Shell features such as command history are unique to each user and stored in the individual user’s home directories.
As a sysadmin, you can use a few different files to set the system up the way your institution prefers.
Use etc>profile to set system-wide environment variables and startup programs for new user shells.
Use etc>bashrc to establish system-wide functions and aliases for new user shells.
Users can customize their preferred settings as well.
The ~/.bash_profile sets user-specific environment variables for new Bash shells, and ~/.bashrc runs when noninteractive shells are launched.
The user-specific configuration files take precedence over system files
Sysadmin can store files in the etc>skel directory and have those files copy automatically to the home directory of any new user.
for pre-populating configuration files such as .bashrc with suggested settings for users or for distributing documents all users should have access to.
Account Management Commands
The etc>login.defs file to define default account settings, including home directory location, preferred shell, and account expiration values.
contains the user mailbox location, password aging values, the UID and GID ranges, home directory creation, the default umask, and the password encryption hash
Options of the commands below can override the default values
Only authorized users may create, modify, or remove user and group accounts. The root user can do this, as can anyone else delegated such privileges via sudo.
Halt any active processes associated with the user. If the delete attempt fails, check for any running processes belonging to the user.
The ps command can be helpful for identifying processes.
killall command to halt or kill all processes for the user is: sudo killall -u {username}
Be sure to add the -r option to the userdel command if you want the user’s home directory deleted when the account is created.
Troubleshoot User Login Issues
If the account exists, confirm that a password is set.
Display the contents of etc>shadow, and verify a hashed password exists.
Use the passwd command to set a password if one did not exist.
If the account exists and a password is set, the user may have forgotten the correct password.
takes the output of one command and makes it the input of another.
One of the most common uses of pipe is in combination with grep command
Redirectors
Text stream:
a stream of one or more lines of text that applications can read from or write to a particular device or system component.
There are three stream types:
Standard input, or stdin, is a text stream that acts as the source for command input.
e.g. mouse and keyboard
standard output, or stdout, is a text stream that acts as the destination for command output.
By default, standard output from a Linux command is directed to the CLI.
standard error, or stderr, is a text stream that is used as the destination for error messages.
By default, the standard error stream prints error messages at the CLI.
Redirection is the process of accepting input data from a source (other than the keyboard) and sending output data to a destination (other than the display device)
Redirection is commonly used to accept input from files or send output to files using the stdin, stdout, and stderr streams
Redirector ops:
>: redirect stdout to a file
ex: ls > file.txt overrides the file with ls content
>>: append stdout to a file
2>: redirect stderr to a file
2>>: append stderr to a file
&>: redirect both stdout and stderr message to a file
<: read input from a file
<<(string): Provide input data from the current source, stopping when a line containing the provided string occurs. When placed in a script, this is called a here document.
Command modifiers:
Manipulate the commands, not the output.
Background a command &:
Normally, when a command is executed, it consumes the shell until it completes.
./job.sh & executes the line in background
Chain commands
Piping |
process of combining the standard I/O streams of commands
use stdout of 1 command as stdin of another
;
If the semi-colon character is placed between commands, they are run one after another, regardless of whether the previous command completed successfully.
&&
If the logical AND is placed between commands, the following command is only run after the previous command completed successfully. Useful for commands that rely on each other’s success.
||
If the logical OR is placed between commands, the following command is only run if the previous command fails.
!
If the bang is placed in a command expression, it negates the expression. Used as a way of stating “except this.“
if ! [ -f /path/to/file ]; then echo "File does not exist." fi
cut command: extracts the specified lines of text from a file
paste command: used to merge lines from text files horizontally. Each line of an initial file is a row in the first column; using paste, you specify a second file, and every line of the second file becomes a row in a newly created second column.
By default, the paste command uses a tab space delimiter to separate each column. You can use the -d option to specify a different delimiter.
diff command: used to compare text files. The command displays the two files and the differences between them.
the output suggests how you can change one file to make it identical to the other. Each symbol has a special meaning. The less-than symbol (<) with a line after it means that line should be removed from the first file because it doesn’t appear in the second. The greater- than symbol (>) with a line after it means that line should be added from the second file.
awk command: performs pattern matching on files. It is based on the AWK programming language.
The awk keyword is followed by the pattern, the action to be performed, and the file name.
sed command: to modify text files according to various parameters. The sed command can also be used for global search and replace actions.
Good to perform integrity check to ensure backup files have not changed
Use
6. Manage software
Software management
Compiling source code:
There are 2 ways software applications are managed: Red Hat-based and Debian Linux-based
Package management
Compiling software
Software installed are precompiled
Software is compiled at user’s device
not experiemental
more optimized for hardware and kernels as options can be chosen
complicated
Software packages
Package manager: install; maintain; tracker version, location, documentation; remove software and has a database that can report information about packages
Repository: a storage location for software packages
3 location types:
Local repositories: easy installation but version control is hard
Centralized internal repositories: These repositories are stored on one or more systems within the internal LAN and managed by the Linux administrator.
Vendor repositories: These repositories are maintained on the Internet, often by the distribution vendor.
Modern package managers install supporting applications automatically, ensuring that a single installation command provides the user with everything needed to run the program.
Manage RPM software packages and repo
Red Hat Package Managers
Packages for Red Hat–derived distributions use the .rpm file extension
Both RPM and YUM are superseded by Dandified Yum (DNF), which includes all the same functionality as both with additional plugins and features
Sysadmin can control available repositories include:
software version control: avoid beta by default
application installation control
Vendor control
bandwidth control
Admin use config files to inform package managers which repo are allowed and where they can be found in local network or internet
Manage config files for RPM repos
Sysadmins often prefer to maintain an internal repository on a local server that is referenced by all other Linux systems. This provides complete control over software availability and versions.
Sysadmins customize which repositories APT accesses. Repositories are exposed to APT in the etc>apt>sources.list file and in the /etc/apt/sources.list.d/ director
/etc/apt.conf: The file contains settings that are loaded when APT starts and controls installation priorities, proxies, and other settings. Depending on the distribution, the configuration file may be found at etc>apt.conf, etc>apt>apt.conf, or along other paths.
Compile from source code
Commands
3 step process
the system mus be checked and compile instructions must be created
uses a configure script to ensure the necessary dependencies and compilers are available. The configure script creates a makefile containing the instructions for compiling the software.
./configure
source code is compiled to machine language
In most cases, once the makefile is created, simply issuing the make command without arguments will compile the application. The make command automatically looks for the makefile in the current directory.
new software is installed
The make install command installs the program, placing the appropriate files in the appropriate locations (configuration files, log files, and so on). The software is now available and ready to run
Remove compiled software
The makefile includes all directories and files created during the installation process. Examine this file, and remove each file and directory specified in the makefile.
A sandbox is a virtual machine or container that isolates the application from the rest of the system and mediates communication between hardware resources and the program
An althernative is the chroot command, tells an application that a given dir is the highest point in filesystem, its still used today
users can manage software on a system-wide or per-user basis
Repositories called “remotes” store software distributed as flatpaks
App image
AppImage applications are distributed and managed as a single file containing everything needed to run the application. Application developers decide what distributions to support and then ensure that all needed dependencies and libraries are included with the AppImage file. AppImage applications are standalone components, and while they can be installed in the traditional manner, they do not have to be. They can be accessed and run as mounted drives
Traditional Hard Disk Partitioning versus LVM Deployment:
The basic process for adding storage to a system is to install the drive, partition it, add a filesystem, and then mount it.
In addition to traditional partitioning, technologies such as a Logical Volume Manager (LVM) permit the aggregation of storage space from multiple disks, providing flexibility and scalability options.
Most references to the storage media includes a path. All hardware devices are mapped to the /dev directory.
Storage disks are displayed there using the sd* string
sda means storage disk a
sdb3 means third partition of storage disk b
Partition the drive:
Considerations such as MBR vs. GPT must be taken into account, and then you’ll partition the space using fdisk or parted. After creating the partitions, update the system with partprobe and confirm the partitions in the proc>partitions directory.
Partition Design:
If the partition where the root of the filesystem (/) resides fills, the system will crash. To prevent this, directories such as /home and /var (for logs), which are at risk for filling, are placed on separate partitions from /.
Linux use Memory Swap, Linux moves data between memory and the hard drive if the memory is in danger of being fully consumed. A dedicated swap partition is often set aside that is 1.5 times the quantity of the total RAM.
stores Partition information which is recreated each time the system boots or the partprobe command is run.
The dynamic nature of this file means that it reflects changes to the system’s configuration (changes that are detected during system startup or via the partprobe command).
Storage capacity is added to the FHS by a process called mounting. Capacity can be manually attached by using the mount command and detached by using the umount command
To mount the partition, first create a directory. The directory is referred to as a mount point.
create a new directory, and then issue the mount command:
Once the disks are partitioned, create the LVM structure. First, you’ll designate the drives as LVM Physical Volumes (PV), then you’ll aggregate them into a Volume Group (VG), and finally, you’ll allocate Logical Volumes (LV). The Logical Volumes will be configured with filesystems
Deploying lvm:
create PV:
pvcreate /dev/sdb
pvcreate /dev/sbc
pvdisplay
create vg:
vgcreate ubuntu--vg /dev/sdb /dev/sbc
vgdisplay
create lv:
lvcreate --name ubuntu--lv --size 500G ubuntu--vg
lvdisplay
Resize LVM storage:
pvcreate command add more storage to the PV and VG
LV is then extended with the additional capacity
Once space is added to LV, file system must be resized to format and take advantage of the increased capacity (use ext or xfs tool)
The ioping command generates a report of device I/O latency in real time. It will continuously “ping” the specified device with requests and print information about each request at the command line.
The udev device manager provides plug-and-play functionality by generating device files when the system boots for whatever hardware devices it detects.
Note that the device files are not the same thing as the device drivers.
dev>null is a special file is a writeable location that is used as a target for generated data that should be discarded. This data may be error messages that are redirected to /dev/null by using the 2> redirector.
dev>zero file is a way of filling storage capacity.
For example, to create a one MiB file named foo.txt, run the following command:
displays system usage reports based on data collected from system activity. These reports consist of various sections, each of which include the type of data and the time of data collection.
The sleeping state indicates a process awaiting access to resources. The state is a normal consequence of resource sharing. The sleep state has two substates: interruptible and uninterruptible.
Interruptible: The process waits for a specific time slot or event before attempting to enter the running state.
Uninterruptible: The process waits for a specific time-out value before attempting to enter the running state.
Other than creating aliases, these files can tell modprobe to run additional modules with specific options when your chosen module is loaded into the kernel.
This enables the chosen module to leverage another module’s functionality without actually loading it into the kernel.
Files ending in .conf in the etc>modprobe.d> directory can use one of several commands (only inside the file).
alias <alternative_name> <mod_name>: Specify alias for module
blacklist <mod_name>: ignore internal aliases, which occur when modules define their own alias
install <mod_name> <command>: Run the specified command without inserting the module into the kernel
kernel panic can happen for many reasons and at any point during operation, but it is usually experienced during the boot process. Common causes include the following:
The kernel itself is corrupted or otherwise improperly configured.
The systemd program is not executed during boot, leaving the system unusable.
The kernel cannot find or otherwise cannot mount the main root file system.
Malfunctioning or incompatible hardware is loaded into the kernel on boot.
2 Start multi-user mode at CLI without networking.
3 Start multi-user mode at CLI with networking.
4 Unused
5 Start multi-user mode with GUI and networking.
6 Restart the system
The etc>inittab file stores details of various processes related to system initialization on a SysVinit system. It also stores details of the runlevels in use.
The init daemon reads from this file to determine what runlevel to boot into, what daemons to start, and what to do if the runlevel changes.
localization is the process of adapting system components for use within a language or culture other than the one that the system was originally designed for
The usr>share>zoneinfo> directory is a container for all of the regional time zones that you can configure the system to use.
Subdirectories in this container usually organize languages by region; for example, the Africa subdirectory includes time-zone files for specific countries or cities within the continent.
~>.ssh>known_hosts: on client machine, store public keys of remote systems the client has connected to → protect client from man-in-the-middle attack (they dont have same public key)
SSH tunneling: wrap SSH around another TCP-based network connection
SSH port fowarding: tunnel an application thru SSH to secure the transmission
Local fowarding: client listens for connection on a port then tunnel any active connection to a remote server using SSH
example: VNC server traffic over port 5900 will be forwarded to port 22
Remote forwarding: SSH server forwards inbound client traffic to another system on a different port.
Dynamic Port Forwarding: Uses the SSH connection as a SOCKS proxy to forward traffic dynamically. A range of ports is used rather than a single port, as with standard forwarding
scp command purely for transferring files, sftp can transfer files and manage files and directories.
sftp command can list, create, and remove directories on the remote system. The sftp command also supports resuming file transfers, whereas scp does not
Check the firewall rules to ensure that they are not blocking a port that your system needs.
Check whether the default deny-all rule for incoming connections is processed before permit rules.
Consider whether you have confused inbound versus outbound traffic.
Ensure rules exist that match the traffic type.
Check whether you’ve blocked or allowed the incorrect transport layer protocols (TCP, UDP, or both).
Ensure application-layer firewalls are properly configured to manage packets whose contents match a specific application-layer protocol (e.g., HTTP, FTP, SSH).
Be sure you have reloaded the firewall after configuration changes.
Goal: confidentiality, integrity, and non-repudiation
Non-repudiation ensures that a sending party cannot deny the origin of a transaction. The sender encrypted the data in a manner that only the sender is capable of, proving the source.