共计 23402 个字符,预计需要花费 59 分钟才能阅读完成。
第 1 章 大局观
At first glance, a modern operating system such as Linux is very complicated, with a dizzying number of pieces simultaneously running and communicating. For example, a web server can talk to a database server, which could in turn use a shared library that many other programs use. But how does it all work?
乍一看,像 Linux 这样的古代操作系统非常复杂,同时运行和通信的部件数量令人目迷五色。
例如,一个 Web 服务器能够与数据库服务器通信,而后者又能够应用许多其余程序应用的共享库。
然而这所有是如何工作的呢?
The most effective way to understand how an operating system works is through abstraction—a fancy way of saying that you can ignore most of the details. For example, when you ride in a car, you normally don’t need to think about details such as the mounting bolts that hold the motor inside the car or the people who build and maintain the road upon which the car drives. If you’re a passenger in a car, all you really need to know is what the car does (transports you somewhere else) and a few basics about how to use it (how to operate the door and seat belt). But if you’re driving a car, you need to know more. You need to learn how to operate the controls (such as the steering wheel and accelerator pedal) and what to do when something goes wrong.
“ 理解操作系统工作原理最无效的办法是通过形象 ” 这是一种十分常见的说法,即您能够疏忽大部分细节。
例如,当您乘坐汽车时,通常不须要思考固定发动机在汽车外部的螺栓或建造和保护汽车行驶的路线的人员等细节。
如果您是汽车的乘客,您真正须要晓得的只是汽车的性能(将您运送到其余中央)以及如何应用它的一些基本知识(如如何操作车门和安全带)。
But if you’re driving a car, you need to know more. You need to learn how to operate the controls (such as the steering wheel and accelerator pedal) and what to do when something goes wrong.
然而如果您驾驶汽车,您须要理解更多。
您须要学习如何操作各种管制安装(如方向盘和油门踏板)以及在产生故障时应该怎么做。
For example, let’s say that the car ride is rough. Now you can break up the abstraction of“a car that rolls on a road”into three parts: a car, a road, and the way that you’re driving. This helps isolate the problem: If the road is bumpy, you don’t blame the car or the way that you’re driving it. Instead, you may want to find out why the road has deteriorated or, if the road is new, why the construction workers did a lousy job.
例如,假如汽车行驶起来很平稳。当初,您能够将“一辆在路线上行驶的汽车”的形象分为三个局部:汽车、路线和您的驾驶形式。
这有助于隔离问题:如果路线崎岖不平,您不会嗔怪汽车或您的驾驶形式。
相同,您可能想要找出路线好转的起因,或者如果路线是新的,为什么施工工人做得不好。
Software developers use abstraction as a tool when building an operating system and its applications. There are many terms for an abstracted subdivision in computer software, including subsystem, module, and package—but we’ll use the term component in This chapter because it’s simple. When building a software component, developers typically don’t think much about the internal structure of other components, but they do care about what other components they can use and how to use them.
软件开发人员在构建操作系统及其应用程序时应用形象作为一种工具。
计算机软件中有许多术语用于示意形象的细分,包含子系统、模块和包,但在本章中咱们将应用组件这个简略的术语。
在构建软件组件时,开发人员通常不会过多思考其余组件的内部结构,但他们的确关怀能够应用哪些其余组件以及如何应用它们。
This chapter provides a high-level overview of the components that make up a Linux system. Although each one has a tremendous number of technical details in its internal makeup, we’re going to ignore these details and concentrate on what the components do in relation to the whole system.
本章概述了形成 Linux 零碎的组件。
只管每个组件在其外部结构中有大量的技术细节,但咱们将疏忽这些细节,集中关注组件在整个零碎中的作用。
1.1 Levels and Layers of Abstraction in a Linux System(Linux 零碎中的形象层级)
Using abstraction to split computing systems into components makes things easier to understand, but it doesn’t work without organization. We arrange components into layers or levels. A layer or level is a classification (or grouping) of a component according to where that component sits between the user and the hardware. Web browsers, games, and such sit at the top layer; at the bottom layer we have the memory in the computer hardware—the 0s and 1s. The operating system occupies most of the layers in between
应用形象办法将计算零碎拆分为多个组件,能够让事件更容易了解,但如果没有组织,就无奈发挥作用。
咱们将组件划分为不同的层或级。
层或级是依据组件在用户和硬件之间的地位对组件进行的分类(或分组)。
网络浏览器、游戏等位于顶层;底层是计算机硬件中的内存 –0 和 1。
操作系统占据了两头的大部分层
A Linux system has three main levels. Figure 1-1 shows these levels and some of the components inside each level. The hardware is at the base. Hardware includes the memory as well as one or more central processing units (CPUs) to perform computation and to read from and write to memory. Devices such as disks and network interfaces are also part of the hardware.
Linux 零碎有三个次要级别。
图 1-1 显示了这些档次以及每个档次中的一些组件。
硬件是根底。
硬件包含内存以及一个或多个用于执行计算和读写内存的中央处理器(CPU)。
磁盘和网络接口等设施也是硬件的一部分。
The next level up is the kernel, which is the core of the operating system. The kernel is software residing in memory that tells the CPU what to do. The kernel manages the hardware and acts primarily as an interface between the hardware and any running program
下一级是 内核,它是操作系统的外围。
内核是驻留在内存中的软件,它通知中央处理器该做什么。
内核治理硬件,次要充当硬件与任何运行程序之间的接口
Processes—the running programs that the kernel manages—collectively make up the system’s upper level, called user space. (A more specific term for process is user process, regardless of whether a user directly interacts with the process. For example, all web servers run as user processes.)
过程– 内核治理的运行程序 – 独特形成了零碎的下层,称为用户空间。
(过程的一个更具体的术语是用户过程,与用户是否间接与过程交互无关。
例如,所有网络服务器都作为用户过程运行)。
There is a critical difference between the ways that the kernel and user processes run: The kernel runs in kernel mode, and the user processes run in user mode. Code running in kernel mode has unrestricted access to the processor and main memory. This is a powerful but dangerous privilege that allows a kernel process to easily crash the entire system. The area that only the kernel can access is called kernel space
内核和用户过程运行的形式之间存在着要害的区别:内核在内核模式下运行,而用户过程在用户模式下运行。
在内核模式下运行的代码能够无限度地拜访处理器和主内存。
这是一种弱小但危险的特权,容许内核过程轻易地使整个零碎解体。
只有内核能够拜访的区域称为内核空间。
User mode, in comparison, restricts access to a (usually quite small) subset of memory and safe CPU operations. User space refers to the parts of main memory that the user processes can access. If a process makes a mistake and crashes, the consequences are limited and can be cleaned up by the kernel. This means that if your web browser crashes, it probably won’t take down the scientific computation that you’ve been running in the background for days
相比之下,用户模式限度了对内存和平安 CPU 操作的拜访(通常是一个相当小的子集)。
用户空间指的是用户过程能够拜访的主内存的局部。
如果一个过程呈现谬误并解体,结果是无限的,并且能够由内核清理。
这意味着如果你的网络浏览器解体了,它可能不会影响你在后盾运行了几天的科学计算。
In theory, a user process gone haywire can’t cause serious damage to the rest of the system. In reality, it depends on what you consider“serious damage,”as well as the particular privileges of the process, because some processes are allowed to do more than others. For example, can a user process completely wreck the data on a disk? With the correct permissions, yes—and you may consider this to be fairly dangerous. There are safeguards to prevent this, however, and most processes simply aren’t allowed to wreak havoc in this manner.
从实践上讲,一个失控的用户过程不能对系统的其余部分造成重大的毁坏。
但实际上,这取决于你对“严重破坏”的定义,以及过程的特权,因为有些过程被容许做更多的事件。
例如,一个用户过程是否齐全毁坏磁盘上的数据?在正确的权限下,是的,你可能认为这相当危险。
然而,有防护措施来避免这种状况产生,大多数过程并不被容许以这种形式制作凌乱。
1.2 Hardware: Understanding Main Memory(硬件:理解主存储器)
Of all of the hardware on a computer system, main memory is perhaps the most important. In its most raw form, main memory is just a big storage area for a bunch of 0s and 1s. Each 0 or 1 is called a bit. This is where the running kernel and processes reside—they’re just big collections of bits. All input and output from peripheral devices flows through main memory, also as a bunch of bits. A CPU is just an operator on memory; it reads its instructions and data from the memory and writes data back out to the memory
在计算机系统的所有硬件中,主存储器可能是最重要的局部。
以最原始的模式来看,主存储器只是一个用于存储一串 0 和 1 的大容器。
每个 0 或 1 被称为一个比特。
运行的内核和过程都驻留在这里,它们只是一堆比特的汇合。
所有来自外围设备的输出和输入也都以一串比特的模式通过主存储器流动。
CPU 只是内存上的操作员;它从内存中读取指令和数据,并将数据写回内存。
You’ll often hear the term state in reference to memory, processes, the kernel, and other parts of a computer system. Strictly speaking, a state is a particular arrangement of bits. For example, if you have four bits in your memory, 0110, 0001, and 1011 represent three different states.
在波及到内存、过程、内核和计算机系统的其余局部时,你常常会听到“状态”这个术语。
严格来说,状态是比特的一种特定排列。例如,如果你的内存中有四个比特,0110、0001 和 1011 代表了三种不同的状态。
When you consider that a single process can easily consist of millions of bits in memory, it’s often easier to use abstract terms when talking about states. Instead of describing a state using bits, you describe what something has done or is doing at the moment. For example, you might say“the process is waiting for input”or“the process is performing Stage 2 of its startup.”
思考到一个独自的过程在内存中很容易蕴含数百万个比特,当议论状态时,应用形象的术语往往更容易。
与其应用比特来形容状态,不如形容某个事物在某一时刻所做的或正在做的事件。
例如,你能够说“该过程正在期待输出”或“该过程正在执行其启动的第二阶段”。
NOTE Because it’s common to refer to the state in abstract terms rather than to the actual bits, the term image refers to a particular physical arrangement of bits.
留神,因为通常用形象的术语而不是理论的位来援用状态,所以术语“镜像”指的是位的特定物理排列。
1.3 The Kernel(内核)
Why are we talking about main memory and states? Nearly everything that the kernel does revolves around main memory. One of the kernel’s tasks is to split memory into many subdivisions, and it must maintain certain state information about those subdivisions at all times. Each process gets its own share of memory, and the kernel must ensure that each process keeps to its share.
为什么咱们要议论主存和状态呢?简直内核所做的所有都围绕着主存开展。
内核的工作之一就是将内存宰割成许多子区域,并且必须始终保护无关这些子区域的某些状态信息。
每个过程都有本人的内存份额,内核必须确保每个过程都恪守本人的份额。
The kernel is in charge of managing tasks in four general system areas:
内核负责管理四大零碎畛域的工作:
o Processes. The kernel is responsible for determining which processes are allowed to use the CPU.
o Memory. The kernel needs to keep track of all memory—what is currently allocated to a particular process,
what might be shared between processes, and what is free.
o Device drivers. The kernel acts as an interface between hardware (such as a disk) and processes. It’s
usually the kernel’s job to operate the hardware.
o System calls and support. Processes normally use system calls to communicate with the kernel.
We’ll now briefly explore each of these areas.
- 过程:内核负责确定哪些过程被容许应用 CPU。
- 内存:内核须要跟踪所有的内存,包含以后调配给特定过程的内存、可能在过程之间共享的内存以及闲暇的内存。
- 设施驱动程序:内核充当硬件(如磁盘)和过程之间的接口。通常,内核负责操作硬件。
- 零碎调用和反对:过程通常应用零碎调用与内核进行通信。
We’ll now briefly explore each of these areas.
上面咱们简要探讨一下这些畛域。
NOTE If you’re interested in the detailed workings of a kernel, two good textbooks are Operating System Concepts, 9th edition, by Abraham Silberschatz, Peter B. Galvin, and Greg Gagne (Wiley, 2012) and Modern Operating Systems, 4th edition, by Andrew S. Tanenbaum and Herbert Bos (Prentice Hall, 2014)
留神:如果你对内核的具体工作原理感兴趣,能够参考以下两本好书:
《操作系统概念》(第 9 版),作者:Abraham Silberschatz、Peter B. Galvin 和 Greg Gagne(Wiley,2012)和
《古代操作系统》(第 4 版),作者:Andrew S. Tanenbaum 和 Herbert Bos(Prentice Hall,2014)。
1.3.1 Process Management(流程治理)
Process management describes the starting, pausing, resuming, and terminating of processes. The concepts behind starting and terminating processes are fairly straightforward, but describing how a process uses the CPU in its normal course of operation is a bit more complex.
过程治理形容了过程的启动、暂停、复原和终止。
启动和终止过程的概念绝对简略,但形容过程在失常运行过程中如何应用 CPU 则更为简单。
On any modern operating system, many processes run“simultaneously.”For example, you might have a web browser and a spreadsheet open on a desktop computer at the same time. However, things are not as they appear: The processes behind these applications typically do not run at exactly the same time.
在任何古代操作系统上,许多过程“同时”运行。
例如,你可能同时在桌面电脑上关上一个网页浏览器和一个电子表格。
然而,事实并非如此:这些应用程序背地的过程通常并不齐全同时运行。
Consider a system with a one-core CPU. Many processes may be able to use the CPU, but only one process may actually use the CPU at any given time. In practice, each process uses the CPU for a small fraction of a second, then pauses; then another process uses the CPU for another small fraction of a second; then another process takes a turn, and so on. The act of one process giving up control of the CPU to another process is called a context switch.
思考一个单核 CPU 的零碎。
许多过程可能可能应用 CPU,但在任何给定工夫只有一个过程实际上在应用 CPU。
实际上,每个过程会应用 CPU 一小部分工夫,而后暂停;
而后另一个过程应用 CPU 一小部分工夫;
而后又轮到另一个过程,依此类推。
一个过程将 CPU 的控制权交给另一个过程的行为被称为上下文切换。
Each piece of time—called a time slice—gives a process enough time for significant computation (and indeed, a process often finishes its current task during a single slice). However, because the slices are so small, humans can’t perceive them, and the system appears to be running multiple processes at the same time (a capability known as multitasking).
每个工夫片段(称为工夫片)给予一个过程足够的工夫进行重要的计算(实际上,一个过程通常会在一个工夫片内实现当前任务)。
然而,因为工夫片十分短,人类无奈感知它们,并且零碎看起来像是同时运行多个过程(这种能力被称为多任务处理)。
The kernel is responsible for context switching. To understand how this works, let’s think about a situation in which a process is running in user mode but its time slice is up.
内核负责上下文切换。
为了了解这是如何工作的,让咱们思考一种状况:一个过程在用户模式下运行,但它的工夫片曾经用完。
Here’s what happens:
上面是产生的状况:
- The CPU (the actual hardware) interrupts the current process based on an internal timer, switches into
kernel mode, and hands control back to the kernel. - The kernel records the current state of the CPU and memory, which will be essential to resuming the process that was just interrupted.
- The kernel performs any tasks that might have come up during the preceding time slice (such as collecting data from input and output, or I/O, operations).
- The kernel is now ready to let another process run. The kernel analyzes the list of processes that are ready to run and chooses one.
- The kernel prepares the memory for this new process, and then prepares the CPU.
- The kernel tells the CPU how long the time slice for the new process will last.
- The kernel switches the CPU into user mode and hands control of the CPU to the process.
- CPU(理论的硬件)依据外部计时器中断以后过程,切换到内核模式,并将控制权交还给内核。
- 内核记录 CPU 和内存的以后状态,这对于复原刚刚被中断的过程是必要的。
- 内核执行在前一个工夫片段中可能呈现的任何工作(例如从输入输出(I/O)操作中收集数据)。
- 当初内核筹备让另一个过程运行。内核剖析筹备好运行的过程列表并抉择一个过程。
- 内核为这个新过程筹备内存,而后筹备 CPU。
- 内核通知 CPU 新过程的工夫片继续多长时间。
- 内核将 CPU 切换到用户模式,并将 CPU 的控制权交给过程。
The context switch answers the important question of when the kernel runs. The answer is that it runs between process time slices during a context switch.
上下文切换答复了内核何时运行的重要问题。
答案是在上下文切换期间,在过程工夫片之间运行。
In the case of a multi-CPU system, things become slightly more complicated because the kernel doesn’t need to relinquish control of its current CPU in order to allow a process to run on a different CPU. However, to maximize the usage of all available CPUs, the kernel typically does so anyway (and may use certain tricks to grab a little more CPU time for itself).
在多 CPU 零碎的状况下,状况变得略微简单,因为内核不须要放弃对以后 CPU 的控制权以便让一个过程在另一个 CPU 上运行。然而,为了最大限度地利用所有可用的 CPU,内核通常会这样做(并可能应用某些技巧来获取更多的 CPU 工夫)。
1.3.2 Memory Management(内存治理)
Because the kernel must manage memory during a context switch, it has a complex job of memory management. The kernel’s job is complicated because the following conditions must hold:
因为内核在上下文切换期间必须治理内存,所以它的内存管理工作变得复杂。内核的工作简单是因为必须满足以下条件:
o The kernel must have its own private area in memory that user processes can’t access.
o Each user process needs its own section of memory.
o One user process may not access the private memory of another process.
o User processes can share memory.
o Some memory in user processes can be read-only.
o The system can use more memory than is physically present by using disk space as auxiliary.
o 内核必须在内存中领有本人的公有区域,用户过程无法访问。
o 每个用户过程须要本人的内存区域。
o 一个用户过程不能拜访另一个过程的公有内存。
o 用户过程能够共享内存。
o 用户过程的某些内存能够是只读的。
o 零碎能够通过应用磁盘空间作为辅助内存来应用超过物理内存的内存。
Fortunately for the kernel, there is help. Modern CPUs include a memory management unit (MMU) that enables a memory access scheme called virtual memory. When using virtual memory, a process does not directly access the memory by its physical location in the hardware. Instead, the kernel sets up each process to act as if it had an entire machine to itself. When the process accesses some of its memory, the MMU intercepts the access and uses a memory address map to translate the memory location from the process into an actual physical memory location on the machine. The kernel must still initialize and continuously maintain and alter this memory address map. For example, during a context switch, the kernel has to change the map from the outgoing process to the incoming process.
侥幸的是,对于内核来说,有帮忙可寻。
古代的 CPU 包含一个内存治理单元(MMU),它能够实现一种称为虚拟内存的内存拜访计划。
在应用虚拟内存时,过程不会间接通过硬件中的物理地位来拜访内存。
相同,内核会为每个过程设置一个好像领有整个机器的环境。
当过程拜访其某些内存时,MMU 会拦挡拜访,并应用内存地址映射将过程的内存地位转换为理论的物理内存地位。
内核依然必须初始化、继续保护和批改这个内存地址映射。
例如,在上下文切换期间,内核必须将映射从正在执行的过程切换到行将执行的过程。
NOTE The implementation of a memory address map is called a page table.
留神 内存地址映射的实现称为页表。
你将在第 8 章中理解更多对于如何查看内存性能的内容。
1.3.3 Device Drivers and Management(设施驱动程序和治理)
The kernel’s role with devices is pretty simple. A device is typically accessible only in kernel mode because improper access (such as a user process asking to turn off the power) could crash the machine. Another problem is that different devices rarely have the same programming interface, even if the devices do the same thing, such as two different network cards. Therefore, device drivers have traditionally been part of the kernel, and they strive to present a uniform interface to user processes in order to simplify the software developer’s job.
内核在设施方面的作用非常简单。设施通常只能在内核模式下拜访,因为不正确的拜访(例如用户过程申请关闭电源)可能会导致系统解体。
另一个问题是,即便设施执行雷同的性能(例如两个不同的网络卡),它们的编程接口通常也不雷同。
因而,设施驱动程序始终是内核的一部分,并且它们致力于向用户过程提供对立的接口,以简化软件开发人员的工作。
1.3.4 System Calls and Support(零碎调用和反对)
There are several other kinds of kernel features available to user processes. For example, system calls (or syscalls) perform specific tasks that a user process alone cannot do well or at all. For example, the acts of opening, reading, and writing files all involve system calls.
用户过程能够应用几种其余类型的内核性能。例如,零碎调用(或 syscalls)执行用户过程无奈很好或根本无法执行的特定工作。例如,关上、读取和写入文件都波及零碎调用。
Two system calls, fork() and exec(), are important to understanding how processes start up:
理解过程启动的重要内容是两个零碎调用:fork()和 exec():
o fork() When a process calls fork(), the kernel creates a nearly identical copy of the process.
o exec() When a process calls exec(program), the kernel starts program, replacing the current
process.
- fork() 当一个过程调用 fork()时,内核会创立一个简直完全相同的过程正本。
- exec() 当一个过程调用 exec(program)时,内核会启动 program,并替换以后过程。
Other than init (see Chapter 6), all user processes on a Linux system start as a result of fork(), and most of the time, you also run exec() to start a new program instead of running a copy of an existing process. A very simple example is any program that you run at the command line, such as the ls command to show the contents of a directory. When you enter ls into a terminal window, the shell that’s running inside the terminal window calls fork() to create a copy of the shell, and then the new copy of the shell calls exec(ls) to run ls. Figure 1-2 shows the flow of processes and system calls for starting a program like ls.
除了 init(参见第 6 章)之外,Linux 零碎上的所有用户过程都是通过 fork()启动的,大部分工夫,您也会应用 exec()来启动一个新程序,而不是运行现有过程的正本。
一个非常简单的例子是在命令行中运行的任何程序,比方 ls 命令来显示目录的内容。
当您在终端窗口中输出 ls 时,终端窗口内运行的 shell 会调用 fork()来创立一个 shell 的正本,而后新的 shell 正本会调用 exec(ls)来运行 ls。
图 1 - 2 显示了启动相似 ls 的程序的过程和零碎调用的流程。
Figure 1-2. Starting a new process
NOTE System calls are normally denoted with parentheses. In the example shown in Figure 1-2, the process asking the kernel to create another process must perform a fork() system call. This notation derives from the way the call would be written in the C programming language. You don’t need to know C to understand this book; just remember that a system call is an interaction between a process and the kernel. In addition, this book simplifies certain groups of system calls. For example, exec() refers to an entire family of system calls that all perform a similar task but differ in programming.
零碎调用通常用括号示意。
图 1 -2(上图)所示的例子中,要求内核创立另一个过程的过程必须执行 fork()零碎调用。
这种表示法源于 C 编程语言中的写法。你不须要理解 C 语言就能了解本书;只需记住零碎调用是过程和内核之间的交互。
此外,本书简化了某些零碎调用的组合。例如,exec()指的是一整组执行相似工作但编程不同的零碎调用。
The kernel also supports user processes with features other than traditional system calls, the most common of which are pseudodevices. Pseudo-devices look like devices to user processes, but they’re implemented purely in software. As such, they don’t technically need to be in the kernel, but they are usually there for practical reasons. For example, the kernel random number generator device (/dev/random) would be difficult to implement securely with a user process.
内核还通过除传统零碎调用之外的性能来反对用户过程,其中最常见的是伪设施。
伪设施在用户过程看起来像设施,但它们纯正是通过软件实现的。
因而,它们在技术上不肯定须要在内核中,但通常出于理论起因而存在。
例如,内核的随机数生成器设施(/dev/random)在用户过程中要实现安全性较艰难。
NOTE Technically, a user process that accesses a pseudodevice still has to use a system call to open the device, so processes can’t entirely avoid system calls.
留神
从技术上讲,拜访伪设施的用户过程依然须要应用零碎调用来关上设施,因而过程无奈完全避免零碎调用。
1.4 User Space(用户空间)
As mentioned earlier, the main memory that the kernel allocates for user processes is called user space. Because a process is simply a state (or image) in memory, user space also refers to the memory for the entire collection of running processes. (You may also hear the more informal term userland used for user space.)
正如之前提到的,内核为用户过程调配的主存被称为用户空间。
因为过程只是内存中的一个状态(或图像),用户空间也指的是整个运行过程的内存。
(你也可能听到更非正式的术语“用户空间”用于指代用户空间。)
Most of the real action on a Linux system happens in user space. Although all processes are essentially equal from the kernel’s point of view, they perform different tasks for users. There is a rudimentary service level (or layer) structure to the kinds of system components that user processes represent. Figure 1-3 shows how an example set of components fit together and interact on a Linux system. Basic services are at the bottom level (closest to the kernel), utility services are in the middle, and applications that users touch are at the top. Figure 1-3 is a greatly simplified diagram because only six components are shown, but you can see that the components at the top are closest to the user (the user interface and web browser); the components in the middle level has a mail server that the web browser uses; and there are several smaller components at the bottom.
Linux 零碎上的大部分真正流动都产生在用户空间。
尽管从内核的角度来看,所有过程基本上是平等的,但它们为用户执行不同的工作。
用户过程所代表的零碎组件具备一种根本的服务级别(或档次)构造。
图 1 - 3 展现了一个示例组件集如何在 Linux 零碎上配合并相互作用。根本服务位于底层(最靠近内核),实用服务位于两头,用户接触的应用程序位于顶层。
图 1 - 3 是一个大大简化的图表,因为只显示了六个组件,但你能够看到顶部的组件最靠近用户(用户界面和网页浏览器);
中间层有一个邮件服务器供网页浏览器应用;
底部还有几个较小的组件。
Figure 1-3. Process types and interactions
The bottom level tends to consist of small components that perform single, uncomplicated tasks. The middle level has larger components such as mail, print, and database services. Finally, components at the top level perform complicated tasks that the user often controls directly. Components also use other components. Generally, if one component wants to use another, the second component is either at the same service level or below.
底层通常由执行繁多、简略工作的小组件组成。
中层有较大的组件,如邮件、打印和数据库服务。
最初,顶层组件执行简单的工作,用户通常间接管制。组件还会应用其余组件。
通常,如果一个组件想要应用另一个组件,第二个组件要么在雷同的服务级别,要么在上面。
However, Figure 1-3 is only an approximation of the arrangement of user space. In reality, there are no rules in user space. For example, most applications and services write diagnostic messages known as logs. Most programs use the standard syslog service to write log messages, but some prefer to do all of the logging themselves.
然而,图 1 - 3 只是用户空间排列的近似示意。
实际上,用户空间没有规定。例如,大多数应用程序和服务会写入被称为日志的诊断信息。
大多数程序应用规范的 syslog 服务来写入日志音讯,但有些程序更喜爱本人实现所有的日志记录。
In addition, it’s difficult to categorize some user-space components. Server components such as web and database servers can be considered very high-level applications because their tasks are often complicated, so you might place these at the top level in Figure 1-3. However, user applications may depend on these servers to perform tasks that they’d rather not do themselves, so you could also make a case for placing them at the middle level.
此外,对于一些用户空间组件很难进行分类。
像 Web 和数据库服务器这样的服务器组件能够被认为是十分高级的应用程序,因为它们的工作通常很简单,所以你能够将它们放在图 1 - 3 的顶层。
然而,用户应用程序可能依赖这些服务器来执行他们不违心本人实现的工作,所以你也能够将它们放在中层。
1.5 Users(用户)
The Linux kernel supports the traditional concept of a Unix user. A user is an entity that can run processes and own files. A user is associated with a username. For example, a system could have a user named billyjoe. However, the kernel does not manage the usernames; instead, it identifies users by simple numeric identifiers called userids. (You’ll learn more about how the usernames correspond to userids in Chapter 7.)
Linux 内核反对传统的 Unix 用户概念。
用户是能够运行过程和领有文件的实体。用户与用户名相关联。
例如,零碎能够有一个名为 billyjoe 的用户。
然而,内核不治理用户名,而是通过简略的数值标识符(称为用户 ID)来辨认用户。
(对于用户名如何对应用户 ID 的更多信息将在第 7 章中介绍。)
Users exist primarily to support permissions and boundaries. Every user-space process has a user owner, and processes are said to run as the owner. A user may terminate or modify the behavior of its own processes (within certain limits), but it cannot interfere with other users’processes. In addition, users may own files and choose whether they share them with other users.
用户次要存在于反对权限和边界方面。
每个用户空间过程都有一个用户所有者,并且过程被称为以所有者身份运行。
用户能够终止或批改本人的过程的行为(在肯定限度内),但不能烦扰其余用户的过程。
此外,用户能够领有文件,并抉择是否与其余用户共享这些文件。
A Linux system normally has a number of users in addition to the ones that correspond to the real human beings who use the system. You’ll read about these in more detail in Chapter 3, but the most important user to know about is root. The root user is an exception to the preceding rules because root may terminate and alter another user’s processes and read any file on the local system. For this reason, root is known as the superuser. A person who can operate as root is said to have root access and is an administrator on a traditional Unix system.
Linux 零碎通常除了与真正应用零碎的人绝对应的用户之外,还有一些其余用户。
您将在第 3 章中具体理解这些用户,但最重要的用户是 root。
root 用户是前述规定的例外,因为 root 能够终止和批改其余用户的过程,并读取本地零碎上的任何文件。
因而,root 被称为超级用户。
可能以 root 身份操作的人被称为具备 root 拜访权限,并且是传统 Unix 零碎上的管理员。
NOTE Operating as root can be dangerous. It can be difficult to identify and correct mistakes because the system will let you do anything, even if what you’re doing is harmful to the system. For this reason, system designers constantly try to make root access as unnecessary as possible, for example, by not requiring root access to switch between wireless networks on a notebook. In addition, as powerful as the root user is, it still runs in the operating system’s user mode, not kernel mode.
留神
以 root 身份操作可能是危险的。
因为零碎容许您执行任何操作,即便这些操作对系统无害,因而很难辨认和纠正错误。
因而,零碎设计师一直尝试使 root 拜访尽可能不必要,例如,不要求在笔记本上切换无线网络时须要 root 拜访权限。
此外,只管 root 用户十分弱小,但它仍在操作系统的用户模式下运行,而不是内核模式。
Groups are sets of users. The primary purpose of groups is to allow a user to share file access to other users in a group.
组是一组用户。
组的次要目标是容许用户与组中的其余用户共享文件拜访权限。
1.6 Looking Forward(展望未来)
So far, you’ve seen what makes up a running Linux system. User processes make up the environment that you directly interact with; the kernel manages processes and hardware. Both the kernel and processes reside in memory.
This is great background information, but you can’t learn the details of a Linux system by reading about it alone; you need to get your hands dirty. The next chapter starts your journey by teaching you some user-space basics. Along the way, you’ll learn about a major part of the Linux system that this chapter doesn’t discuss— long-term storage (disks, files, etc.). After all, you need to store your programs and data somewhere.
到目前为止,您曾经理解了形成一个运行的 Linux 零碎的因素。
用户过程形成了您间接与之交互的环境;内核治理过程和硬件。内核和过程都驻留在内存中。
这是很好的背景信息,但单靠浏览无奈理解 Linux 零碎的细节;您须要亲自动手。
下一章将从传授一些用户空间基础知识开始您的学习之旅。
在此过程中,您将理解到本章未探讨的 Linux 零碎的一个重要局部 - 长期存储(磁盘、文件等)。
毕竟,您须要将程序和数据存储在某个中央。
