822000 libcrc32c 16384 3 xfs,btrfs,raid456, Live 0xffffffffc07b3000 dm_snapshot 53248 0 - Live 0xffffffffc07b9000 dm_bufio 36864 1 dm_snapshot, Live 0xffffffffc07a9000 dm_mod 163840 10 dm_crypt,dm_raid,dm_snapshot,dm_bufio, Live 0xffffffffc07f6000 rfkill 28672 0 - Live 0xffffffffc07cb000 joydev 28672 0 - Live 0xffffffffc0725000 evdev 28672 2 - Live 0xffffffffc071d000 virtio_balloon 24576 0 - Live 0xffffffffc06f7000 sg 36864 0 - Live 0xffffffffc06cc000 serio_raw 20480 0 - Live 0xffffffffc06ba000 pcspkr 16384 0 - Live 0xffffffffc06b0000 qemu_fw_cfg 20480 0 - Live 0xffffffffc06aa000 parport_pc 40960 0 - Live 0xffffffffc0679000 ppdev 24576 0 - Live 0xffffffffc0664000 lp 20480 0 - Live 0xffffffffc066b000 parport 69632 3 parport_pc,ppdev,lp, Live 0xffffffffc0652000 fuse 167936 1 - Live 0xffffffffc0628000 --More-- [q]
root@debian11:~# cat /proc/diskstats 11 0 sr0 77 0 4235 23 0 0 0 0 0 68 23 0 0 0 0 0 0 8 0 sda 12242 8305 1103196 42502 11683 13369 1910368 718254 0 105044 783887 0 0 0 0 2936 23131 8 1 sda1 11481 8305 1067918 41666 10597 13369 1910368 717761 0 103920 759427 0 0 0 0 0 0 8 2 sda2 11 0 14 38 0 0 0 0 0 64 38 0 0 0 0 0 0 8 5 sda5 201 0 14692 296 0 0 0 0 0 460 296 0 0 0 0 0 0 8 16 sdb 227 0 8976 27 0 0 0 0 0 72 27 0 0 0 0 0 0 8 32 sdc 5023 507625 4247435 13154 1528 253646 2060274 14491 0 12120 31223 0 0 0 0 141 3577 8 33 sdc1 144 0 9972 5 0 0 0 0 0 68 5 0 0 0 0 0 0 8 34 sdc2 138 0 9924 6 0 0 0 0 0 64 6 0 0 0 0 0 0 8 35 sdc3 138 0 9924 6 0 0 0 0 0 64 6 0 0 0 0 0 0 8 36 sdc4 24 0 566 43 0 0 0 0 0 124 43 0 0 0 0 0 0 8 37 sdc5 941 127001 1035648 1742 19 0 26 1281 0 3504 3024 0 0 0 0 0 0 8 38 sdc6 278 0 24508 243 0 0 0 0 0 352 243 0 0 0 0 0 0 8 39 sdc7 220 8 19832 268 0 0 0 0 0 376 268 0 0 0 0 0 0 8 40 sdc8 1539 253750 2054126 3152 41 0 48 3380 0 6968 6533 0 0 0 0 0 0 8 41 sdc9 142 4 19720 211 0 0 0 0 0 332 211 0 0 0 0 0 0 8 42 sdc10 807 126861 1033214 5955 734 126795 1019952 4901 0 8468 10857 0 0 0 0 0 0 8 43 sdc11 281 1 9545 835 715 126851 1040248 4581 0 5564 5417 0 0 0 0 0 0 8 44 sdc12 148 0 13300 287 0 0 0 0 0 368 287 0 0 0 0 0 0 254 0 dm-0 210 0 8440 72 0 0 0 0 0 108 72 0 0 0 0 0 0 254 1 dm-1 242 0 8440 164 0 0 0 0 0 168 164 0 0 0 0 0 0 9 1 md1 57 0 2304 0 0 0 0 0 0 0 0 0 0 0 0 0 0
root@debian11:~# cat /proc/partitions major minor #blocks name 11 0 387072 sr0 8 0 33554432 sda 8 1 32552960 sda1 8 2 1 sda2 8 5 998400 sda5 8 16 67108864 sdb 8 32 4194304 sdc 8 33 102400 sdc1 8 34 102400 sdc2 8 35 102400 sdc3 8 36 1 sdc4 8 37 512000 sdc5 8 38 204800 sdc6 8 39 307200 sdc7 8 40 512000 sdc8 8 41 409600 sdc9 8 42 512000 sdc10 8 43 512000 sdc11 8 44 204800 sdc12 254 0 106496 dm-0 254 1 114688 dm-1 9 1 1019904 md1
root@debian11:~# cat /proc/swaps Filename Type Size Used Priority /dev/sda5 partition 998396 0 -2
root@debian11:~# cat /proc/loadavg 0.00 0.00 0.00 1/292 57813
root@debian11:~# cat /proc/meminfo MemTotal: 4025596 kB MemFree: 2604608 kB MemAvailable: 3626000 kB Buffers: 28244 kB Cached: 1159028 kB SwapCached: 0 kB Active: 447852 kB Inactive: 807036 kB Active(anon): 748 kB Inactive(anon): 68892 kB Active(file): 447104 kB Inactive(file): 738144 kB Unevictable: 0 kB Mlocked: 0 kB SwapTotal: 998396 kB SwapFree: 998396 kB Dirty: 0 kB Writeback: 0 kB AnonPages: 67648 kB Mapped: 65484 kB Shmem: 2024 kB KReclaimable: 82492 kB Slab: 120008 kB SReclaimable: 82492 kB SUnreclaim: 37516 kB KernelStack: 4688 kB PageTables: 3504 kB NFS_Unstable: 0 kB Bounce: 0 kB WritebackTmp: 0 kB CommitLimit: 3011192 kB Committed_AS: 1645372 kB VmallocTotal: 34359738367 kB VmallocUsed: 27688 kB VmallocChunk: 0 kB Percpu: 2080 kB HardwareCorrupted: 0 kB AnonHugePages: 26624 kB ShmemHugePages: 0 kB ShmemPmdMapped: 0 kB FileHugePages: 0 kB FilePmdMapped: 0 kB HugePages_Total: 0 HugePages_Free: 0 HugePages_Rsvd: 0 HugePages_Surp: 0 Hugepagesize: 2048 kB Hugetlb: 0 kB DirectMap4k: 114536 kB DirectMap2M: 4079616 kB
root@debian11:~# cat /proc/version Linux version 5.10.0-13-amd64 (debian-kernel@lists.debian.org) (gcc-10 (Debian 10.2.1-6) 10.2.1 20210110, GNU ld (GNU Binutils for Debian) 2.35.2) #1 SMP Debian 5.10.106-1 (2022-03-17)
Ce répertoire contient des répertoires dans lesquels se trouvent des informations sur la capacité, le type et la géométrie des disques.
Ce répertoire contient des informations sur la gestion de l'énérgie, les températures, les vitesses de ventilateurs, la charge des batteries.
Ce répertoire contient un sous-répertoire par bus.
Ce répertoire contient des informations sur le réseau.
Ce répertoire contient des paramètres du noyau. Certains des fichiers dans ce répertoire sont accessibles en écriture par root en temps réel. Par exemple pour éviter des attaques réseau DoS utilisant la commande ping, saisissez la commande suivante :
# echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all [Entrée]
Cette commande a pour résultat d'ignorer les reqûetes ping.
Les fichiers dans le répertoire /proc/sys peuvent être administrés par la commande sysctl en temps réel.
La commande sysctl applique les règles consignés dans le fichier /etc/sysctl.conf au démarrage de la machine.
Saisissez la commande :
root@debian11:~# cat /etc/sysctl.conf # # /etc/sysctl.conf - Configuration file for setting system variables # See /etc/sysctl.d/ for additional system variables. # See sysctl.conf (5) for information. # #kernel.domainname = example.com # Uncomment the following to stop low-level messages on console #kernel.printk = 3 4 1 3 ################################################################### # Functions previously found in netbase # # Uncomment the next two lines to enable Spoof protection (reverse-path filter) # Turn on Source Address Verification in all interfaces to # prevent some spoofing attacks #net.ipv4.conf.default.rp_filter=1 #net.ipv4.conf.all.rp_filter=1 # Uncomment the next line to enable TCP/IP SYN cookies # See http://lwn.net/Articles/277146/ # Note: This may impact IPv6 TCP sessions too #net.ipv4.tcp_syncookies=1 # Uncomment the next line to enable packet forwarding for IPv4 #net.ipv4.ip_forward=1 # Uncomment the next line to enable packet forwarding for IPv6 # Enabling this option disables Stateless Address Autoconfiguration # based on Router Advertisements for this host #net.ipv6.conf.all.forwarding=1 ################################################################### # Additional settings - these settings can improve the network # security of the host and prevent against some network attacks # including spoofing attacks and man in the middle attacks through # redirection. Some network environments, however, require that these # settings are disabled so review and enable them as needed. # # Do not accept ICMP redirects (prevent MITM attacks) #net.ipv4.conf.all.accept_redirects = 0 #net.ipv6.conf.all.accept_redirects = 0 # _or_ # Accept ICMP redirects only for gateways listed in our default # gateway list (enabled by default) # net.ipv4.conf.all.secure_redirects = 1 # # Do not send ICMP redirects (we are not a router) #net.ipv4.conf.all.send_redirects = 0 # # Do not accept IP source route packets (we are not a router) #net.ipv4.conf.all.accept_source_route = 0 #net.ipv6.conf.all.accept_source_route = 0 # # Log Martian Packets #net.ipv4.conf.all.log_martians = 1 # ################################################################### # Magic system request Key # 0=disable, 1=enable all, >1 bitmask of sysrq functions # See https://www.kernel.org/doc/html/latest/admin-guide/sysrq.html # for what other values do #kernel.sysrq=438 root@debian11:~# ls -l /etc/sysctl.d/ total 4 lrwxrwxrwx 1 root root 14 Mar 20 20:55 99-sysctl.conf -> ../sysctl.conf -rw-r--r-- 1 root root 639 Apr 6 2021 README.sysctl
Les options de la commande sysctl sont :
root@debian11:~# sysctl --help
Usage:
sysctl [options] [variable[=value] ...]
Options:
-a, --all display all variables
-A alias of -a
-X alias of -a
--deprecated include deprecated parameters to listing
-b, --binary print value without new line
-e, --ignore ignore unknown variables errors
-N, --names print variable names without values
-n, --values print only values of the given variable(s)
-p, --load[=<file>] read values from file
-f alias of -p
--system read values from all system directories
-r, --pattern <expression>
select setting that match expression
-q, --quiet do not echo variable set
-w, --write enable writing a value to variable
-o does nothing
-x does nothing
-d alias of -h
-h, --help display this help and exit
-V, --version output version information and exit
For more details see sysctl(8).
Les informations brutes stockées dans /proc peuvent être interprétées grâce à l'utilisation des commandes dites de gestion des performances :
La commande free permet de donner l’état de la mémoire totale, libre, partagée, swap et bufferisée. Saisissez donc la commande suivante :
root@debian11:~# free -m
total used free shared buff/cache available
Mem: 3931 147 2543 1 1240 3541
Swap: 974 0 974
Dans le cas de cet exemple, nous pouvons constater que l’affichage montre :
Les options de cette commande sont :
root@debian11:~# free --help
Usage:
free [options]
Options:
-b, --bytes show output in bytes
--kilo show output in kilobytes
--mega show output in megabytes
--giga show output in gigabytes
--tera show output in terabytes
--peta show output in petabytes
-k, --kibi show output in kibibytes
-m, --mebi show output in mebibytes
-g, --gibi show output in gibibytes
--tebi show output in tebibytes
--pebi show output in pebibytes
-h, --human show human-readable output
--si use powers of 1000 not 1024
-l, --lohi show detailed low and high memory statistics
-t, --total show total for RAM + swap
-s N, --seconds N repeat printing every N seconds
-c N, --count N repeat printing N times, then exit
-w, --wide wide output
--help display this help and exit
-V, --version output version information and exit
For more details see free(1).
Chacune des ces commandes indique la charge moyenne du ou des processeurs depuis 1 minute, 5 minutes et 15 minutes :
root@debian11:~# uptime 15:51:36 up 4 days, 2:43, 1 user, load average: 0.10, 0.03, 0.01 root@debian11:~# w 15:51:38 up 4 days, 2:43, 1 user, load average: 0.10, 0.03, 0.01 USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT trainee pts/0 10.0.2.1 10:54 2.00s 0.43s 0.06s sshd: trainee [priv]
Les valeurs load average ou charge moyenne indiquent le nombre moyen de processus en cours de traitement ou en attente pour la période concernée.
Par exemple si les valeurs sur un système muni d'un seul processeur étaient 3,48 4,00 3,85 ceci indiquerait que le processeur a du mal à traiter les processus mettant en moyenne :
Les options de ces commandes sont :
root@debian11:~# uptime --help
Usage:
uptime [options]
Options:
-p, --pretty show uptime in pretty format
-h, --help display this help and exit
-s, --since system up since
-V, --version output version information and exit
For more details see uptime(1).
root@debian11:~# w --help
Usage:
w [options]
Options:
-h, --no-header do not print header
-u, --no-current ignore current process username
-s, --short short format
-f, --from show remote hostname field
-o, --old-style old style output
-i, --ip-addr display IP address instead of hostname (if possible)
--help display this help and exit
-V, --version output version information and exit
For more details see w(1).
La commande iostat affiche des statistiques sur l'utilisation des disques, des terminaux et des lecteurs de cartouche :
root@debian11:~# iostat -bash: iostat: command not found root@debian11:~# apt -y install sysstat
root@debian11:~# iostat
Linux 5.10.0-13-amd64 (debian11) 05/01/2022 _x86_64_ (2 CPU)
avg-cpu: %user %nice %system %iowait %steal %idle
0.21 0.00 0.11 0.31 0.00 99.38
Device tps kB_read/s kB_wrtn/s kB_dscd/s kB_read kB_wrtn kB_dscd
dm-0 0.01 0.29 0.00 0.00 4220 0 0
dm-1 0.02 0.29 0.00 0.00 4220 0 0
md1 0.00 0.08 0.00 0.00 1152 0 0
sda 1.64 37.79 65.45 0.00 551666 955604 0
sdb 0.02 0.31 0.00 0.00 4488 0 0
sdc 0.45 145.46 70.56 0.00 2123717 1030137 0
sr0 0.01 0.15 0.00 0.00 2117 0 0
Au-dessous de la première ligne indiquant la version du noyau du système et son nom d'hôte ainsi que la date actuelle, iostat affiche une vue d'ensemble de l'utilisation CPU moyenne du système depuis le dernier démarrage. Le rapport d'utilisation du CPU inclut les pourcentages suivants :
Notez la valeur de %iowait. Dans le cas où ce pourcentage est trop élévé, ceci indique que le processeur passe son temps à attendre les entrées et les sorties de disque.
Au-dessous du rapport d'utilisation du CPU de la sortie de la commande iostat figure le rapport d'utilisation des périphériques. Ce dernier contient une ligne pour chaque périphérique disque du système et inclut les informations suivantes :
Dernièrement, pour voir les statistiques étendues des disques, utilisez la commande suivante :
root@debian11:~# iostat -d -x Linux 5.10.0-13-amd64 (debian11) 05/01/2022 _x86_64_ (2 CPU) Device r/s rkB/s rrqm/s %rrqm r_await rareq-sz w/s wkB/s wrqm/s %wrqm w_await wareq-sz d/s dkB/s drqm/s %drqm d_await dareq-sz f/s f_await aqu-sz %util dm-0 0.01 0.29 0.00 0.00 0.34 20.10 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 dm-1 0.02 0.29 0.00 0.00 0.68 17.44 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 md1 0.00 0.08 0.00 0.00 0.00 20.21 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sda 0.84 37.71 0.57 40.42 3.47 45.06 0.80 65.31 0.91 53.23 61.25 81.27 0.00 0.00 0.00 0.00 0.00 0.00 0.20 7.89 0.05 0.72 sdb 0.02 0.31 0.00 0.00 0.12 19.77 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 sdc 0.34 145.15 34.70 99.02 2.62 422.80 0.10 70.41 17.34 99.40 9.48 674.17 0.00 0.00 0.00 0.00 0.00 0.00 0.01 25.37 0.00 0.08 sr0 0.01 0.14 0.00 0.00 0.30 27.50 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00
Les options de cette commande sont :
root@debian11:~# iostat --help
Usage: iostat [ options ] [ <interval> [ <count> ] ]
Options are:
[ -c ] [ -d ] [ -h ] [ -k | -m ] [ -N ] [ -s ] [ -t ] [ -V ] [ -x ] [ -y ] [ -z ]
[ { -f | +f } <directory> ] [ -j { ID | LABEL | PATH | UUID | ... } ]
[ --dec={ 0 | 1 | 2 } ] [ --human ] [ --pretty ] [ -o JSON ]
[ [ -H ] -g <group_name> ] [ -p [ <device> [,...] | ALL ] ]
[ <device> [...] | ALL ]
Pour surveiller la vitesse des entrées et des sorties du disque, vous pouvez utiliser la commande hdparm :
root@debian11:~# hdparm -t /dev/sdc root@debian11:~# apt -y install hdparm root@debian11:~# hdparm -t /dev/sdc /dev/sdc: Timing buffered disk reads: 2788 MB in 3.00 seconds = 928.32 MB/sec
La commande vmstat affiche des statistiques sur la mémoire, la pagination et la charge ponctuelle du processeur :
root@debian11:~# vmstat 1 10 procs -----------memory---------- ---swap-- -----io---- -system-- ------cpu----- r b swpd free buff cache si so bi bo in cs us sy id wa st 0 0 0 3229368 26228 621512 0 0 22 33 14 27 0 0 99 0 0 0 0 0 3229360 26228 621552 0 0 0 0 34 42 0 0 100 0 0 0 0 0 3229360 26228 621552 0 0 0 0 22 31 0 0 100 0 0 0 0 0 3229360 26228 621552 0 0 0 0 29 43 0 0 100 0 0 0 0 0 3229360 26228 621552 0 0 0 0 28 40 0 0 100 0 0 0 0 0 3229360 26228 621552 0 0 0 0 29 41 0 0 100 0 0 0 0 0 3229392 26236 621544 0 0 0 12 33 52 0 0 95 6 0 0 0 0 3229392 26236 621552 0 0 0 0 40 50 0 0 100 0 0 0 0 0 3229392 26236 621552 0 0 0 0 29 40 0 0 100 0 0 0 0 0 3229392 26236 621552 0 0 0 0 36 60 0 0 100 0 0
La première ligne subdivise le champ en six catégories à savoir : processus, mémoire, swap, E/S, système et CPU sur lesquelles elle donne des statistiques. La seconde ligne identifie de manière encore plus détaillée chacun des champs, permettant ainsi de parcourir simplement et rapidement l'ensemble des données lors de la recherche de statistiques spécifiques.
Les champs relatifs aux processus sont les suivants :
Les champs relatifs à la mémoire sont les suivants :
Les champs relatifs au swap sont les suivants :
Les champs relatifs aux Entrées/Sorties (E/S) sont les suivants :
Les champs relatifs au système sont les suivants :
Les champs relatifs au CPU sont les suivants :
Les options de cette commande sont :
root@debian11:~# vmstat --help Usage: vmstat [options] [delay [count]] Options: -a, --active active/inactive memory -f, --forks number of forks since boot -m, --slabs slabinfo -n, --one-header do not redisplay header -s, --stats event counter statistics -d, --disk disk statistics -D, --disk-sum summarize disk statistics -p, --partition <dev> partition specific statistics -S, --unit <char> define display unit -w, --wide wide output -t, --timestamp show timestamp -h, --help display this help and exit -V, --version output version information and exit For more details see vmstat(8).
Important : Par défaut la commande vmstat affiche des informations depuis le démarrage du système.
La commande mpstat affiche des statistiques détaillées sur le CPU :
root@debian11:~# mpstat Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:10:45 PM CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 04:10:45 PM all 0.04 0.00 0.02 0.12 0.00 0.00 0.00 0.00 0.00 99.83
Dans le cas où vous avez plusieurs processeurs ou coeurs, vous pouvez visualiser ces mêmes informations par unité de traitement :
root@debian11:~# mpstat -P ALL Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:11:05 PM CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 04:11:05 PM all 0.04 0.00 0.02 0.12 0.00 0.00 0.00 0.00 0.00 99.83 04:11:05 PM 0 0.04 0.00 0.02 0.13 0.00 0.00 0.00 0.00 0.00 99.81 04:11:05 PM 1 0.04 0.00 0.02 0.10 0.00 0.00 0.00 0.00 0.00 99.84
Pour afficher 5 jeux de statistiques à des intervales de 2 secondes pour tous les unités de traitement, il convient d'utiliser la commande suivante :
root@debian11:~# mpstat -P ALL 2 5 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:11:24 PM CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 04:11:26 PM all 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:26 PM 0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:26 PM 1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:26 PM CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 04:11:28 PM all 0.00 0.00 0.25 0.00 0.00 0.00 0.00 0.00 0.00 99.75 04:11:28 PM 0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:28 PM 1 0.00 0.00 0.50 0.00 0.00 0.00 0.00 0.00 0.00 99.50 04:11:28 PM CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 04:11:30 PM all 0.00 0.00 0.25 0.00 0.00 0.00 0.00 0.00 0.00 99.75 04:11:30 PM 0 0.00 0.00 0.50 0.00 0.00 0.00 0.00 0.00 0.00 99.50 04:11:30 PM 1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:30 PM CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 04:11:32 PM all 0.25 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 99.75 04:11:32 PM 0 0.50 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 99.50 04:11:32 PM 1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:32 PM CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle 04:11:34 PM all 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:34 PM 0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:11:34 PM 1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 Average: CPU %usr %nice %sys %iowait %irq %soft %steal %guest %gnice %idle Average: all 0.05 0.00 0.10 0.00 0.00 0.00 0.00 0.00 0.00 99.85 Average: 0 0.10 0.00 0.10 0.00 0.00 0.00 0.00 0.00 0.00 99.80 Average: 1 0.00 0.00 0.10 0.00 0.00 0.00 0.00 0.00 0.00 99.90
Les options de cette commande sont :
root@debian11:~# mpstat --help
Usage: mpstat [ options ] [ <interval> [ <count> ] ]
Options are:
[ -A ] [ -n ] [ -T ] [ -u ] [ -V ]
[ -I { SUM | CPU | SCPU | ALL } ] [ -N { <node_list> | ALL } ]
[ --dec={ 0 | 1 | 2 } ] [ -o JSON ] [ -P { <cpu_list> | ALL } ]
La commande sar (System Activity Reporter) permet de surveiller toutes les ressources du système selon l'option qui est passée en argument à la commande. Quelques options importantes sont :
| Option | Description |
|---|---|
| -u | Pourcentage d'utilisation du CPU |
| -q | Nombre de processus en attente |
| -r | Utilisation de la mémoire centrale |
| -w | Surveillance du swapping |
| -p | Surveillance de la pagination |
| -b | Utilisation des tampons |
| -d | Utilisation des disques |
Sous Debian 11 la commande /usr/lib/sysstat/sadc permet de collecter les informations :
root@debian8:~# ls /usr/lib/sysstat/ debian-sa1 sa1 sa2 sadc
Le script /usr/lib/sysstat/sa1 exécutent la commande sadc. Sous Debian 11, c'est le script debian-sa1 qui est appelé à la place de sa1 afin de rectifier une bogue dans ce dernier ( Bug#499461 ). Ce script, tout comme le script sa1, prend deux options :
| Option | Description |
|---|---|
| -t | L'interval entre les collectes |
| -n | Nombre de collectes |
Le script /usr/lib/sysstat/sa2 exécutent la commande sar et consignent les informations dans un fichier au format /var/log/sysstat/sar<jj>.
Sous Debian 11, l'intervalle entre les collectes des informations est configuré par les timers de systemd au lieu des cron jobs :
root@debian11:~# cat /usr/lib/systemd/system/sysstat-collect.timer # /lib/systemd/system/sysstat-collect.timer # (C) 2014 Tomasz Torcz <tomek@pipebreaker.pl> # # sysstat-12.5.2 systemd unit file: # Activates activity collector every 10 minutes [Unit] Description=Run system activity accounting tool every 10 minutes [Timer] OnCalendar=*:00/10 [Install] WantedBy=sysstat.service
La valeur de OnCalendar indique un collecte toutes les dix minutes.
Pour modifier l'intervalle entre les collectes, il faut créer un fichier override dans le répertoire /etc/systemd/system/ en utilisant la commande systemctl edit :
root@debian11:~# EDITOR=/usr/bin/vi root@debian11:~# export EDITOR root@debian11:~# systemctl edit sysstat-collect.timer ### Editing /etc/systemd/system/sysstat-collect.timer.d/override.conf ### Anything between here and the comment below will become the new contents of the file [Unit] Description=Run system activity accounting tool every 2 minutes [Timer] OnCalendar= OnCalendar=*:00/2 [Install] WantedBy=sysstat.service ### Lines below this comment will be discarded ### /lib/systemd/system/sysstat-collect.timer # # /lib/systemd/system/sysstat-collect.timer # # (C) 2014 Tomasz Torcz <tomek@pipebreaker.pl> # # # # sysstat-12.5.2 systemd unit file: # # Activates activity collector every 10 minutes # # [Unit] # Description=Run system activity accounting tool every 10 minutes # # [Timer] # OnCalendar=*:00/10 # # [Install] # WantedBy=sysstat.service [Escape] [:] [x] <<<<<<<<<<<<<<<<<<<<<<<<APPUYEZ sur le touches root@debian11:~# cat /etc/systemd/system/sysstat-collect.timer.d/override.conf [Unit] Description=Run system activity accounting tool every 2 minutes [Timer] OnCalendar= OnCalendar=*:00/2 [Install] WantedBy=sysstat.serviceroot@debian11:~#
Important : Notez la ligne OnCalendar= qui est necessaire afin de surcharger la valeur par défaut.
Vérifiez ensuite la prise en compte de la configuration :
root@debian11:~# systemctl status sysstat-collect.timer
● sysstat-collect.timer - Run system activity accounting tool every 2 minutes
Loaded: loaded (/lib/systemd/system/sysstat-collect.timer; disabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/sysstat-collect.timer.d
└─override.conf
Active: inactive (dead)
Trigger: n/a
Triggers: ● sysstat-collect.service
root@debian11:~# systemctl start sysstat-collect.timer
root@debian11:~# systemctl status sysstat-collect.timer
● sysstat-collect.timer - Run system activity accounting tool every 2 minutes
Loaded: loaded (/lib/systemd/system/sysstat-collect.timer; disabled; vendor preset: enabled)
Drop-In: /etc/systemd/system/sysstat-collect.timer.d
└─override.conf
Active: active (waiting) since Sat 2022-04-30 16:30:54 CEST; 2s ago
Trigger: Sat 2022-04-30 16:32:00 CEST; 1min 2s left
Triggers: ● sysstat-collect.service
Apr 30 16:30:54 debian11 systemd[1]: Started Run system activity accounting tool every 2 minutes. <<<<<<<<<<<<< NOTEZ "2 minutes"
Saisissez la commande suivante : <code> root@debian11:~# sar Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU)
Visualisez maintenant les statistiques d'utilisation du CPU:
root@debian11:~# sar -u 5 3 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:33:15 PM CPU %user %nice %system %iowait %steal %idle 04:33:20 PM all 0.00 0.00 0.00 0.00 0.00 100.00 04:33:25 PM all 0.00 0.00 0.00 0.00 0.00 100.00 04:33:30 PM all 0.00 0.00 0.00 0.00 0.00 100.00 Average: all 0.00 0.00 0.00 0.00 0.00 100.00
D'avantage de statistiques peuvent être obtenues en utilisant l'option ALL :
root@debian11:~# sar -u ALL 5 3 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:33:53 PM CPU %usr %nice %sys %iowait %steal %irq %soft %guest %gnice %idle 04:33:58 PM all 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 04:34:03 PM all 0.10 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 99.90 04:34:08 PM all 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 100.00 Average: all 0.03 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 99.97
Pour consulter les statistiques d'un coeur spécifique, utilisez l'option -P :
root@debian11:~# sar -u -P 0 5 3 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:35:14 PM CPU %user %nice %system %iowait %steal %idle 04:35:19 PM 0 0.00 0.00 0.00 0.00 0.00 100.00 04:35:24 PM 0 0.00 0.00 0.00 0.00 0.00 100.00 04:35:29 PM 0 0.00 0.00 0.00 0.00 0.00 100.00 Average: 0 0.00 0.00 0.00 0.00 0.00 100.00 root@debian11:~# sar -u -P 1 5 3 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:34:39 PM CPU %user %nice %system %iowait %steal %idle 04:34:44 PM 1 0.00 0.00 0.00 0.00 0.00 100.00 04:34:49 PM 1 0.00 0.00 0.00 0.00 0.00 100.00 04:34:54 PM 1 0.00 0.00 0.00 0.00 0.00 100.00 Average: 1 0.00 0.00 0.00 0.00 0.00 100.00
Utilisez l'option -r pour visualiser les statistiques concernant la mémoire :
root@debian11:~# sar -r 5 3 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:35:58 PM kbmemfree kbavail kbmemused %memused kbbuffers kbcached kbcommit %commit kbactive kbinact kbdirty 04:36:03 PM 2977608 3629252 115520 2.87 33556 789044 1645752 32.76 463612 428012 308 04:36:08 PM 2977664 3629308 115448 2.87 33556 789068 1645752 32.76 463612 428016 356 04:36:13 PM 2977664 3629332 115440 2.87 33564 789068 1645752 32.76 463636 428016 308 Average: 2977645 3629297 115469 2.87 33559 789060 1645752 32.76 463620 428015 324
HERE
Utilisez l'option -S pour visualiser les statistiques concernant le Swap :
root@debian11:~# sar -S 5 3 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:39:41 PM kbswpfree kbswpused %swpused kbswpcad %swpcad 04:39:46 PM 998396 0 0.00 0 0.00 04:39:51 PM 998396 0 0.00 0 0.00 04:39:56 PM 998396 0 0.00 0 0.00 Average: 998396 0 0.00 0 0.00
Utilisez l'option -b pour visualiser les statistiques concernant les E/S :
root@debian11:~# sar -b 5 3 Linux 5.10.0-13-amd64 (debian11) 04/30/2022 _x86_64_ (2 CPU) 04:40:19 PM tps rtps wtps dtps bread/s bwrtn/s bdscd/s 04:40:24 PM 0.40 0.00 0.40 0.00 0.00 11.20 0.00 04:40:29 PM 0.00 0.00 0.00 0.00 0.00 0.00 0.00 04:40:34 PM 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: 0.13 0.00 0.13 0.00 0.00 3.73 0.00
Utilisez l'option -d pour visualiser les statistiques concernant les E/S par disque :
root@debian11:~# sar -d 5 3 Linux 5.10.0-13-amd64 (debian11) 05/01/2022 _x86_64_ (2 CPU) 02:48:27 PM DEV tps rkB/s wkB/s dkB/s areq-sz aqu-sz await %util 02:48:32 PM sr0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:32 PM sda 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:32 PM sdb 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:32 PM sdc 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:32 PM dm-0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:32 PM dm-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:32 PM md1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:32 PM DEV tps rkB/s wkB/s dkB/s areq-sz aqu-sz await %util 02:48:37 PM sr0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:37 PM sda 1.80 0.00 7.20 0.00 4.00 0.05 26.44 0.56 02:48:37 PM sdb 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:37 PM sdc 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:37 PM dm-0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:37 PM dm-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:37 PM md1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:37 PM DEV tps rkB/s wkB/s dkB/s areq-sz aqu-sz await %util 02:48:42 PM sr0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:42 PM sda 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:42 PM sdb 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:42 PM sdc 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:42 PM dm-0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:42 PM dm-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 02:48:42 PM md1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: DEV tps rkB/s wkB/s dkB/s areq-sz aqu-sz await %util Average: sr0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: sda 0.60 0.00 2.40 0.00 4.00 0.02 26.44 0.19 Average: sdb 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: sdc 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: dm-0 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: dm-1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.00 Average: md1 0.00 0.00 0.00 0.00 0.00 0.00 0.00 0.000
Dernièrement, vérifiez que le répertoire /var/log/sysstat/ contient un fichier saXX :
root@debian11:~# ls -l /var/log/sysstat/ total 16 -rw-r--r-- 1 root root 14284 Apr 30 16:44 sa30
Les options de la commande sar sont :
root@debian11:~# sar --help
Usage: sar [ options ] [ <interval> [ <count> ] ]
Main options and reports (report name between square brackets):
-B Paging statistics [A_PAGE]
-b I/O and transfer rate statistics [A_IO]
-d Block devices statistics [A_DISK]
-F [ MOUNT ]
Filesystems statistics [A_FS]
-H Hugepages utilization statistics [A_HUGE]
-I { <int_list> | SUM | ALL }
Interrupts statistics [A_IRQ]
-m { <keyword> [,...] | ALL }
Power management statistics [A_PWR_...]
Keywords are:
CPU CPU instantaneous clock frequency
FAN Fans speed
FREQ CPU average clock frequency
IN Voltage inputs
TEMP Devices temperature
USB USB devices plugged into the system
-n { <keyword> [,...] | ALL }
Network statistics [A_NET_...]
Keywords are:
DEV Network interfaces
EDEV Network interfaces (errors)
NFS NFS client
NFSD NFS server
SOCK Sockets (v4)
IP IP traffic (v4)
EIP IP traffic (v4) (errors)
ICMP ICMP traffic (v4)
EICMP ICMP traffic (v4) (errors)
TCP TCP traffic (v4)
ETCP TCP traffic (v4) (errors)
UDP UDP traffic (v4)
SOCK6 Sockets (v6)
IP6 IP traffic (v6)
EIP6 IP traffic (v6) (errors)
ICMP6 ICMP traffic (v6)
EICMP6 ICMP traffic (v6) (errors)
UDP6 UDP traffic (v6)
FC Fibre channel HBAs
SOFT Software-based network processing
-q [ <keyword> [,...] | PSI | ALL ]
System load and pressure-stall statistics
Keywords are:
LOAD Queue length and load average statistics [A_QUEUE]
CPU Pressure-stall CPU statistics [A_PSI_CPU]
IO Pressure-stall I/O statistics [A_PSI_IO]
MEM Pressure-stall memory statistics [A_PSI_MEM]
-r [ ALL ]
Memory utilization statistics [A_MEMORY]
-S Swap space utilization statistics [A_MEMORY]
-u [ ALL ]
CPU utilization statistics [A_CPU]
-v Kernel tables statistics [A_KTABLES]
-W Swapping statistics [A_SWAP]
-w Task creation and system switching statistics [A_PCSW]
-y TTY devices statistics [A_SERIAL]
L'USB (Universal Serial Bus) est un bus de données qui peut offrir des taux de transfert jusqu'à 480Mb/s sous la version 2.0 et jusqu'à 4.8 Gb/s sous la version 3.0. Les modules nécessaires pour les contrôleurs USB sont :
| Version USB | Module | Nom Complet |
|---|---|---|
| 1.0\1.1 | UHCI | Universal Controller Host Interface |
| OHCI | Open Controller Host Interface | |
| 2.0 | EHCI | Enhanced Host Controller Interface |
| 3.0 | XHCI | Extensible Host Controller Interface |
Le tableau suivant liste les modules courrament chargés en fonction du périphérique utilisé :
| Module | Type de Périphérique |
|---|---|
| usb_storage | Supports de masse |
| usbhid | Periphériques HID (Human Interface Device) |
| snd-usb-audio | Cartes son usb |
| usbvidéo | Cartes vidéo et d'acquisition |
| irda-usb | Périphériques infrarouges |
| usbnet | Cartes réseaux usb |
Les modules peuvent être chargés par un des moyens suivants :
Depuis le noyau Linux 2.6 Linux est capable de détecter des périphériques branchés à chaud. Cette technologie s'appelle le hotplugging. Le hotplugging est obtenu grâce à l'utilisation de trois composants :
Les rôles de chaque composant sont les suivants :
Lors de démarrage de Linux, Udev joue un rôle important :
Udev repose sur le filesystem sysfs monté sur /sys qui permet de rendre les périphériques visibles à Udev dans l'User Space. Par exemple, lors du branchement d'une clé USB, Udev crée /dev/sdx1 automatiquement et utilise les informations contenues dans le fichier /lib/modules/`uname -r`/modules.alias pour trouver le pilote nécessaire :
Le fichier de configuration principal d'Udev est /etc/udev/udev.conf :
root@debian11:~# cat /etc/udev/udev.conf # see udev.conf(5) for details # # udevd is also started in the initrd. When this file is modified you might # also want to rebuild the initrd, so that it will include the modified configuration. #udev_log=info #children_max= #exec_delay= #event_timeout=180 #timeout_signal=SIGKILL #resolve_names=early
Les fichiers de règles se trouvent dans /lib/udev/rules.d/ :
root@debian11:~# ls /lib/udev/rules.d/ 39-usbmuxd.rules 70-joystick.rules 77-mm-usb-device-blacklist.rules 40-usb_modeswitch.rules 70-mouse.rules 77-mm-usb-serial-adapters-greylist.rules 50-firmware.rules 70-power-switch.rules 77-mm-x22x-port-types.rules 50-udev-default.rules 70-printers.rules 77-mm-zte-port-types.rules 55-dm.rules 70-touchpad.rules 78-sound-card.rules 56-lvm.rules 70-uaccess.rules 80-debian-compat.rules 60-autosuspend.rules 71-ipp-usb.rules 80-drivers.rules 60-block.rules 71-seat.rules 80-ifupdown.rules 60-cdrom_id.rules 73-seat-late.rules 80-libinput-device-groups.rules 60-drm.rules 73-special-net-names.rules 80-mm-candidate.rules 60-evdev.rules 75-net-description.rules 80-net-setup-link.rules 60-fido-id.rules 75-probe_mtd.rules 80-udisks2.rules 60-input-id.rules 77-mm-broadmobi-port-types.rules 84-nm-drivers.rules 60-libgphoto2-6.rules 77-mm-cinterion-port-types.rules 85-hdparm.rules 60-libopenni2-0.rules 77-mm-dell-port-types.rules 85-hwclock.rules 60-libsane1.rules 77-mm-dlink-port-types.rules 85-nm-unmanaged.rules 60-persistent-alsa.rules 77-mm-ericsson-mbm.rules 90-alsa-restore.rules 60-persistent-input.rules 77-mm-fibocom-port-types.rules 90-console-setup.rules 60-persistent-storage-dm.rules 77-mm-foxconn-port-types.rules 90-libinput-fuzz-override.rules 60-persistent-storage.rules 77-mm-haier-port-types.rules 90-nm-thunderbolt.rules 60-persistent-storage-tape.rules 77-mm-huawei-net-port-types.rules 90-pipewire-alsa.rules 60-persistent-v4l.rules 77-mm-longcheer-port-types.rules 90-pulseaudio.rules 60-qemu-guest-agent.rules 77-mm-mtk-port-types.rules 95-cd-devices.rules 60-sensor.rules 77-mm-nokia-port-types.rules 95-dm-notify.rules 60-serial.rules 77-mm-pcmcia-device-blacklist.rules 95-upower-csr.rules 64-btrfs-dm.rules 77-mm-qdl-device-blacklist.rules 95-upower-hidpp.rules 64-btrfs.rules 77-mm-quectel-port-types.rules 95-upower-hid.rules 64-xorg-xkb.rules 77-mm-sierra.rules 95-upower-wup.rules 65-libwacom.rules 77-mm-simtech-port-types.rules 96-e2scrub.rules 69-cd-sensors.rules 77-mm-telit-port-types.rules 99-libsane1.rules 69-lvm-metad.rules 77-mm-tplink-port-types.rules 99-systemd.rules 69-wacom.rules 77-mm-ublox-port-types.rules
Important : Il vous est possible d'ajouter des règles si besoin est. Dans ce cas, créez un fichier 99-local.rules est éditez-le au lieu d'éditer les fichiers existants.
Comme indique le nom de chaque fichier, le contenu est composé de règles à l'attention d'udev. Le fichier des règles par défaut est le 50-udev-default.rules :
root@debian11:~# cat /lib/udev/rules.d/50-udev-default.rules | more
# do not edit this file, it will be overwritten on update
# run a command on remove events
ACTION=="remove", ENV{REMOVE_CMD}!="", RUN+="$env{REMOVE_CMD}"
ACTION=="remove", GOTO="default_end"
SUBSYSTEM=="virtio-ports", KERNEL=="vport*", ATTR{name}=="?*", SYMLINK+="virtio-ports/$attr{name}"
# select "system RTC" or just use the first one
SUBSYSTEM=="rtc", ATTR{hctosys}=="1", SYMLINK+="rtc"
SUBSYSTEM=="rtc", KERNEL=="rtc0", SYMLINK+="rtc", OPTIONS+="link_priority=-100"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", IMPORT{builtin}="usb_id", IMPORT{builtin}="hwdb --subsystem=usb", GOTO="default_hwdb_i
mported"
ENV{MODALIAS}!="", IMPORT{builtin}="hwdb --subsystem=$env{SUBSYSTEM}"
LABEL="default_hwdb_imported"
ACTION!="add", GOTO="default_end"
SUBSYSTEM=="tty", KERNEL=="ptmx", GROUP="tty", MODE="0666"
SUBSYSTEM=="tty", KERNEL=="tty", GROUP="tty", MODE="0666"
SUBSYSTEM=="tty", KERNEL=="tty[0-9]*", GROUP="tty", MODE="0620"
SUBSYSTEM=="tty", KERNEL=="sclp_line[0-9]*", GROUP="tty", MODE="0620"
SUBSYSTEM=="tty", KERNEL=="ttysclp[0-9]*", GROUP="tty", MODE="0620"
SUBSYSTEM=="tty", KERNEL=="3270/tty[0-9]*", GROUP="tty", MODE="0620"
SUBSYSTEM=="vc", KERNEL=="vcs*|vcsa*", GROUP="tty"
KERNEL=="tty[A-Z]*[0-9]|ttymxc[0-9]*|pppox[0-9]*|ircomm[0-9]*|noz[0-9]*|rfcomm[0-9]*", GROUP="dialout"
SUBSYSTEM=="mem", KERNEL=="mem|kmem|port", GROUP="kmem", MODE="0640"
SUBSYSTEM=="input", GROUP="input"
SUBSYSTEM=="input", KERNEL=="js[0-9]*", MODE="0664"
SUBSYSTEM=="video4linux", GROUP="video"
SUBSYSTEM=="graphics", GROUP="video"
SUBSYSTEM=="drm", KERNEL!="renderD*", GROUP="video"
SUBSYSTEM=="dvb", GROUP="video"
SUBSYSTEM=="media", GROUP="video"
SUBSYSTEM=="cec", GROUP="video"
SUBSYSTEM=="drm", KERNEL=="renderD*", GROUP="render", MODE="0660"
SUBSYSTEM=="kfd", GROUP="render", MODE="0660"
# When using static_node= with non-default permissions, also update
# tmpfiles.d/static-nodes-permissions.conf.in to keep permissions synchronized.
SUBSYSTEM=="sound", GROUP="audio", \
OPTIONS+="static_node=snd/seq", OPTIONS+="static_node=snd/timer"
SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", MODE="0664"
--More--
[q]
Chaque règle prend la forme suivante :
KEY, [KEY, …] NAME [, SYMLINK]
Chaque KEY est un champ au format type=valeur qui doit correspondre à un périphérique unique. La valeur de type peut prendre plusieurs formes :
| Type | Description | Exemples |
|---|---|---|
| BUS | Type de bus | usb, scsi, ide |
| KERNEL | Le nom par défault du périphérique donné par le noyau | hda, ttyUSB0, lp0 |
| SUBSYSTEM | Le nom noyau du sous-système, généralement identique à la valeur du BUS | usb, scsi |
| DRIVER | Le nom du pilote qui contrôle le périphérique | usb-storage |
| ID | Le numéro du périphérique sur son bus | PCI bus id, USB id |
| PLACE | Ne concerne que les périphériques USB et donne la position topologique du périphérique sur son bus | S/O |
| SYSFS{filename} | Le nom du fichier dans /sys pour le périphérique. Ce fichier contient le fabricant, le label, le numéro de série et UUID du périphérique. La vérification de jusqu'à 5 fichiers est possible par règle | S/O |
| PROGRAM | Ceci permet à Udev d'appeler un programme externe pour nommer un périphérique | S/O |
| RESULT | Valeur à comparer au résultat de PROGRAM | S/O |
NAME et SYMLINK sont utilisées pour stipuler ce que Udev doit faire avec le périphérique :
| Type | Description | Exemples |
|---|---|---|
| NAME | Le nome du nœud dans /dev | S/O |
| SYMLINK | Le ou les lien(s) symbolique(s) qui pointe(nt) vers le NAME | S/O |
Pour obtenir de l'information sur un périphérique il convient d'utiliser la commande udevadm :
root@debian11:~# udevadm info --query=all -n /dev/sdc P: /devices/pci0000:00/0000:00:05.0/virtio1/host2/target2:0:0/2:0:0:1/block/sdc N: sdc L: 0 S: disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1 S: disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1 E: DEVPATH=/devices/pci0000:00/0000:00:05.0/virtio1/host2/target2:0:0/2:0:0:1/block/sdc E: DEVNAME=/dev/sdc E: DEVTYPE=disk E: MAJOR=8 E: MINOR=32 E: SUBSYSTEM=block E: USEC_INITIALIZED=1712598 E: ID_SCSI=1 E: ID_VENDOR=QEMU E: ID_VENDOR_ENC=QEMU\x20\x20\x20\x20 E: ID_MODEL=QEMU_HARDDISK E: ID_MODEL_ENC=QEMU\x20HARDDISK\x20\x20\x20 E: ID_REVISION=2.5+ E: ID_TYPE=disk E: ID_SERIAL=0QEMU_QEMU_HARDDISK_drive-scsi1 E: ID_SERIAL_SHORT=drive-scsi1 E: ID_BUS=scsi E: ID_PATH=pci-0000:00:05.0-scsi-0:0:0:1 E: ID_PATH_TAG=pci-0000_00_05_0-scsi-0_0_0_1 E: ID_PART_TABLE_UUID=304308a3 E: ID_PART_TABLE_TYPE=dos E: DEVLINKS=/dev/disk/by-id/scsi-0QEMU_QEMU_HARDDISK_drive-scsi1 /dev/disk/by-path/pci-0000:00:05.0-scsi-0:0:0:1 E: TAGS=:systemd: E: CURRENT_TAGS=:systemd:
Les options de la commande udevadm sont :
root@debian11:~# udevadm --help
udevadm [--help] [--version] [--debug] COMMAND [COMMAND OPTIONS]
Send control commands or test the device manager.
Commands:
info Query sysfs or the udev database
trigger Request events from the kernel
settle Wait for pending udev events
control Control the udev daemon
monitor Listen to kernel and udev events
test Test an event run
test-builtin Test a built-in command
See the udevadm(8) man page for details.
root@debian11:~# udevadm info --help
udevadm info [OPTIONS] [DEVPATH|FILE]
Query sysfs or the udev database.
-h --help Print this message
-V --version Print version of the program
-q --query=TYPE Query device information:
name Name of device node
symlink Pointing to node
path sysfs device path
property The device properties
all All values
-p --path=SYSPATH sysfs device path used for query or attribute walk
-n --name=NAME Node or symlink name used for query or attribute walk
-r --root Prepend dev directory to path names
-a --attribute-walk Print all key matches walking along the chain
of parent devices
-d --device-id-of-file=FILE Print major:minor of device containing this file
-x --export Export key/value pairs
-P --export-prefix Export the key name with a prefix
-e --export-db Export the content of the udev database
-c --cleanup-db Clean up the udev database
-w --wait-for-initialization[=SECONDS]
Wait for device to be initialized
Le système de fichiers virtuel /sys a été introduit avec le noyau Linux 2.6. Son rôle est de décrire le matériel pour udev.
Saisissez la commande suivante :
root@debian11:~# ls -l /sys total 0 drwxr-xr-x 2 root root 0 Apr 30 16:32 block drwxr-xr-x 33 root root 0 Apr 30 16:21 bus drwxr-xr-x 51 root root 0 Apr 30 16:21 class drwxr-xr-x 4 root root 0 Apr 30 16:21 dev drwxr-xr-x 14 root root 0 Apr 26 13:08 devices drwxr-xr-x 6 root root 0 Apr 30 16:21 firmware drwxr-xr-x 10 root root 0 Apr 26 13:08 fs drwxr-xr-x 2 root root 0 Apr 30 16:50 hypervisor drwxr-xr-x 15 root root 0 Apr 26 13:08 kernel drwxr-xr-x 151 root root 0 Apr 30 16:21 module drwxr-xr-x 3 root root 0 Apr 30 16:50 power
Chaque répertoire contient des informations :
Pour illustrer ceci, saisissez la commande suivante :
root@debian11:~# cat /sys/block/sdc/sdc1/size 204800
Ce chiffre correspond aux nombre de secteurs.
Les ressources disponibles aux utilisateurs peuvent être limitées par l'utilisation de la commande ulimit.
La commande ulimit gère deux types de limite, la limite hard en utilisant l'option -H et la limite soft en utilisant l'option -S. Seul root peut positionner une limite hard et ceci à condition que la limite ne dépasse pas les ressources réelles.
La limite soft est la limite imposée à l'utilisateur par défaut tandis que la limite hard est la limite que l'utilisateur peut atteindre en utilisant la commande ulimit lui-même.
L'utilisateur root peut paramétrer les limites accordées en éditant la fichier /etc/security/limits.conf :
root@debian11:~# cat /etc/security/limits.conf # /etc/security/limits.conf # #Each line describes a limit for a user in the form: # #<domain> <type> <item> <value> # #Where: #<domain> can be: # - a user name # - a group name, with @group syntax # - the wildcard *, for default entry # - the wildcard %, can be also used with %group syntax, # for maxlogin limit # - NOTE: group and wildcard limits are not applied to root. # To apply a limit to the root user, <domain> must be # the literal username root. # #<type> can have the two values: # - "soft" for enforcing the soft limits # - "hard" for enforcing hard limits # #<item> can be one of the following: # - core - limits the core file size (KB) # - data - max data size (KB) # - fsize - maximum filesize (KB) # - memlock - max locked-in-memory address space (KB) # - nofile - max number of open file descriptors # - rss - max resident set size (KB) # - stack - max stack size (KB) # - cpu - max CPU time (MIN) # - nproc - max number of processes # - as - address space limit (KB) # - maxlogins - max number of logins for this user # - maxsyslogins - max number of logins on the system # - priority - the priority to run user process with # - locks - max number of file locks the user can hold # - sigpending - max number of pending signals # - msgqueue - max memory used by POSIX message queues (bytes) # - nice - max nice priority allowed to raise to values: [-20, 19] # - rtprio - max realtime priority # - chroot - change root to directory (Debian-specific) # #<domain> <type> <item> <value> # #* soft core 0 #root hard core 100000 #* hard rss 10000 #@student hard nproc 20 #@faculty soft nproc 20 #@faculty hard nproc 50 #ftp hard nproc 0 #ftp - chroot /ftp #@student - maxlogins 4 # End of file
Important : La valeur de la limite peut être un nombre ou le mot unlimited.
Par exemple, si root inscrit les deux ligne suivantes dans le fichier /etc/security/limits.conf :
... trainee soft nofile 1024 trainee hard nofile 4096 ...
la limite du nombre de fichiers ouverts simultanément par trainee est de 1 024. Par contre, trainee a la possibilité d'augmenter cette limite jusqu'à 4 096 en utilisant la commande suivante :
$ ulimit -n 4096
Pour consulter la liste des limites actuelles, il convient d'utiliser la commande ulimit avec l'option -a :
root@debian11:~# ulimit -a real-time non-blocking time (microseconds, -R) unlimited core file size (blocks, -c) 0 data seg size (kbytes, -d) unlimited scheduling priority (-e) 0 file size (blocks, -f) unlimited pending signals (-i) 15545 max locked memory (kbytes, -l) 503199 max memory size (kbytes, -m) unlimited open files (-n) 1024 pipe size (512 bytes, -p) 8 POSIX message queues (bytes, -q) 819200 real-time priority (-r) 0 stack size (kbytes, -s) 8192 cpu time (seconds, -t) unlimited max user processes (-u) 15545 virtual memory (kbytes, -v) unlimited file locks (-x) unlimited
Les options de ulimit sont :
root@debian11:~# help ulimit
ulimit: ulimit [-SHabcdefiklmnpqrstuvxPT] [limit]
Modify shell resource limits.
Provides control over the resources available to the shell and processes
it creates, on systems that allow such control.
Options:
-S use the `soft' resource limit
-H use the `hard' resource limit
-a all current limits are reported
-b the socket buffer size
-c the maximum size of core files created
-d the maximum size of a process's data segment
-e the maximum scheduling priority (`nice')
-f the maximum size of files written by the shell and its children
-i the maximum number of pending signals
-k the maximum number of kqueues allocated for this process
-l the maximum size a process may lock into memory
-m the maximum resident set size
-n the maximum number of open file descriptors
-p the pipe buffer size
-q the maximum number of bytes in POSIX message queues
-r the maximum real-time scheduling priority
-s the maximum stack size
-t the maximum amount of cpu time in seconds
-u the maximum number of user processes
-v the size of virtual memory
-x the maximum number of file locks
-P the maximum number of pseudoterminals
-R the maximum time a real-time process can run before blocking
-T the maximum number of threads
Not all options are available on all platforms.
If LIMIT is given, it is the new value of the specified resource; the
special LIMIT values `soft', `hard', and `unlimited' stand for the
current soft limit, the current hard limit, and no limit, respectively.
Otherwise, the current value of the specified resource is printed. If
no option is given, then -f is assumed.
Values are in 1024-byte increments, except for -t, which is in seconds,
-p, which is in increments of 512 bytes, and -u, which is an unscaled
number of processes.
Exit Status:
Returns success unless an invalid option is supplied or an error occurs.
A l'opposé des cgroups v1, cgroup v2 n'a qu'une seule arborescence ou hiérarchie et donc un seul point de montage. Tous les contrôleurs compatibles v2 qui ne sont pas liés à une hiérarchie v1 sont automatiquement liés à la hiérarchie v2. Un contrôleur inactif dans la hiérarchie v2 peut être lié à un autre hiérarchie. La migration d'un contrôleur d'une hiérarchie à une autre hiérarchie n'est possible que dans le cas où le contrôleur est désactivé et n'est plus référencé dans la hiérarchie d'origine.
Pour vérifier l'utilisation de cgroups v2, il convient de visualiser le point de montage :
root@debian11:~# mount -l | grep cgroup cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot)
et de consulter le contenu de ce point de montage :
root@debian11:~# ls -l /sys/fs/cgroup/ total 0 -r--r--r-- 1 root root 0 Jul 6 10:58 cgroup.controllers -rw-r--r-- 1 root root 0 Jul 6 11:32 cgroup.max.depth -rw-r--r-- 1 root root 0 Jul 6 11:32 cgroup.max.descendants -rw-r--r-- 1 root root 0 Jul 6 10:58 cgroup.procs -r--r--r-- 1 root root 0 Jul 6 11:32 cgroup.stat -rw-r--r-- 1 root root 0 Jul 6 10:58 cgroup.subtree_control -rw-r--r-- 1 root root 0 Jul 6 11:32 cgroup.threads -rw-r--r-- 1 root root 0 Jul 6 11:32 cpu.pressure -r--r--r-- 1 root root 0 Jul 6 11:32 cpuset.cpus.effective -r--r--r-- 1 root root 0 Jul 6 11:32 cpuset.mems.effective -r--r--r-- 1 root root 0 Jul 6 11:32 cpu.stat drwxr-xr-x 2 root root 0 Jul 6 10:58 dev-hugepages.mount drwxr-xr-x 2 root root 0 Jul 6 10:58 dev-mqueue.mount drwxr-xr-x 2 root root 0 Jul 6 10:58 init.scope -rw-r--r-- 1 root root 0 Jul 6 11:32 io.cost.model -rw-r--r-- 1 root root 0 Jul 6 11:32 io.cost.qos -rw-r--r-- 1 root root 0 Jul 6 11:32 io.pressure -r--r--r-- 1 root root 0 Jul 6 11:32 io.stat -r--r--r-- 1 root root 0 Jul 6 11:32 memory.numa_stat -rw-r--r-- 1 root root 0 Jul 6 11:32 memory.pressure -r--r--r-- 1 root root 0 Jul 6 11:32 memory.stat drwxr-xr-x 2 root root 0 Jul 6 10:58 sys-fs-fuse-connections.mount drwxr-xr-x 2 root root 0 Jul 6 10:58 sys-kernel-config.mount drwxr-xr-x 2 root root 0 Jul 6 10:58 sys-kernel-debug.mount drwxr-xr-x 2 root root 0 Jul 6 10:58 sys-kernel-tracing.mount drwxr-xr-x 23 root root 0 Jul 6 11:26 system.slice drwxr-xr-x 4 root root 0 Jul 6 11:30 user.slice
Dans la version 2 de cgroup, certains noms ont changé par rapport à ceux utilisés dans la version 1 :
| Version 1 | Version 2 |
|---|---|
| CPUShares | CPUWeight |
| StartupCPUShares | StartupCPUWeight |
| MemoryLimit | MemoryMax |
Commencez par créer le cgroup enfant pids dans le cgroup racine :
root@debian11:~# mkdir /sys/fs/cgroup/pids
Placez le PID du terminal courant dans le fichier cgroup.procs du cgroup enfant :
root@debian11:~# echo $$ 1230 root@debian11:~# echo $$ > /sys/fs/cgroup/pids/cgroup.procs
Contrôlez maintenant le contenu du fichier cgroup.procs ainsi que le nombre de PIDs dans le cgroup pids :
root@debian11:~# cat /sys/fs/cgroup/pids/cgroup.procs 1230 1281 root@debian11:~# cat /sys/fs/cgroup/pids/pids.current 2
Important - Notez que le fichier cgroup.procs contient deux PIDs. Le premier est celui du Shell tandis que le deuxième est celui de la commande cat.
Injectez maintenant la valeur de 5 dans le fichier pids.max du cgroup pids :
root@debian11:~# echo 5 > /sys/fs/cgroup/pids/pids.max
Lancez la commande suivante pour créer 6 pids dans le cgroup :
root@debian11:~# for a in $(seq 1 5); do sleep 60 & done [1] 1290 [2] 1291 [3] 1292 [4] 1293 -bash: fork: retry: Resource temporarily unavailable -bash: fork: retry: Resource temporarily unavailable -bash: fork: retry: Resource temporarily unavailable -bash: fork: retry: Resource temporarily unavailable -bash: fork: Resource temporarily unavailable
Important - Notez qu'à la tentative de création du 6ème processus, une erreur est retournée. Le système tente ensuite 4 fois de plus puis renonce finalement avec le message d'erreur -bash: fork: Resource temporarily unavailable.
Dernièrement, essayez de supprimer le cgroup pids :
root@debian11:~# rmdir /sys/fs/cgroup/pids rmdir: failed to remove '/sys/fs/cgroup/pids': Device or resource busy
Important - Notez qu'il n'est pas possible de supprimer un cgroup tant que celui-ci contient un processus.
Déplacez le processus du terminal courant dans le cgroup racine :
root@debian11:~# echo $$ > /sys/fs/cgroup/cgroup.procs
Il est maintenant possible de supprimer le cgroup pids :
root@debian11:~# rmdir /sys/fs/cgroup/pids root@debian11:~#
Il existe deux façons de limiter les ressources de la CPU :
Dans l'exemple suivant, vous allez mettre en place une limite de type CPU bandwidth.
Commencez par créer un service appelé foo :
root@debian11:~# vi /lib/systemd/system/foo.service
root@debian11:~# cat /lib/systemd/system/foo.service
[Unit]
Description=The foo service that does nothing useful
After=remote-fs.target nss-lookup.target
[Service]
ExecStart=/usr/bin/sha1sum /dev/zero
ExecStop=/bin/kill -WINCH ${MAINPID}
[Install]
WantedBy=multi-user.target
Démarrez et activez le service :
root@debian11:~# systemctl start foo.service
root@debian11:~# systemctl enable foo.service
Created symlink /etc/systemd/system/multi-user.target.wants/foo.service → /lib/systemd/system/foo.service.
root@debian11:~# systemctl status foo.service
● foo.service - The foo service that does nothing useful
Loaded: loaded (/lib/systemd/system/foo.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2022-07-06 11:41:18 CEST; 19s ago
Main PID: 997 (sha1sum)
Tasks: 1 (limit: 19155)
Memory: 296.0K
CPU: 19.114s
CGroup: /system.slice/foo.service
└─997 /usr/bin/sha1sum /dev/zero
Jul 06 11:41:18 debian11 systemd[1]: Started The foo service that does nothing useful.
Utilisez la commande ps pour voir le pourcentage de la CPU utilisé par ce service :
root@debian11:~# ps -p 997 -o pid,comm,cputime,%cpu
PID COMMAND TIME %CPU
997 sha1sum 00:01:33 100
Créez maintenant un autre service dénommé bar :
root@debian11:~# vi /lib/systemd/system/bar.service
root@debian11:~# cat /lib/systemd/system/bar.service
[Unit]
Description=The bar service that does nothing useful
After=remote-fs.target nss-lookup.target
[Service]
ExecStart=/usr/bin/md5sum /dev/zero
ExecStop=/bin/kill -WINCH ${MAINPID}
[Install]
WantedBy=multi-user.target
Démarrez et activez le service :
root@debian11:~# systemctl start bar.service
root@debian11:~# systemctl enable bar.service
Created symlink /etc/systemd/system/multi-user.target.wants/bar.service → /lib/systemd/system/bar.service.
root@debian11:~# systemctl status bar.service
● bar.service - The bar service that does nothing useful
Loaded: loaded (/lib/systemd/system/bar.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2022-07-06 11:45:24 CEST; 15s ago
Main PID: 1020 (md5sum)
Tasks: 1 (limit: 19155)
Memory: 236.0K
CPU: 15.079s
CGroup: /system.slice/bar.service
└─1020 /usr/bin/md5sum /dev/zero
Jul 06 11:45:24 debian11 systemd[1]: Started The bar service that does nothing useful.
Utilisez la commande ps pour voir le pourcentage de la CPU utilisé par ce service :
root@debian11:~# ps -p 1020 -o pid,comm,cputime,%cpu
PID COMMAND TIME %CPU
1020 md5sum 00:01:03 99.4
Vérifiez maintenant la présence des contrôleurs cpuset et cpu dans l'arborescence du cgroup racine qui est monté à /sys/fs/cgroup/ :
root@debian11:~# cat /sys/fs/cgroup/cgroup.controllers cpuset cpu io memory hugetlb pids rdma
Activez maintenant les deux contrôleurs cpuset et cpu :
root@debian11:~# cat /sys/fs/cgroup/cgroup.subtree_control memory pids root@debian11:~# echo "+cpu" >> /sys/fs/cgroup/cgroup.subtree_control root@debian11:~# echo "+cpuset" >> /sys/fs/cgroup/cgroup.subtree_control root@debian11:~# cat /sys/fs/cgroup/cgroup.subtree_control cpuset cpu memory pids
Créez le cgroup enfant appelé FooBar :
root@debian11:~# mkdir /sys/fs/cgroup/FooBar/ root@debian11:~# ls -l /sys/fs/cgroup/FooBar/ total 0 -r--r--r-- 1 root root 0 Jul 6 12:18 cgroup.controllers -r--r--r-- 1 root root 0 Jul 6 12:18 cgroup.events -rw-r--r-- 1 root root 0 Jul 6 12:18 cgroup.freeze -rw-r--r-- 1 root root 0 Jul 6 12:18 cgroup.max.depth -rw-r--r-- 1 root root 0 Jul 6 12:18 cgroup.max.descendants -rw-r--r-- 1 root root 0 Jul 6 12:18 cgroup.procs -r--r--r-- 1 root root 0 Jul 6 12:18 cgroup.stat -rw-r--r-- 1 root root 0 Jul 6 12:18 cgroup.subtree_control -rw-r--r-- 1 root root 0 Jul 6 12:18 cgroup.threads -rw-r--r-- 1 root root 0 Jul 6 12:18 cgroup.type -rw-r--r-- 1 root root 0 Jul 6 12:18 cpu.max -rw-r--r-- 1 root root 0 Jul 6 12:18 cpu.pressure -rw-r--r-- 1 root root 0 Jul 6 12:18 cpuset.cpus -r--r--r-- 1 root root 0 Jul 6 12:18 cpuset.cpus.effective -rw-r--r-- 1 root root 0 Jul 6 12:18 cpuset.cpus.partition -rw-r--r-- 1 root root 0 Jul 6 12:18 cpuset.mems -r--r--r-- 1 root root 0 Jul 6 12:18 cpuset.mems.effective -r--r--r-- 1 root root 0 Jul 6 12:18 cpu.stat -rw-r--r-- 1 root root 0 Jul 6 12:18 cpu.weight -rw-r--r-- 1 root root 0 Jul 6 12:18 cpu.weight.nice -rw-r--r-- 1 root root 0 Jul 6 12:18 io.pressure -r--r--r-- 1 root root 0 Jul 6 12:18 memory.current -r--r--r-- 1 root root 0 Jul 6 12:18 memory.events -r--r--r-- 1 root root 0 Jul 6 12:18 memory.events.local -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.high -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.low -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.max -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.min -r--r--r-- 1 root root 0 Jul 6 12:18 memory.numa_stat -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.oom.group -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.pressure -r--r--r-- 1 root root 0 Jul 6 12:18 memory.stat -r--r--r-- 1 root root 0 Jul 6 12:18 memory.swap.current -r--r--r-- 1 root root 0 Jul 6 12:18 memory.swap.events -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.swap.high -rw-r--r-- 1 root root 0 Jul 6 12:18 memory.swap.max -r--r--r-- 1 root root 0 Jul 6 12:18 pids.current -r--r--r-- 1 root root 0 Jul 6 12:18 pids.events -rw-r--r-- 1 root root 0 Jul 6 12:18 pids.max
Activez les contrôleurs cpuset et cpu pour le cgroup FooBar :
root@debian11:~# echo "+cpu" >> /sys/fs/cgroup/FooBar/cgroup.subtree_control root@debian11:~# echo "+cpuset" >> /sys/fs/cgroup/FooBar/cgroup.subtree_control root@debian11:~# cat /sys/fs/cgroup/cgroup.subtree_control /sys/fs/cgroup/FooBar/cgroup.subtree_control cpuset cpu memory pids cpuset cpu
Important - Notez qu'il n'est pas possible d'activer les contrôleurs pour un cgroup enfant si ces mêmes contrôleurs ne sont pas déjà activés pour le cgroup parent. Notez aussi que dans le cgroup FooBar, les contrôleurs memory et pids ne sont pas activés.
Créez maintenant le répertoire /sys/fs/cgroup/FooBar/tasks :
root@debian11:~# mkdir /sys/fs/cgroup/FooBar/tasks root@debian11:~# ls -l /sys/fs/cgroup/FooBar/tasks total 0 -r--r--r-- 1 root root 0 Jul 6 12:20 cgroup.controllers -r--r--r-- 1 root root 0 Jul 6 12:20 cgroup.events -rw-r--r-- 1 root root 0 Jul 6 12:20 cgroup.freeze -rw-r--r-- 1 root root 0 Jul 6 12:20 cgroup.max.depth -rw-r--r-- 1 root root 0 Jul 6 12:20 cgroup.max.descendants -rw-r--r-- 1 root root 0 Jul 6 12:20 cgroup.procs -r--r--r-- 1 root root 0 Jul 6 12:20 cgroup.stat -rw-r--r-- 1 root root 0 Jul 6 12:20 cgroup.subtree_control -rw-r--r-- 1 root root 0 Jul 6 12:20 cgroup.threads -rw-r--r-- 1 root root 0 Jul 6 12:20 cgroup.type -rw-r--r-- 1 root root 0 Jul 6 12:20 cpu.max -rw-r--r-- 1 root root 0 Jul 6 12:20 cpu.pressure -rw-r--r-- 1 root root 0 Jul 6 12:20 cpuset.cpus -r--r--r-- 1 root root 0 Jul 6 12:20 cpuset.cpus.effective -rw-r--r-- 1 root root 0 Jul 6 12:20 cpuset.cpus.partition -rw-r--r-- 1 root root 0 Jul 6 12:20 cpuset.mems -r--r--r-- 1 root root 0 Jul 6 12:20 cpuset.mems.effective -r--r--r-- 1 root root 0 Jul 6 12:20 cpu.stat -rw-r--r-- 1 root root 0 Jul 6 12:20 cpu.weight -rw-r--r-- 1 root root 0 Jul 6 12:20 cpu.weight.nice -rw-r--r-- 1 root root 0 Jul 6 12:20 io.pressure -rw-r--r-- 1 root root 0 Jul 6 12:20 memory.pressure
Important - Le répertoire /sys/fs/cgroup/FooBar/tasks définit un groupe enfant du cgroup FooBar qui ne concerne que les contrôleurs cpuset et cpu.
De façon à ce que les deux processus issus des services foo et bar se font concurrence sur la même CPU, injectez la valeur de 1 dans le fichier /sys/fs/cgroup/FooBar/tasks/cpuset.cpus :
root@debian11:~# echo "1" > /sys/fs/cgroup/FooBar/tasks/cpuset.cpus root@debian11:~# cat /sys/fs/cgroup/FooBar/tasks/cpuset.cpus 1
Important - Notez que dans les faits, le contrôleur cpu n'est activé que dans le cas où le cgroup contient au moins 2 processus qui se font concurrence sur la même CPU.
Mettez en place une limitation des ressources de la CPU avec la commande suivante :
root@debian11:~# echo "200000 1000000" > /sys/fs/cgroup/FooBar/tasks/cpu.max
Important - Dans la commande ci-dessus, le premier nombre est un quota en microsecondes pendant lequel les processus dans le cgroup peuvent s'exécuter dans une période de temps donnée. Le deuxième nombre, également exprimé en microsecondes, et la période. Autrement dit, les processus dans le cgroup seront limités à une exécution de 200 000 / 1 000 000 = 0.2 secondes pendant chaque seconde.
Ajoutez maintenant les processus des services foo et bar au cgroup FooBar :
echo "997" > /sys/fs/cgroup/FooBar/tasks/cgroup.procs echo "1020" > /sys/fs/cgroup/FooBar/tasks/cgroup.procs
Vérifiez la prise en compte par le système de la commande précédente :
root@debian11:~# cat /proc/997/cgroup /proc/1020/cgroup 0::/FooBar/tasks 0::/FooBar/tasks
Dernièrement, utilisez la commande top pour constater que la consommation de la CPU et limitée à 20% sur l'ensemble des processus du cgroup FooBar et que ces 20% sont répartis en parts égales sur les deux processus foo et bar :
top - 12:36:33 up 1:37, 2 users, load average: 0.01, 0.70, 1.39
Tasks: 154 total, 3 running, 151 sleeping, 0 stopped, 0 zombie
%Cpu(s): 2.5 us, 0.0 sy, 0.0 ni, 97.5 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 16007.9 total, 15503.7 free, 203.6 used, 300.6 buff/cache
MiB Swap: 975.0 total, 975.0 free, 0.0 used. 15536.4 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
997 root 20 0 5312 572 508 R 10.0 0.0 50:12.26 sha1sum
1020 root 20 0 5308 508 444 R 10.0 0.0 47:00.56 md5sum
Comme déjà vu, systemd organise les processus dans des slices, par exemple les utilisateurs sont regroupés dans /sys/fs/cgroup/user.slice :
root@debian11:~# ls -l /sys/fs/cgroup/user.slice total 0 -r--r--r-- 1 root root 0 Jul 6 16:13 cgroup.controllers -r--r--r-- 1 root root 0 Jul 6 10:58 cgroup.events -rw-r--r-- 1 root root 0 Jul 6 16:13 cgroup.freeze -rw-r--r-- 1 root root 0 Jul 6 16:13 cgroup.max.depth -rw-r--r-- 1 root root 0 Jul 6 16:13 cgroup.max.descendants -rw-r--r-- 1 root root 0 Jul 6 16:13 cgroup.procs -r--r--r-- 1 root root 0 Jul 6 16:13 cgroup.stat -rw-r--r-- 1 root root 0 Jul 6 15:05 cgroup.subtree_control -rw-r--r-- 1 root root 0 Jul 6 16:13 cgroup.threads -rw-r--r-- 1 root root 0 Jul 6 16:13 cgroup.type -rw-r--r-- 1 root root 0 Jul 6 16:13 cpu.max -rw-r--r-- 1 root root 0 Jul 6 16:13 cpu.pressure -rw-r--r-- 1 root root 0 Jul 6 16:13 cpuset.cpus -r--r--r-- 1 root root 0 Jul 6 16:13 cpuset.cpus.effective -rw-r--r-- 1 root root 0 Jul 6 16:13 cpuset.cpus.partition -rw-r--r-- 1 root root 0 Jul 6 16:13 cpuset.mems -r--r--r-- 1 root root 0 Jul 6 16:13 cpuset.mems.effective -r--r--r-- 1 root root 0 Jul 6 10:58 cpu.stat -rw-r--r-- 1 root root 0 Jul 6 16:13 cpu.weight -rw-r--r-- 1 root root 0 Jul 6 16:13 cpu.weight.nice -rw-r--r-- 1 root root 0 Jul 6 16:13 io.pressure -r--r--r-- 1 root root 0 Jul 6 16:13 memory.current -r--r--r-- 1 root root 0 Jul 6 16:13 memory.events -r--r--r-- 1 root root 0 Jul 6 16:13 memory.events.local -rw-r--r-- 1 root root 0 Jul 6 10:58 memory.high -rw-r--r-- 1 root root 0 Jul 6 10:58 memory.low -rw-r--r-- 1 root root 0 Jul 6 10:58 memory.max -rw-r--r-- 1 root root 0 Jul 6 10:58 memory.min -r--r--r-- 1 root root 0 Jul 6 16:13 memory.numa_stat -rw-r--r-- 1 root root 0 Jul 6 10:58 memory.oom.group -rw-r--r-- 1 root root 0 Jul 6 16:13 memory.pressure -r--r--r-- 1 root root 0 Jul 6 16:13 memory.stat -r--r--r-- 1 root root 0 Jul 6 16:13 memory.swap.current -r--r--r-- 1 root root 0 Jul 6 16:13 memory.swap.events -rw-r--r-- 1 root root 0 Jul 6 16:13 memory.swap.high -rw-r--r-- 1 root root 0 Jul 6 10:58 memory.swap.max -r--r--r-- 1 root root 0 Jul 6 16:13 pids.current -r--r--r-- 1 root root 0 Jul 6 16:13 pids.events -rw-r--r-- 1 root root 0 Jul 6 10:58 pids.max drwxr-xr-x 8 root root 0 Jul 6 15:22 user-1000.slice drwxr-xr-x 5 root root 0 Jul 6 11:41 user-113.slice
et les processus d'un utilisateur spécifique dans un slice dénommé user-UID.slice :
root@debian11:~# ls -l /sys/fs/cgroup/user.slice/user-1000.slice total 0 -r--r--r-- 1 root root 0 Jul 6 16:14 cgroup.controllers -r--r--r-- 1 root root 0 Jul 6 11:30 cgroup.events -rw-r--r-- 1 root root 0 Jul 6 16:14 cgroup.freeze -rw-r--r-- 1 root root 0 Jul 6 16:14 cgroup.max.depth -rw-r--r-- 1 root root 0 Jul 6 16:14 cgroup.max.descendants -rw-r--r-- 1 root root 0 Jul 6 16:14 cgroup.procs -r--r--r-- 1 root root 0 Jul 6 16:14 cgroup.stat -rw-r--r-- 1 root root 0 Jul 6 15:05 cgroup.subtree_control -rw-r--r-- 1 root root 0 Jul 6 16:14 cgroup.threads -rw-r--r-- 1 root root 0 Jul 6 16:14 cgroup.type -rw-r--r-- 1 root root 0 Jul 6 16:14 cpu.pressure -r--r--r-- 1 root root 0 Jul 6 11:30 cpu.stat -rw-r--r-- 1 root root 0 Jul 6 16:14 io.pressure -r--r--r-- 1 root root 0 Jul 6 16:14 memory.current -r--r--r-- 1 root root 0 Jul 6 16:14 memory.events -r--r--r-- 1 root root 0 Jul 6 16:14 memory.events.local -rw-r--r-- 1 root root 0 Jul 6 11:30 memory.high -rw-r--r-- 1 root root 0 Jul 6 11:30 memory.low -rw-r--r-- 1 root root 0 Jul 6 11:30 memory.max -rw-r--r-- 1 root root 0 Jul 6 11:30 memory.min -r--r--r-- 1 root root 0 Jul 6 16:14 memory.numa_stat -rw-r--r-- 1 root root 0 Jul 6 11:30 memory.oom.group -rw-r--r-- 1 root root 0 Jul 6 16:14 memory.pressure -r--r--r-- 1 root root 0 Jul 6 16:14 memory.stat -r--r--r-- 1 root root 0 Jul 6 16:14 memory.swap.current -r--r--r-- 1 root root 0 Jul 6 16:14 memory.swap.events -rw-r--r-- 1 root root 0 Jul 6 16:14 memory.swap.high -rw-r--r-- 1 root root 0 Jul 6 11:30 memory.swap.max -r--r--r-- 1 root root 0 Jul 6 16:14 pids.current -r--r--r-- 1 root root 0 Jul 6 16:14 pids.events -rw-r--r-- 1 root root 0 Jul 6 11:30 pids.max drwxr-xr-x 2 root root 0 Jul 6 14:56 session-13.scope drwxr-xr-x 2 root root 0 Jul 6 15:22 session-15.scope drwxr-xr-x 2 root root 0 Jul 6 11:30 session-4.scope drwxr-xr-x 2 root root 0 Jul 6 12:12 session-6.scope drwxr-xr-x 4 trainee trainee 0 Jul 6 11:30 user@1000.service drwxr-xr-x 2 root root 0 Jul 6 11:41 user-runtime-dir@1000.service
De ce fait, il est possible d'utiliser systemd pour la mise en place des limitations des ressources en utilisant la commande systemd set-property :
root@debian11:~# systemctl set-property user-1000.slice CPUQuota=40% root@debian11:~# cat /sys/fs/cgroup/user.slice/user-1000.slice/cpu.max 40000 100000
root@debian11:~# systemctl set-property user-1000.slice MemoryMax=1G root@debian11:~# cat /sys/fs/cgroup/user.slice/user-1000.slice/memory.max 1073741824
Important - Notez que l'utilisation de MemoryMax met en place un hard limit. Il est aussi possible de mettre en place un soft limit en utilisant MemoryHigh.
Copyright © 2024 Hugh Norris.