Linux Lpic Guide

8/18/2019 Linux Lpic Guide

1/128

Linux Professional Institute

Linux & LPIC

Quick Reference Guide

3rd ed. 2015-07


2/128

Foreword

This guide stems from the notes I have been taking while working with Linux and preparing the LPIC-1 and LPIC-2certifications !s such" it includes #uite a good amount of topics for these exams" with some sub$ects handled in more details

than others I started writing this guide in 2%1& and it is m' aim to update and integrate it periodicall'

This document is an independent publication and is not affiliated with" authori(ed b'" sponsored b'" or otherwise approved b'the Linux Professional Institute )ou can freel' use and share this guide or the individual pages" both in electronic or inprinted form" provided that 'ou distribute it unmodified and not-for-profit Please feel free to contact me for an' error"

inaccurac'" or unclear point so I can correct it in future editions

*app' Linux hacking"

+aniele ,affo

Sue!"ed re#din!

● !dam *aeder et al" LPI Linux Certification in a Nutshell " .,eill'

● /vi 0emeth et al" UNIX and Linux System Administration Handbook " .,eill'

● *einrich l3pping et al" The LPIC! "xam Pre#" http://lpic2.unix.nl/

● 4endel Cooper" Ad$anced %ashScri#tin& 'uide" http://tldp.org/LDP/abs/html/

● Colin 5arschel" Unix Toolbox " http://cb.vu/unixtoolbox.xhtml

● http://www.gnu.org/manual/● http://www.commandlinefu.com/

● Linux man pages

IndexL641L64 commands27'stem boot&7's6 startup se#uence8,unlevels97's6 vs 7'stemd init scripts:

;etc;inittab<=iles'stem hierarch'>Partitions?

=iles'stem t'pes1%7wap11

;etc;fstab12=iles'stem operations1&=iles'stem maintenance18@=7" ,eiser=7" C+-,4 fs19!uto=71:,!I+1<5ootloader1>A,B5 configuration1?

A,B5 commands2%Package managers21Package management tools22

5ackup2&Command line28Text filters29=ile management2:I; streams2<Processes2>7ignals2?

vmstat&%,esource monitoring&1,egexs&2=ile permissions&&=ile attributes&8Links&9=ind s'stem files&:7hell environment&<

7cripting&>=low control&?

Text processors8%6i81

6i options82

7L8&7L 7/L/CTs887L DI0s894'7L8:4'7L status8<4'7L tools8>@ indow8?@ indow tools9%@11 ke'sim codes91

Bser accounts92Bser management9&BI+ and AI+98Privilege escalation99Terminals9:cron9<at9>Locali(ation9?7'stem time:%7'slog:1

/-mail:274TP:&7endmail and /xim:8

Postfix:9Postfix configuration::Procmail:<Courier PP configuration:>Courier I4!P configuration:?+ovecot login

;proc files'stem??7'stem recover'1%%+071%1+07 configuration1%2+07 (one file1%&

!pache1%8!pache configuration1%9!pache virtual hosts1%:

!pache director' protection1%<!pache 77L;TL7 configuration1%>pen77L1%?C!pl11%7amba1117amba configuration1127amba shares11&

7amba macros1180=7119

;etc;exports11:+*CP11<P!411>L+!P11?penL+!P12%7/Linux121

*T4L components122*T4L text12&

*T4L images128*T4L tables and lists129


3/128

1$12% L'

L()

Logical 6olume 4anagement EL64F introduces an abstraction between ph'sical and logical storage that permits a moreversatile use of files'stems L64 uses the Linux device mapper feature E/dev/mapperF

+isks" partitions" and ,!I+ devices are made of Ph'sical 6olumes" which are grouped into a 6olume Aroup! 6olume Aroup is divided into small fixed-si(e chunks called Ph'sical /xtents

Ph'sical /xtents are mapped one-to-one to Logical /xtentsLogical /xtents are grouped into Logical 6olumes" on which files'stems are created

(ow "o cre#"e # Loic#) o)u*e

1 pvcreate /dev/hda2 /dev/hdb5 Initiali(e the Ph'sical 6olumes to be used with L64+evices must be of partition t'pe %x>/ ELinux L64F

2 vgcreate -s ! m"vg# /dev/hda2 /dev/hdb5 Create a 6olume Aroup and define the si(e of Ph'sical/xtents to > 4b Edefault value is 8 4bF

or vgextend m"vg# /dev/hda2 or add the Ph'sical 6olume to an existing 6olumeAroup

& lvcreate -L $#2%! -n m"data m"vg# Create a Logical 6olume

8 m&fs -t ext' /dev/m"vg#/m"data Create a files'stem on the Logical 6olume9 mount /dev/m"vg#/m"data /m"data The Logical 6olume is now mounted and used

(ow "o incre#!e "+e !i,e of # Loic#) o)u*e on) if "+e under)in fi)e!!"e* /er*i"! i"

1 vgextend m"vg# /dev/hdc /xtend the 6olume Aroup using the space in hdc

2 lvextend -L 2#%! /dev/m"vg#/m"data/xtend the Logical 6olume

or lvresi(e -L)2#%! /dev/m"vg#/m"data

& resi(e2fs /dev/m"vg#/m"data /xtend the files'stem

(ow "o reduce "+e !i,e of # Loic#) o)u*e on) if "+e under)in fi)e!!"e* /er*i"! i"

1 resi(e2fs /dev/m"vg#/m"data *##! 7hrink the files'stem

2 lvreduce -L *##! /dev/m"vg#/m"data7hrink the Logical 6olume

or lvresi(e -L-*##! /dev/m"vg#/m"data

(ow "o !n#/!+o" #nd #cku/ # Loic#) o)u*e

1 lvcreate -s -L $#2%! -n snapshot# /dev/m"vg#/m"data Create the snapshot $ust like another Logical 6olume

2 tar cv(f snapshot#.tar.g( snapshot# 5ackup the snapshot with an' backup tool

& lvremove /dev/mvvg#/snapshot# +elete the snapshot

Linux & LPIC Quick Reference Guide 3rd ed. 2015-07 #nie)e R#ffo www.cr#n!.or$4r#ffo


4/128

2$12% L' co**#nd!

LVM commands

pvs ,eport information about Ph'sical 6olumes

pvc& Check Ph'sical 6olume metadata

pvdispla" +ispla' Ph'sical 6olume attributes

pvscan 7can all disks for Ph'sical 6olumespvremove ,emove a Ph'sical 6olume

pvmove 4ove the Logical /xtents on a Ph'sical 6olume to wherever there are available Ph'sical /xtentsEwithin the 6olume AroupF and then put the Ph'sical 6olume offline

vgs ,eport information about 6olume Aroups

vgc& Check 6olume Aroup metadata

vgmerge 4erge two 6olume Aroups

vgimport Import a 6olume Aroup into a s'stem

vgexport /xport a 6olume Aroup from a s'stem

vgchange Change 6olume Aroup attributes

vgextend !dd a Ph'sical 6olume to a 6olume Aroup

vgreduce ,emove a Ph'sical 6olume from a 6olume Aroup

lvs ,eport information about Logical 6olumes

lvchange Change Logical 6olume attributes

lvremove ,emove a Logical 6olume

lvscan 7can all disks for Logical 6olumes



5/128

3$12% S!"e* oo"

System boot

oo" !e6uence

PS8

Power-n Se)f 8e!"Low-level check of PC hardware

IS

#!ic I$ S!"e* +etection of disks and hardware

C+#in )o#der

GR9GR#nd 9nified

oo")o#der

A,B5 stage 1 is loaded from the 45, and executes A,B5 stage 2 from files'stemA,B5 chooses which 7 to boot onThe chain loader hands over to the boot sector of the partition on which resides the 7

The chain loader also mounts initrd" an initial ramdisk Et'picall' a compressed ext2

files'stemF to be used as the initial root device during kernel bootG this make possible toload kernel modules that recogni(e hard drives hardware and that are hence needed tomount the real root files'stem !fterwards" the s'stem runs /linuxrc with PI+ 1

E=rom Linux 2:1& onward" the s'stem instead loads into memor' initramfs" a cpio-

compressed image" and unpacks it into an instance of tmpfs in ,!4 The kernel thenexecutes /init from within the imageF

Linux kerne)

ernel decompression into memor'

ernel execution

+etection of devices

The real root files'stem is mounted on / in place of the initial ramdisk

ini"

/xecution of init" the first process EPI+ 1F

The s'stem tries to execute in the following orderH/sbin/init/etc/init/bin/init/bin/sh

If none of these succeeds" the kernel will panic

S"#r"u/ The s'stem loads startup scripts and runlevel scripts

: Ser;er EptionalF The @ +ispla' 4anager starts the @ 7erver

7ome newer s'stems use B/=I EBnified /xtensible =irmware InterfaceF B/=I does not use the 45, boot codeG it hasknowledge of partition table and files'stems" and stores its application files re#uired for launch in a /=I 7'stem Partition"mostl' formatted as =!T&2

!fter the P7T" the s'stem loads the B/=I firmware which initiali(es the hardware re#uired for booting" then reads its 5oot4anager data to determine which B/=I application to launch The launched B/=I application ma' then launch another

application" eg the kernel and initramfs in case of a boot loader like the A,B5



6/128


7/128

5$12% Run)e;e)!

Runlevels

Run)e;e) ei#n Red (#"

0 7hutdown

1 7ingle user ; maintenance mode

2 4ulti-user modeEdefaultF 4ulti-user mode without network

3 4ulti-user mode 4ulti-user mode with network

< 4ulti-user mode Bnused" for custom use

5 4ulti-user mode4ulti-user mode with network and @

EdefaultF

% ,eboot

S7ingle user ; maintenance mode

Eusuall' accessed through runlevel 1F

The default runlevels are 2 3 < 5

runlevelwho -r +ispla' the previous and the current runlevel

init runleveltelinit runlevel Change runlevel

init #telinit #shutdown -h nowhalt

poweroff

*alt the s'stem

init 1telinit 1shutdown -r nowreboot

,eboot the s'stem

shutdown 7hut down the s'stem in a secure wa'H all logged in users are notified via amessage to their terminal" and login is disabledThis command can be run onl' b' the root user and b' those users Eif an'F listed in/etc/shutdown.allow

shutdown -h $1:## message 7chedule a shutdown for 8 P4 and send a warning message to all logged in users

shutdown -a 0on-root users that are listed in /etc/shutdown.allow can use this command to

shut down the s'stem

shutdown -f 7kip fsck on reboot

shutdown -, =orce fsck on reboot

shutdown -c Cancel an alread' running shutdown



8/128

%$12% S! ;! S!"e*d ini" !cri/"!

SysV vs Systemd init scripts

S!"e* S!"e*d =c"ion

/etc/init.d/service operation

service service operation E,ed *atF

rcservice operation E7B7/F

s"stemctl operation service Perform one of these operations onthe specified serviceHstartstoprestartstatusforce-reloadcondrestarttr"-restartreload

update-rc.d service defaults E+ebianF

ch&config --add service E,ed *atF

!dd a service at boot

update-rc.d -f service remove E+ebianF

ch&config --del service E,ed *atF

,emove a service at boot

hen adding or removing a service at boot" startup directories will be updated b' creating or deleting s'mlinks for thedefault runlevelsH s'mlinks for runlevels % 1 :" and 7 s'mlinks for runlevels 2 & 8 9In 7'stem 6" the service will be run via the xinetd super server

update-rc.d -f service ;start '# 2 ' % 5 . stop 0# # $ 1 .

!dd a service on the defaultrunlevelsG create 7&% s'mlinks forstarting the service and


9/128

7$12% $e"c$ini""#

/etc/inittab

/etc/inittab

7he default runlevel.id:2:initdefault:

3oot-time s"stem configuration/initiali(ation script.

7his is run first except when booting in emergenc" =-b> mode.si::s"sinit:/etc/init.d/rc+

?hat to do in single-user mode.@@:+:wait:/sbin/sulogin

/etc/init.d executes the + and scripts upon change of runlevel.l#:#:wait:/etc/init.d/rc #l$:$:wait:/etc/init.d/rc $l2:2:wait:/etc/init.d/rc 2l':':wait:/etc/init.d/rc 'l%:%:wait:/etc/init.d/rc %l5:5:wait:/etc/init.d/rc 5l1:1:wait:/etc/init.d/rc 1 ormall" not reachedA but fall through in case of emergenc".(1:1:respawn:/sbin/sulogin

/sbin/gett" invocations for the runlevels. 6d field must be the same as the last characters of the device =after Btt"B>.$:2'%5:respawn:/sbin/gett" '%## tt"$2:2':respawn:/sbin/gett" '%## tt"2

/etc/inittab describes which processes are started at bootup and during normal operationG it is read and executed b'

init at bootup

!ll its entries have the form id :runlevels:action: process

id1-8 characters" uni#uel' identifies an entr'=or gett's and other login processes it should be e#ual to the suffix of the corresponding tt'

run)e;e)!,unlevels for which the specified action must be performedIf empt'" action is performed on all runlevels

#c"ion

respawn Process will be restarted when it terminates

waitProcess is started at the specified runlevel and init will wait for its termination

Eie execution of further lines of /etc/inittab stops until the process exitsF

once Process is executed once at the specified runlevel

boot Process is executed at s'stem boot ,unlevels field is ignored

bootwaitProcess is executed at s'stem boot and init will wait for its termination

,unlevels field is ignored

off +oes nothing

ondemand Process is executed when an on-demand runlevel E!" 5" CF is called

initdefault 7pecifies the default runlevel to boot on Process field is ignored

s"sinitProcess is executed at s'stem boot" before an' boot or bootwait entries

,unlevels field is ignored

powerfailProcess is executed when power goes down and an BP7 kicks ininit will not wait for its termination

powerwaitProcess is executed when power goes down and an BP7 kicks ininit will wait for its termination

powerfailnow Process is executed when power is down and the BP7 batter' is almost empt'

powero&wait Process is executed when power has been restored from BP7

ctrlaltdel Process is executed when init receives a 7IAI0T via

&bdreuest Process is executed when a special ke' combination is pressed on console

/roce!! Process to execute If prepended b' a )" utmp and wtmp accounting will not be done


CT,L !LT +/L


10/128

>$12% Fi)e!!"e* +ier#rc+

Filesystem hierarchy

Fi)e!!"e* (ier#rc+ S"#nd#rd F(S

/bin /ssential command binaries

/boot 5ootloader files Eeg 7 loader" kernel image" initrdF

/dev +evices and partitions/etc 7'stem configuration files and scripts

/home *ome directories for users

/lib Libraries for the binaries in /bin and /sbin" kernel modules

/lost)found 7torage director' for recovered files in this partition

/media 4ount points for removable media

/mnt 4ount points for temporar' files'stems

/net !ccess to director' tree on different external 0=7 servers

/opt ptional" large add-on application software packages

/proc 6irtual files'stem providing kernel and processes information

/root *ome director' for the root user

/sbin /ssential s'stem binaries" s'stem administration commands

/srv +ata for services provided b' the s'stem

/tmp Temporar' files

/usr Bser utilities and applications

/usr/bin 0on-essential command binaries Efor all usersF

/usr/lib Libraries for the binaries in /usr/bin and /usr/sbin

/usr/sbin 0on-essential s'stem binaries Edaemons and servicesF

/usr/src 7ource code

/usr/local 7oftware installed locall'

/usr/local/bin Local software binaries

/usr/local/games Local game binaries

/usr/local/include Local C header files

/usr/local/lib Local libraries for the binaries in /usr/local/bin and /usr/local/sbin

/usr/local/man Local manuals

/usr/local/sbin Local s'stem binaries

/usr/local/share Local architecture-independent hierarch'

/usr/local/src Local source code

/var 6ariable files Eeg logs" caches" mail spoolsF



11/128

?$12% P#r"i"ion!

Partitions

/dev/hdaA /dev/hdbA /dev/hdc first" second" third I+/ hard drive

/dev/sdaA /dev/sdbA /dev/sdc first" second" third 7!T! hard drive

/dev/sda$A /dev/sda2A /dev/sda' first" second" third partition of the first 7!T! drive

Partitioning limits for LinuxH

4ax 8 primar' partitions per hard disk" or & primar' partitions 1 extended partition Partition numbersH 1-84ax 11 logical partitions Einside the extended partitionF per hard disk Partition numbersH 9-19

The superblock contains information relative to the files'stemH eg files'stem t'pe" si(e" status" metadata structuresThe 4aster 5oot ,ecord E45,F is a 912-b'te program located in the first sector of the hard diskG it contains information

about hard disk partitions and has the dut' of loading the 74ost modern files'stems use $ournalingG in a $ournaling files'stem" the $ournal logs changes before committing them to thefiles'stem" which ensures faster recover' and less corruption in case of a crash

fdis& /dev/sda +isk partitioning interactive tool

sfdis& /dev/sda +isk partitioning non-interactive tool

cfdis& Text-based BI fdisk

gparted ABI fdiskfdis& -l /dev/sda List the partition table of /dev/sda

partprobe !fter fdisk operations" this command can be run to notif' the 7 of partition tablechanges therwise" these changes will take place onl' after reboot

m&fs -t fstype device Create a files'stem of the specified t'pe on a partition Eie format the partitionFmkfs is a wrapper utilit' for the actual files'stem-specific maker commandsHm&fs.ext2 aka m&e2fs

m&fs.ext' aka m&e'fsm&fs.ext%

m&fs.msdos aka m&dosfs

m&fs.reiserfs aka m&reiserfsm&fs.Cfsm&fs.xfs

m&fs -t ext2 /dev/sdam&fs.ext2 /dev/sdam&e2fs /dev/sda

Create a ext2 files'stem on /dev/sda

m&e2fs -C /dev/sdam&fs.ext' /dev/sdam&e'fs /dev/sda

Create a ext& files'stem Eext2 with $ournalingF on /dev/sda

m&fs -t msdos /dev/sdam&fs.msdos /dev/sdam&dosfs /dev/sda

Create a 47-+7 files'stem on /dev/sda

mountcat /proc/mountscat /etc/mtab

+ispla' the currentl' mounted files'stems

The commands mount and umount maintain in /etc/mtab a database of currentl'

mounted files'stems" but /proc/mounts is authoritative

mount -a 4ount all devices listed in /etc/fstab Eexcept those indicated as noautoF

mount -t ext' /dev/sda /foobar 4ount a Linux-formatted disk The mount point Edirector'F must exist

mount -t msdos /dev/fd# /mnt 4ount a 47-+7 files'stem flopp' disk to mount point /mnt

mount /dev/fd# 4ount a flopp' disk /etc/fstab must contain an entr' for /dev/fd#

umount /dev/fd#umount /mnt

Bnmount a flopp' disk that was mounted on /mnt Edevice must not be bus'F

umount -l /dev/fd# Bnmount the flopp' disk as soon as it is not in use an'more

mount -o remountArw / ,emount the root director' as read-write Esupposing it was mounted read-onl'F

Bseful to change flags Ein this case" read-onl' to read-writeF for a mountedfiles'stem that cannot be unmounted at the moment

mount -o noloc& $#.0.0.0:/export/ /mnt/nfs 4ount a 0=7 share without running 0=7 daemons

Bseful during s'stem recover'mount -t iso*11# -o roAloop


12/128

10$12% Fi)e!!"e* "/e!

Filesystem types

P#r"i"ion "/e!

#x## 4mpt"#x#$ ,7$2#x#2 E46E root#x#' E46E usr

#x#% ,7$1 F'2!#x#5 4xtended#x#1 ,7$1#x#0 GP,+/7,+/ex,7#x# 6E#x#* 6E bootable#x#a 8+/2 3oot !anager#x#b ?*5 ,7'2#x#c ?*5 ,7'2 =L3>#x#e ?*5 ,7$1 =L3>#x#f ?*5 extended =L3>#x$# 8PH+#x$$ Gidden ,7$2#x$2 Iompa diagnostics#x$% Gidden ,7$1 F'2!#x$1 Gidden ,7$1

#x$0 Gidden GP,+/7,+#x$ +7 +mart+leep#x$b Gidden ?*5 ,7'2#x$c Gidden ?*5 ,7'2 =L3>#x$e Gidden ?*5 ,7$1 =L3>#x2% 4I D8+#x20 Gidden 7,+ ?in94#x'* Plan *#x'c Partition!agic recover"#x%# Jenix #21#x%$ PPI P9eP 3oot#x%2 +,+#x%d KE%.x

#x%e KE%.x 2nd part#x%f KE%.x 'rd part#x5# 8n7rac& D!#x5$ 8n7rac& D!1 ux$

#x52 IP/!#x5' 8n7rac& D!1 ux'#x5% 8n7rac&D!1#x55 4-Drive#x51 olden 3ow#x5c Priam 4dis&#x1$ +peed+tor#x1' H GH9D or +"sJ#x1% ovell etware 21#x15 ovell etware '1#x0# Dis&+ecure !ulti-3oot#x05 PI/6E#x# 8ld !inix#x$ !inix / old Linux#x2 Linux swap / +olaris#x' Linux

#x% 8+/2 hidden I: drive#x5 Linux extended#x1 7,+ volume set#x0 7,+ volume set#x Linux plaintext#xe Linux LJ!#x*' moeba#x*% moeba 337#x*f 3+D/8+#xa# 63! 7hin&pad hibernation#xa5 ,ree3+D#xa1 8pen3+D#xa0 eE7+74P

#xa Darwin H,+#xa* et3+D#xab Darwin boot#xaf G,+ / G,+)

#xb0 3+D6 fs#xb 3+D6 swap#xbb 3oot ?i(ard hidden#xbe +olaris boot#xbf +olaris#xc$ D9D8+/sec =,7-$2>#xc% D9D8+/sec =,7-$1 F '2!>#xc1 D9D8+/sec =,7-$1>#xc0 +"rinx#xda on-,+ data#xdb IP/! / I78+ / ...#xde Dell Htilit"#xdf 3oot6t#xe$ D8+ access#xe' D8+ 9/8#xe% +peed+tor

#xeb 3e8+ fs#xee P7#xef 4,6 =,7-$2/$1/'2>#xf# Linux/P-96+I boot#xf$ +peed+tor#xf% +peed+tor#xf2 D8+ secondar"#xfb J!ware J!,+#xfc J!ware J!I894#xfd Linux raid autodetect#xfe Lstep#xff 337

List of partition I+s and their names" as obtained b' the command sfdis& -7

'o!" u!ed Linux-!u//or"ed fi)e!!"e*!

Fi)e!!"e* Pro/er"ie!

ext2 Linux default files'stem" offering the best performances

ext& ext2 with $ournaling

ext8 Linux $ournaling files'stem" upgrade from ext&

,eiserfs Dournaling files'stem

@=7 Dournaling files'stem" developed b' 7AI

D=7 Dournaling files'stem" developed b' I54

5trfs 5-tree files'stem" developed b' racle

msdos +7 files'stem" supporting onl' >-char filenames

umsdos /xtended +7 files'stem used b' Linux" compatible with +7

fat&2 47-indows =!T files'stem

vfat /xtended +7 files'stem" with support for long filenames

ntfs ,eplacement for fat&2 and vfat files'stems

minix 0ative files'stem of the 4I0I@ 7

iso?::% C+-,4 files'stem

cramfs Compressed ,!4 disk

nfs 0etwork files'stem" used to access files on remote machines

745 7erver 4essage 5lock" used to mount indows network shares

proc Pseudo files'stem" used as an interface to kernel data structures

swap Pseudo files'stem" Linux swap area



13/128

11$12% Sw#/

Swap

In Linux" the swap space is a virtual memor' area Ea file or a partitionF used as ,!4 extension Bsuall' a partition ispreferred because of better performances concerning fragmentation and disk speed !lthough listed as files'stem t'pe%x>2" the swap partition is not a files'stem but a raw addressable memor' with no structure

fdis& The fdisk tool can be used to create a swap partition

dd if


14/128

12$12% $e"c$f!"#

/etc/fstab

/etc/fstab Fi)e!!"e*! infor*#"ion

Ffiles"stem Fmount point Ft"pe Foptions Fdump Fpass

/dev/sda2 / ext2 defaults # $/dev/sdb$ /home ext2 defaults $ 2/dev/cdrom /media/cdrom auto roAnoautoAuserAexec # #/dev/fd# /media/flopp" auto rwAnoautoAuserAs"nc # #proc /proc proc defaults # #/dev/hda$ swap swap pri


15/128

13$12% Fi)e!!"e* o/er#"ion!

Filesystem operations

df ,eport files'stem disk space usage

df -h ,eport files'stem disk space usage in human-readable output

df /path/m"dir 7hows on which device the specified director' is mounted

lsbl& List information about all available block devices

lsscsi List information about all 7C7I devices

bloc&dev --getbs( /dev/sda$ Aet the block si(e of the specified partition

s"nc =lush the buffer and commit all pending writesTo improve performance of Linux files'stems" man' write operations are buffered in ,!4and written at onceG writes are done in an' case before unmount" reboot" or shutdown

chroot /mnt/s"simage 7tart a shell with /mnt/s"simage as files'stem root

Bseful during s'stem recover' when the machine has been booted from a removablemedia Ewhich hence is defined as the files'stem rootF

m&nod /dev/sda Create a director' allocating the proper inodeBseful during s'stem recover' when experiencing files'stem problems

hdparm Aet;set drive parameters for 7!T!;I+/ devices

hdparm -g /dev/hda +ispla' drive geometr' Ec'linders" heads" sectorsF of ;dev;hda

hdparm -i /dev/hda +ispla' identification information for ;dev;hda

hdparm -t7 /dev/hda Perform benchmarks on the ;dev;hda drive

hdparm -p $2 /dev/hda ,eprogram I+/ interface chipset of ;dev;hda to mode 8 Bse with cautionK

sdparm !ccess drive parameters for 7C7I devices

bl&id -H 152b01e-b0f-%*d2-af2'-#0ced#c110 Print the name of the specified partition" given its BBI+

bl&id -L /boot Print the BBI+ of the specified partition" given its label

findfs HH6D


16/128

1 perational error

1: Bsage or s'ntax error&2 =sck canceled b' user

12> 7hared librar' error

fsck is a wrapper utilit' for the actual files'stem-specific checker commandsHfsc&.ext2 aka e2fsc&fsc&.ext'fsc&.ext%fsc&.msdosfsc&.vfatfsc&.cramfs

fsc&fsc& -s

Check and repair seriall' all files'stems listed in /etc/fstab

fsc& -f /dev/sda$ =orce a files'stem check on /dev/sda$ even if it thinks is not necessar'

fsc& -" /dev/sda$ +uring files'stem repair" do not ask #uestions and assume that the answer is

alwa's 'es

fsc&.ext2 -c /dev/sda$e2fsc& -c /dev/sda$

Check a ext2 files'stem" running the badbloc&s command to mark all bad blocks

and add them to the bad block inode to prevent them from being allocated tofiles or directories

tune2fs [options] device !d$ust tunable files'stem parameters on ext2;ext&;ext8 files'stems

tune2fs -C /dev/sda$ !dd a $ournal to this ext2 files'stem" making it a ext&

tune2fs -I % /dev/sda$ 7et the mount count of the files'stem to 8

tune2fs -c 2# /dev/sda$ 7et the files'stem to be checked b' fsck after 2% mounts

tune2fs -i $5d /dev/sda$ 7et the files'stem to be checked b' fsck each 19 da's

5oth mount-count-dependent and time-dependent checking are enabled b' default for all hard drives on Linux" to avoid therisk of files'stem corruption going unnoticed

dumpe2fs [options] device +ump ext2;ext&;ext8 files'stem information

dumpe2fs -h /dev/sda$ +ispla' files'stem.s superblock information Eeg number of mounts" lastchecks" BBI+F

dumpe2fs /dev/sda$ M grep -i superbloc& +ispla' locations of superblock Eprimar' and backupF of files'stem

dumpe2fs -b /dev/sda$ +ispla' blocks that are marked as bad in the files'stem

debugfs device Interactive ext2;ext&;ext8 files'stem debugger

debugfs -w /dev/sda$ +ebug /dev/sda$ in read-write mode

Eb' default" debugfs accesses the device in read-onl' modeF

4an' hard drives feature the 7elf-4onitoring" !nal'sis and ,eporting Technolog' E74!,TF whose purpose is to monitor thereliabilit' of the drive" predict drive failures" and carr' out different t'pes of drive self-testsThe smartd daemon attempts to poll this information from all drives ever' &% minutes" logging all data to s'slog

smartctl -a /dev/sda Print 74!,T information for drive /dev/sda

smartctl -s off /dev/sda +isable 74!,T monitoring and log collection for drive /dev/sda

smartctl -t long /dev/sda 5egin an extended 74!,T self-test on drive /dev/sda



17/128

15$12% :FS@ Rei!erFS@ C-R' f!

XFS, ReiserFS, CD-ROM fs

xfsNgrowfs [options] mountpoint /xpand an @=7 files'stem Ethere must be at least one spare new diskpartition availableF

xfsNinfo /dev/sda$

xfsNgrowfs -n /dev/sda$

Print @=7 files'stem geometr'

xfsNchec& [options] device Check @=7 files'stem consistenc'

xfsNrepair [options] device ,epair a damaged or corrupt @=7 files'stem

xfsdump -v silent -f /dev/tape / +ump the root of a @=7 files'stem to tape" with lowest level of verbosit'

Incremental and resumed dumps are stored in the inventor' database/var/lib/xfsdump/inventor"

xfsrestore -f /dev/tape / ,estore a @=7 files'stem from tape

xfsdump -O - / M xfsrestore -O - /new Cop' the contents of a @=7 files'stem to another director' Ewithoutupdating the inventor' databaseF

reiserfstune [options] device !d$ust tunable files'stem parameters on ,eiser=7 files'stem

debugreiserfs device Interactive ,eiser=7 files'stem debugger

m&isofs -r -o cdrom.img data/ Create a C+-,4 image from the contents of the target director'/nable ,ock ,idge extension and set all content on C+ to be public

readable Einstead of inheriting the permissions from the original filesF

C-R' fi)e!!"e*!

Fi)e!!"e* Co**#nd!

I7?::% m&isofs Create a I7?::% files'stem

B+= EBniversal +isk =ormatF

m&udffs Create a B+= files'stem

udffsc& Check a B+= files'stem

wrudf 4aintain a B+= files'stem

cdrwtool 4anage C+-, drives Edisk format" read;write speed" F

*=7 E*ierarchical =ile 7'stemF

C-R' fi)e!!"e* ex"en!ion!

,ock ,idge Contains the original file information Eeg permissions" filenameF for 47 indows >& filenames

47 Doliet Bsed to create more 47 indows friendl' C+-,4s

/l Torito Bsed to create bootable C+-,4s



18/128

1%$12% =u"oFS

AutoFS

!uto=7 permits automounting of files'stems" even for nonprivileged users!uto=7 is composed of the autofs kernel module that monitors specific directories for attempts to access them" and in this

case signals the automount userspace daemon which mounts the director' when it needs to be accessed and unmounts it

when no longer accessed

/etc/auto.master Primar' configuration file for !uto=7/ach line is an indirect mapG each map file stores the configuration for the automounting of thesubdir

mount point map options/misc /etc/auto.misc/home /etc/auto.home --timeout


19/128

17$12% R=I

RAID

R=I )e;e)!

Le;e) e!cri/"ion S"or#e c#/#ci"

,!I+ % 7triping Edata is written across all member disksF

*igh I; but no redundanc'

7um of the capacit' of member disks

,!I+ 1 4irroring Edata is mirrored on all disksF*igh redundanc' but high cost

Capacit' of the smaller member disk

,!I+ 8 Parit' on a single diskI; bottleneck unless coupled to write-back caching

7um of the capacit' of member disks"minus one

,!I+ 9 Parit' distributed across all disksCan sustain one disk crash

7um of the capacit' of member disks"minus one

,!I+ : +ouble parit' distributed across all disksCan sustain two disk crashes

7um of the capacit' of member disks"minus two

,!I+ 1% E1%F 7triping mirroring*igh redundanc' but high cost

Capacit' of the smaller member disk

Linear ,!I+ +ata written se#uentiall' across all disks

0o redundanc'

7um of the capacit' of member disks

mdadm -I /dev/md# -l 5 ;-n ' /dev/sdb$ /dev/sdc$ /dev/sdd$ ;-x $ /dev/sde$

Create a ,!I+ 9 arra' from three partitions and a sparePartitions t'pe must be set to %x=+nce the ,!I+ device has been created" it must be formatted eg viam&e2fs -C /dev/md#

mdadm --manage /dev/md# -f /dev/sdd$ 4ark a drive as fault'" before removing it

mdadm --manage /dev/md# -r /dev/sdd$ ,emove a drive from the ,!I+ arra'The fault' drive can now be ph'sicall' removed

mdadm --manage /dev/md# -a /dev/sdd$ !dd a drive to the ,!I+ arra'To be run after the fault' drive has been ph'sicall' replaced

mdadm --misc -K /dev/sdd$ +ispla' information about a device

mdadm --misc -D /dev/md# +ispla' detailed information about the ,!I+ arra'

mdadm --misc -o /dev/md# 4ark the ,!I+ arra' as readonl'

mdadm --misc -w /dev/md# 4ark the ,!I+ arra' as read write

/etc/mdadm.conf Configuration file for mdadm

D4J6I4 /dev/sdb$ /dev/sdc$ /dev/sdd$ /dev/sde$99R /dev/md# level


20/128

1>$12% oo")o#der

Bootloader

Aon-GR9 oo")o#der!

LIL

ELinux LoaderF

bsolete 7mall bootloader that can be placed in the 45, or the boot sector of a partition

The configuration file is /etc/lilo.conf Erun /sbin/lilo afterwards to validate changesF

7)7LI0B@

7)7LI0B@ !ble to boot from =!T and 0T=7 files'stems eg flopp' disks and B75 drives

Bsed for boot flopp' disks" rescue flopp' disks" and Live B75s

I7LI0B@ !ble to boot from C+-,4 I7 ?::% files'stems

Bsed for Live C+s and bootable install C+s

The C+ must contain the following filesH

isolinux/isolinux.bin I7LI0B@ image" from the 7)7LI0B@ distro

boot/isolinux/isolinux.cfg I7LI0B@ configuration

images/ =lopp' images to boot

&ernel/memdis&

The C+ can be burnt with the commandH

m&isofs -o output.iso -b isolinux/isolinux.bin -c isolinux/boot.cat ;-no-emul-boot -boot-load-si(e % -boot-info-table [CD root dir]

P@/LI0B@ !ble to boot from P@/ EPre-boot e@ecution /nvironmentF P@/ uses +*CP or 5TP to enablebasic networking" then uses T=TP to download a bootstrap program that loads and configuresthe kernelBsed for Linux installations from a central server or network boot of diskless workstations

The boot T=TP server must contain the following filesH

/tftpboot/pxelinux.# P@/LI0B@ image" from the 7)7LI0B@ distro

/tftpboot/pxelinux.cfg/ +irector' containing a configuration file for each machine! machine with /thernet 4!C address >>H??H!!H55HCCH++

and IP address 1?2%2?1 EC%%%%295 in hexadecimalF willsearch for its config filename in this orderH#$--**-aa-bb-cc-dd

I####253I####25I####2I####I###I##I#Idefault

/@TLI0B@ Aeneral-purpose bootloader like LIL or A,B5 0ow merged with 7)7LI0B@



21/128

1?$12% GR9 confiur#"ion

GRUB configuration

A,B5 EArand Bnified 5ootloaderF is the standard boot manager on modern Linux distros" which ma' use either versionHA,B5 Legac' or A,B5 2A,B5 7tage 1 E88: b'tesF" as well as the partition table E:8 b'tesF and the boot signature E2 b'tesF" is stored in the 912-b'te 45, It then accesses the A,B5 configuration and commands available on the files'stem" usuall' on /boot/grub

/boot/grub/menu.lst or /boot/grub/grub.conf GR9 Le#c confiur#"ion fi)e

timeout $# 3oot the default &ernel after $# secondsdefault # Default &ernel is #

+ection #: Linux boottitle Debian !enu item to show on 9H3 bootmenuroot =hd#A#> root files"stem is /dev/hda$&ernel /boot/vmlinu(-2.1.2%-$*-generic root root files"stem is /dev/hda2savedefaultma&eactive set the active flag on this partitionchainloader )$ read $ sector from start of partition and run

+ection 2: ,irmware/368+ update from flopp" dis&title ,irmware update&ernel /memdis& boot a flopp" dis& imageinitrd /flopp"-img-0.0.0

Commonkernel

parametersH

root< 7pecif' the location of the files'stem root This is a re#uired parameter

ro 4ount read-onl' on boot

uiet +isable non-critical kernel messages during boot

debug /nable kernel debuggingsplash 7how splash image

emergenc" /mergenc' modeH after the kernel is booted" run sulogin Esingle-user loginF

which asks for the root password for s'stem maintenance" then run a 5ash +oesnot load init or an' daemon or configuration setting

init/b(6mage-2.1.'1-experimental ro root


22/128

20$12% GR9 co**#nd!

GRUB commands

The A,B5 menu" presented at startup" permits to choose the 7 or kernel to bootH

5oot the selected A,B5 entr'

Aet a A,B5 command line

/dit the selected A,B5 entr' Eeg to edit kernel parameters in order to boot in single-user emergenc' mode"or to change I, or I; port of a device driver compiled in the kernelF

5oot the A,B5 entr' once it has been modified

5ring up the A,B5 password prompt Enecessar' if a A,B5 password has been setF

grub-install /dev/sda Install A,B5 on first 7!T! drive

grub !ccess the A,B5 shell

/boot/grub/device.map This file can be created to map Linux device filenames to 5I7 drivesH

=fd#> /dev/fd#=hd#> /dev/hda

GR9 Le#c !+e)) co**#nd!

bloc&list file Print the block list notation of a file &ernel file Load a kernel

boot 5oot the loaded 7 loc& Lock a A,B5 menu entr'

cat file 7how the contents of a file ma&eactive 7et active partition on root disk toA,B5.s root device

chainloader file Chainload another bootloader map drive1 drive2 4ap a drive to another drive

cmp file1 file2 Compare two files md5cr"pt /ncr'pt a password in 4+9 format

configfile file Load a configuration file module file Load a kernel module

debug Toggle debugging mode modulenoun(ip file Load a kernel module withoutdecompressing it

displa"apm +ispla' !P4 5I7 information pause message Print a message and wait for a ke'press

displa"mem +ispla' memor' configuration uit uit the A,B5 shell

embed stage device /mbed 7tage 19 in the device reboot ,eboot the s'stem

find file =ind a file read address ,ead a &2-bit value from memor'and print it

fstest Toggle files'stem test mode root device 7et the current root device

geometr" drive Print information on a drivegeometr'

rootnoverif" device 7et the current root device withoutmounting it

halt 7hut down the s'stem savedefault 7ave current menu entr' as thedefault entr'

help command 7how help for a command" or theavailable commands

setup device Install A,B5 automaticall' on thedevice

impsprobe Probe the Intel 4ultiprocessor7pecification

testload file Test the files'stem code on a file

initrd file Load an initial ramdisk image file testvbe mode Test a 6/7! 5I7 /@T/07I0mode

install options Install A,B5 Edeprecated" usesetup insteadF

uppermem kbytes 7et the upper memor' si(e Eonl'for old machinesF

ioprobe drive Probe I; ports used for a drive vbeprobe mode Probe a 6/7! 5I7 /@T/07I0

mode


/0T/,

C

/

5

P


23/128

21$12% P#ck#e *#n#er!

Package managers

Low-)e;e) /#ck#e *#n#er! ei#n Red (#"

Install a package file dp&g -i package.debrpm -i package.rpmrpm -i ftp://host/package.rpmrpm -i http://host/package.rpm

,emove a package dp&g -r package rpm -e package

Bpgrade a packageEand remove old versionsF

rpm -H package.rpm

Bpgrade a packageEonl' if an old version is alread' installedF

rpm -, package.rpm

List installed packages and their state dp&g -l rpm -a

List the content of an installed package dp&g -L package rpm -l package

List the content of a package file dp&g -c package.deb rpm -pl package.rpm

7how the package containing a specific file dp&g -+ file rpm -f file

6erif' an installed package rpm -J package

,econfigure a package dp&g-reconfigure package

Install a package source file rpm -i package.src.rpm

Compile a package source file rpm -ba package.spec

(i+-)e;e) /#ck#e *#n#er!

Install a package apt-get install package "um install package

Install a package file"um install package.rpm"um localinstall package.rpm

,emove a package apt-get remove package "um remove package

Bpgrade an installed package "um update package

Bpgrade all installed packages apt-get upgrade "um update

Bpgrade all installed packages and handle

dependencies with new versionsapt-get dist-upgrade

Aet the source code for a package apt-get source package

Check for broken dependencies and updatepackage cache

apt-get chec&

=ix broken dependencies apt-get install -f

Bpdate information on available packages apt-get update

List all available packages "um list

7earch for a package apt-cache search package "um search package

7how package dependencies apt-cache depends package "um deplist package

7how package records apt-cache show package "um list package

7how information about a package apt-cache showp&g package "um info package

Bpdate information about package contents apt-file update

List the content of an uninstalled package apt-file list package

7how the package containing a specific file apt-file search file "um whatprovides file

!dd a C+-,4 to the sources list apt-cdrom add

+ownload package and resolve dependencies "umdownloader --resolve package

7how B,Ls that would be downloaded "umdownloader --urls package

Print list of available repositories cat /etc/apt/sources.list"um repolistcat /etc/"um.repos.d/.repo

Package format compressed with ar compressed with cpio

*igh-level package managers are able to install remote packages and automaticall' solve dependencies



24/128

22$12% P#ck#e *#n#e*en" "oo)!

Package management tools

8ex"-#!ed 9I or r#/+ic#) "oo)! ei#n Red (#"

4anage packages and dependencies

aptitude pirut

dselect

s"naptic

"+er "oo)!

Convert a ,P4 package to +/5 and install it

4ight break the package s'stemKalien -i pac&age.rpm

Convert a ,P4 package to cpio archive rpm2cpio pac&age.rpm



25/128

23$12% #cku/

Backup

dd if


26/128

2


27/128

25$12% 8ex" fi)"er!

Text filters

cat m"file Print a text file

cat m"file$ m"file2 m"file' Concatenate text files

cat m"file FF48,line 1

line 2line 48,

Creates a *ere +ocument" storing the lines entered in input to a file

head m"filehead -n $# m"file Print the first 1% lines of a text file

tail m"filetail -n $# m"file Print the last 1% lines of a text file

tail -f m"file utput appended data as the text file growsG useful to read logs in realtime

tac m"file Print a text file in reverse" from last line to first line

fmt -w 05 m"file =ormat a text file so that each line has a max width of


28/128

2%$12% Fi)e *#n#e*en"

File management

cp m"file m"file2 Cop' a file

Common optionsH-i Prompt before overwriting;deleting files EinteractiveF

-f +on.t ask before overwriting;deleting files EforceF

cp m"file m"dir/ Cop' a file to a director'

mv m"file m"file2 ,ename a file

mv m"file m"dir/ 4ove a file to a director'rm m"file +elete a file

pv m"file m"file2 Cop' a file" monitoring the progress of data through the pipe

m&dir m"dir Create a director'

m&dir -m 000 m"dir Create a director' with %

lsof -iU$#.#.#.' List connections of local processes to remote host 1%%%&

lsof -iU$#.#.#.':# List connections of local processes to remote host 1%%%& on port >%

lsof -c m"sld List all files opened b' the 4'7L daemon

lsof /var/lib/m"sl/m"sld.pid List all processes which are using a specific file

Fi)e-n#*in wi)dc#rd! )oin r#ce ex/#n!ion

4atches (ero or more characters cp m"file.StxtAba&T Cop' m'filetxt to m'filebak

[ 4atches one character touch m"fileNSaAbAcT Create m'fileMa" m'fileMb" m'fileMc

X&xwY 4atches k" x" or w touch Sa..hT Create > files named a b c d e f g h

XV&xwY 4atches an' character except k" x" or w

Xa-(Y 4atches an' character between a and (



29/128

27$12% I$ !"re#*!

I/O streams

In Linux" ever'thing is Edispla'ed asF a file =ile descriptors are automaticall' associated to an' process launched

Fi)e de!cri/"or!

B A#*e 8/e ef#u)" de;ice

% 7tandard input EstdinF Input text stream e'board

1 7tandard output EstdoutF utput text stream Terminal

2 7tandard error EstderrF utput text stream Terminal

ls M sort Pipe the stdout of command ls to stdin of command sort

Eie generate a sorted list of the files on the current director'FPiped commands run concurrentl'

ls m"filels $ m"file

,edirect the stdout of command ls to a file

Eie write on a file the content of the current director'F=ile is overwritten if it alread' existsG to prevent this" set the 5ash noclobber optionvia set -o noclobber

ls M m"file ,edirect the stdout of command ls to a file" even if noclobber is set

ls m"filels $ m"file

!ppend the stdout of command ls to a file

df 2 m"file ,edirect the stderr of command df to a file

Eie write an' error encountered b' the command df to a fileF

df 2 m"file !ppend the stderr of command df to a file

mail rootUexample.com F m"file ,edirect a file to the stdin of command mail

Eie mail a file to the specified email addressF

ls m"file 2Q$ls Q m"file

,edirect both stdout and stderr of command ls to a file

ls M tee m"file tee reads from stdin and writes both to stdout and a file

Eie write content of current director' to screen and to a file at the same timeF

ls M tee -a m"file tee reads from stdin and appends both to stdout and a file

ls foo M xargs cat xargs calls the cat command multiple times for each argument found on stdin

Eie print the content of ever' file whose filename starts b' fooF

read !RJ9 ,ead a variable from standard input

read -n !RJ9 ,ead onl' max > chars from standard input

read -t 1# !RJ9 ,ead a variable from standard input" timing out after one minute

read -s !RJ9 ,ead a variable from standard input without echoing to terminal Esilent modeF

echo \!RJ9 Print a variable on screen

echo -n BmessageBprintf BmessageB

Print on screen without a trailing line feed

while read -r line] do echo BGello \lineB] done F m"file Process a text file line b' line



30/128

2>$12% Proce!!e!

Processes

!n' application;program;script that runs on the s'stem is a process 7ignals are used for inter-process communication/ach process has an uni#ue PI+ EProcess I+F and a PPI+ EParent Process I+FG when a process spawns a child" the processPI+ is assigned to the child.s PPI+The /sbin/init process" run at bootup" has PI+ 1 It is the ancestor of all processes and becomes the parent of an'

orphaned process It is also unkillableG should it die" the kernel will panic

hen a child process dies" its status becomes /@ITMN45I/ and a 7IAC*L+ is sent to the parent The parent should thencall the wait=> s'stem call to read the dead process. exit status and other infoG until that moment" the child process

remains a (ombie

ps -ef EB0I@ optionsF

ps aux E57+ optionsF

List all processes

pstree !"D +ispla' all processes in hierarchical formatThe process tree is rooted at PI+" or at init if PI+ is omitted

tophtop

4onitor processes in realtime

&ill -* $$' 7end a signal ? E7IAILLF to process 11&>" hence killing it

&illall -* sshd ill processes whose name is sshd

pgrep -u root sshd 7how processes whose name is sshd and are owned b' root 0oteH pgrep and p&ill

accept the same optionsp&ill -* -u root sshd ill processes whose name is sshd and are owned b' root

Cobs List all $obs Eie processes whose parent is a 5ash shellF

7uspend a $ob" putting it in the stopped state Esend a 7IAT7TPF

bg Z$ Put $ob O1 in the background Esend a 7IAC0TF

fg Z$ ,esume $ob O1 in the foreground and make it the current $ob Esend a 7IAC0TF

&ill Z$ ill $ob O1

hen a 5ash shell is terminated cleanl' via exit" its $obs will became child of the 5ash.s parent and will continue running

hen a 5ash is killed instead" it issues a 7IA*BP to his children which will terminate

nohup m"script.sh Prevent a process from terminating Ereceiving a 7IA*BPF when its parent 5ash dies

To each process is associated a niceness valueH the lower the niceness" the higher the priorit'The niceness value ranges from -2% to 1?" and a newl' created process has a default niceness of %Bnprivileged users can modif' a process. niceness onl' within the range from 1 to 1?

nice -n -5 command 7tart a command with a niceness of -9 If niceness is omitted" a default value of 1% is used

renice -5 command Change the niceness of a running command to -9

strace command Trace the execution of a command" intercepting and printing the s'stem calls called b' aprocess and the signals received b' a process


CT,L N


31/128

2?$12% Sin#)!

Signals

'o!" fre6uen") u!ed !in#)!

Sin#) nu*er Sin#) n#*e 'e#nin

1 7IA*BP Bsed b' man' daemons to reload their configuration

2 7IAI0T Interrupt" stop? 7IAILL ill unconditionall' Ethis signal cannot be ignoredF

19 7IAT/,4 Terminate gracefull'

1> 7IAC0T Continue execution

2% 7IAT7TP 7top execution

man 0 signal 4anual page about signals

&ill -l List all available signal names

&ill -l $ Print the name of signal number 1



32/128

30$12% ;*!"#"

vmstat

vmstat

procs -----------memor"---------- ---swap-- -----io---- --s"stem-- -----cpu----- r b swpd free buff cache si so bi bo in cs us s" id wa st # # # 2*102% 210$2# ''*'%## # # $0 51 # ' 2 2 *5 $ #

/roc! r 0umber of runnable processes Erunning or waiting for run timeF

0umber of processes in uninterruptible sleep

*e*or

!w/d 6irtual memor' used EswapF

in bfree =ree memor' EidleF

uff 4emor' used as buffers

c#c+e 4emor' used as cache

!w#/!i 4emor' swapped in from disk

in b;second!o 4emor' swapped out to disk

ioi 5locks received in from a block device

in blocks;secondo 5locks sent out to a block device

!!"e*in 0umber of interrupts

per secondc! 0umber of context switches

c/u

u! Time spent running user code Enon-kernelF

in percentage of total CPB time

! Time spent running s'stem code EkernelF

id Time spent idle

w# Time spent waiting for I;

!" Time stolen from a virtual machine

vmstat Print a report about virtual memor' statisticsH processes" memor'" paging" block I;"traps" disks" and CPB activit'

vmstat $ 5 Print a report ever' second" for 9 times



33/128

31$12% Re!ource *oni"orin

Resource monitoring

iostat Print a report about CPB utili(ation" device utili(ation" and network files'stemThe first report shows statistics since the s'stem bootG subse#uent reports will showstatistics since the previous report

iostat -dx $ 5 Print a detailed report for all devices ever' second" for 9 times

mpstat Print a report about processor activities

mpstat $ 5 Print a report of global statistics among all processors ever' second" for 9 times

topProcess viewer

htop Process viewer Encurses BIF

iotop +ispla' I; usage b' processes in the s'stem

free 7how the amount of free and used memor' in the s'stem

uptime 7how how long the s'stem has been up" how man' users are connected" and the s'stemload averages for the past 1" 9" and 19 minutes

sar 7how reports about s'stem activit',eports are generated from data collected via the cron $ob s"sstat and stored in

/var/log/sa/sn" where n is the da' of the month

sar -n D4J 7how reports about network activit' Ereceived and transmitted packets per secondF

sar -f /var/log/sa/s$* ;-s #1:##:## -e #1:'#:##

7how reports for s'stem activit' from : to :H&% !4 on the 1?th of the month

powertop Power consumption and power management diagnosis tool

Linux *oni"orin "oo)!

collectd 7'stem statistics collector

0agios 7'stem monitor and alert

4,TA 0etwork load monitor

Cacti 0etwork monitor



34/128

32$12% Reex!

Regexs

Reu)#r ex/re!!ion!

^ 5eginning of a line

\ /nd of a line

;F ; ord boundaries Ebeginning of line" end of line" space" or punctuation markF. !n' character" except newline

XabcY !n' of the characters specified

Xa-(Y !n' of the characters in the specified range

X^abcY !n' character except those specified

Nero or more times the preceding regex

) ne or more times the preceding regex

[ Nero or one time the preceding regex

S5T /xactl' 9 times the preceding regex

S'A1T 5etween & and : times the preceding regex

M The regex either before or after the vertical bar

= > Arouping" to be used for back-references;$ expands to the first match" ;2 for the second" and so on until ;*



35/128

33$12% Fi)e /er*i!!ion!

File permissions

- r w x r w x r w x

Per*i!!ion c"#) ;#)ue Co**#nd ffec" on fi)e ffec" on direc"or

Re#d

userH 8%% chmod u)r

Can open and read the file Can list director' contentgroupH 8% chmod g)r

othersH 8 chmod o)r

Dri"e

userH 2%% chmod u)w

Can modif' the fileCan create" delete" and rename files in

the director'groupH 2% chmod g)w

othersH 2 chmod o)w

xecu"e

userH 1%% chmod u)x

Can execute the file Ebinar'

or scriptF

Can enter the director'" and search files

within Eb' accessing a file.s inodeFgroupH 1% chmod g)x

othersH 1 chmod o)x

Se"9I S9I 8%%% chmod u)s/xecutable is run with the

privileges of the file.s owner0o effect

Se"GI SGI 2%%% chmod g)s/xecutable is run with the

privileges of the file.s group

!ll new files and subdirectories inherit

the director'.s group I+

S"ick 1%%% chmod )t 0o effectnl' the file.s or the director'.s ownercan delete or rename a file inside

chmod 0$# filechmod u


36/128

3


37/128

35$12% Link!

Links

! Linux director' contains a list of structures which are associations between a filename and an inode!n inode contains all file metadataH file t'pe" permissions" owner" group" si(e" access;change;modification;deletion times"number of links" attributes" !CLs" and address where the actual file content EdataF is stored!n inode does not contain the name of the fileG this information is stored in the director' the file is in

ls -i 7how a listing of the director' with the files. inode numbers

df -i ,eport files'stem inode usage

(#rd )ink S*o)ic or !of" )ink

efini"ion ! link to an alread' existing inode ! path to a filenameG a shortcut

Co**#nd "o cre#"e i" ln myfile hardlink ln -s myfile symlink

I! "+e )ink !"i)) ;#)id if "+e oriin#)

fi)e i! *o;ed or de)e"edE

)es Ebecause the link references the

inode the original file pointed toF

0o Ethe path now references a non-

existent fileF

C#n )ink "o # fi)e in #no"+er

fi)e!!"e*E0o Ebecause inode numbers make senseonl' within a determinate files'stemF

)es

C#n )ink "o # direc"orE 0o )es

Link /er*i!!ion!,eflect the original file.s permissions"even when these are changed

rwxrwxrwx

Link #""riu"e! - Eregular fileF l Es'mbolic linkF

Inode nu*er The same as the original file ! new inode number



38/128

3%$12% Find !!"e* fi)e!

Find system files

find / -name BfooB =ind all files" starting from the root dir" whose name start with foo

find / -name BfooB -print =ind all files whose name start with foo and print their path

find / -name BfooB -exec chmod 0## ST ;] =ind all files whose name start with foo and appl' permission


39/128

37$12% S+e)) en;iron*en"

Shell environment

#!+ !+e)) e;en" Fi)e! run

hen a login shell is launched

/etc/profile@/.bashNprofile@/.bashNlogin@/.profile

The shell executes the

s'stem-wide profile file" thenthe first of the & user files

that exists and is readablehen a login shell exits @/.bashNlogout

hen a non-login shell is launched

/etc/bash.bashrc/etc/bashrc@/.bashrc

!RJ9 7et a variable

!RJ9>==!RJ9>==!RJ9)>

==!RJ9))>>let B!RJ9

Increment a numeric variable

unset !RJ9 +elete a variable

export !RJ9 /xport a variable so it can be seen b' 5ash child processes

set \S!RJ9:


40/128

3>$12% Scri/"in

Scripting

7cripts must start with the shebang line V/bin/bash indicating the location of the script interpreter

Scri/" execu"ion

source m"script.sh

. m"script.sh

7cript execution takes place in the same shell 6ariables defined and

exported in the script are seen b' the shell when the script exits

bash m"script.sh

./m"script.sh Efile must be executableF7cript execution spawns a new shell

command Q /xecute a command in the background

command1] command2 /xecute command 1 and then command 2

command1 QQ command2 /xecute command 2 onl' if command 1 executed successfull' Eexit status J %F

command1 MM command2 /xecute command 2 onl' if command 1 did not execute successfull' Eexit status %F

=command1 QQ command2> Aroup commands together for evaluation priorit'

exit Terminate a script

exit n Terminate a script with the specified exit status number n 5' convention" a % exitstatus is used if the script executed successfull'" non-(ero otherwise

if X \[ -e # Ythen

echo B+uccessBelse

echo B,ailBfi

/valuate whether the last executed command exited successfull' or failed

function m"func S commands Tm"func=> S commands T +efine a function

m"func arg$ arg2 Call a function

!RJ9


41/128

3?$12% F)ow con"ro)

Flow control

test \!RJ9 < BvalueB QQ command X \!RJ9 < BvalueB Y QQ command if X \!RJ9 < BvalueB Y] then command ] fi

Perform a testG if it holds true" the command is executed

8e!" o/er#"or!

In"eer o/er#"or! Fi)e o/er#"or! x/re!!ion o/er#"or!

-e /#ual to -e or -a /xists -a Logical !0+

-ne 0ot e#ual to -d Is a director' -o Logical ,

-lt Less than -b Is a block special file V Logical 0T

-le Less than or e#ual to -c Is a character special file ;= ;> Priorit'

-gt Areater than -f Is a regular file

-ge Areater than or e#ual to -r Is readable

S"rin o/er#"or! -w Is writable

-( Is (ero length -x Is executable

-n or nothing Is non-(ero length -s Is non-(ero length


42/128


43/128


44/128


45/128

A (ipcode J9IG9=5>>]

I9474 73L4 pa"ments =pa"id 67 87 HLL H78N6I94!47 P96!9R 4RAdate D74A fee 67A bill J9IG9=$2>A cusid 67AI8+7967 ,$ ,8946 4R =cusid> 94,494I4+ customers=cusid>>]

Create tables

I9474 6D4E lastnameNindex 8 customers=lastname>]L749 73L4 customers DD 6D4E lastnameNindex =lastname>]

Create a field index for fast search

D4+I9634 customers] +escribe the columns of a table

D98P 73L4 pa"ments] +elete a table

D98P D73+4 Iompan"Database] +elete a database

L749 73L4 customers !8D6,R cit" J9IG9='2>] 4odif' the t'pe of a field

6+497 678 customers =firstnameAlastnameAdob>JLH4+ =WrthurWAWDentWA$*5*-#-#$>A =W7rillianWAWWA$*0$-#'-$*>]

Insert a new record in a table

D4L474 ,98! customers ?G494 firstname L64 WaphodW] +elete some records in a table

HPD74 customers +47 cit" < WLondonW ?G494 (ipcode < W##0*W] 4odif' data

I9474 J64? custNview ++4L4I7 ,98! customers ?G494 cit" V< WLondonW]

Create a view

I8!!67] Commit changes to the database

98LL3I] ,ollback the current transaction" cancelingan' changes done during it

+797 79+I768]346]

+isable autocommit for this transaction"until a C44IT or ,LL5!C is issued



46/128

+4L4I7 cusid ,98! pa"ments ?G494 fee LL =+4L4I7 fee ,98! pa"ments ?G494 cusid < %2%2##$]

7how the customer I+s that pa'fees higher than the highest feepaid b' customer I+ 8282%%1

+4L4I7 ,98! customers ?G494 firstname L64 W7rillZW] 7elect customers whose first namestarts with QTrillQ

+4L4I7 ,98! customers ?G494 firstname L64 W,NrdW] 7elect matching customersGthe N matches a single character

+4L4I7 ,98! customers ?G494 firstname 944EP W^rt.r\W] 7elect customers whose first namematches the regex

+4L4I7 firstnameA lastname ,98! customers ?G494 (ipcode < W##$2'WH68+4L4I7 firstnameA lastname ,98! customers ?G494 cusid %2%2##$]

7elect customers that satisf' an' ofthe two re#uirements

+4L4I7 firstnameA lastname ,98! customers ?G494 (ipcode < W##$2'W6749+4I7+4L4I7 firstnameA lastname ,98! customers ?G494 cusid %2%2##$]

7elect customers that satisf' both

of the two re#uirements

+4L4I7 firstnameA lastname ,98! customers ?G494 (ipcode < W##$2'W4EI4P7+4L4I7 firstnameA lastname ,98! customers ?G494 cusid %2%2##$]

7elect customers that satisf' thefirst re#uirement but not the second



47/128


48/128

] 7et a password for a 4'7L user

+47 P++?89D ,89 WCohnWUWlocalhostW < W041%'D,120'ID$31D45'W] 7et a password for a 4'7L user"specif'ing its hash instead of the plaintext

+G8? 97+ ,89 WCohnWUWlocalhostW] 7how permissions for a user

97 LL P96J6L44+ 8 !"Database. 78 WCohnWUWlocalhostW] Arant permissions to a user

94J84 LL P96J6L44+ ,98! WCohnWUWlocalhostW] ,evoke permissions from a user

97 +4L4I7 8 . 78 WCohnWUWlocalhostW 6D476,64D 3R Wp%ssw#rdW] Create a 4'7L user and set his grants

,LH+G P96J6L44+] ,eload and commit the grant tablesG to be

used after an' A,!0T command

H+4 !"Database] +8H9I4 m"dbba&.sl] ,estore a database from a dump file

H+4 !"Database] L8D D7 L8IL 6,6L4 WfoofileW 678 73L4 foo] Populate a table with data from file Eonerecord per line" values separated b' tabsF

+4L4I7 ,98! !"Database.m"table]+4L4I7 ,98! !"Database.m"table;g

7end a statement to the server

+4L4I7 ,98! !"Database.m"table; +ispla' result in vertical format" showingeach record in multiple rows

+4L4I7 /V***** m" comment/ ,98! !"Database.m"table] Insert a comment in the statement

;s Print status information about the server

and the current connection

;c Cancel current input

+4L4I7 J49+68=>] 7how version of 4'7L server

+4L4I7 IH9D74=>]+4L4I7 IH9947ND74]

7how current date

+4L4I7 IH976!4=>]+4L4I7 IH9947N76!4]

7how current time

+4L4I7 8?=>] 7how current date and time

+4L4I7 H+49=>] 7how current logged-in userRhost

;V command ,un a shell command

744 logfile Log all I; of the current 4'7L sessionto the specified logfile



49/128


50/128

$12% 'SQL "oo)!

MySQL tools

m"sldNsafe 7tart the 4'7L server Em's#ldF with safet' featuressuch as restarting the server if errors occur and loggingruntime information to the error logfile ,ecommended

m"slNinstallNdb EdeprecatedFm"sld --initiali(e

Initiali(e the 4'7L data director'" create s'stem tables"and set up an administrative account

m"slNsecureNinstallation 7et password for root" remove anon'mous users" disableremote root login" and remove test database

m"sl -u root -p Login to 4'7L as root and prompt for the password

m"sl -u root -ps'cr't Login to 4'7L as root with password s&cr&t

m"sl -u root -p -e WI9474 D73+4 !"DatabaseW ,un a 7L command via 4'7L

m"sldump -u root -p --all-databases alldbsba&.sl 5ackup all databases to a dump file

m"sldump -u root -p !"Database m"dbba&.sl 5ackup a database to a dump file

m"sl -u root -p F alldbsba&.sl ,estore all databases from a dump file

m"sl -u root -p !"Database F m"dbba&.sl ,estore a database from a dump file

m"slNupgrade -u root -p Check all tables in all databases for incompatibilities with

the current version of 4'7L

m"slchec& [options] Perform table maintenance /ach table is locked while isbeing processed ptions areH--chec& Check table for errors EdefaultF

--anal"(e !nal'(e table

--optimi(e ptimi(e table--repair ,epair tableG this can fix almost an'thing

except uni#ue ke's that are not uni#ue

m"slchec& --chec& db table Check the specified table of the specified database

m"slchec& --chec& --databases db1 db2 Check the specified databases

m"slchec& --chec& --all-databases Check all databases

m"sltuner.pl ,eview the current 4'7L installation for performances

and stabilit'



51/128


52/128

50$12% : Dindow "oo)!

X Window tools

xdotool @ automation tool

xdotool getwindowfocus Aet the I+ of the currentl' focused window Eusuall' the terminal wherethis command is t'pedF

xdotool selectwindow Pop up a @ cursor and get the I+ of the window selected b' it

xdotool &e" --window $2'%510 9eturn 7imulate a ,eturn ke'stroke inside window I+ 12&89:

xprop @ propert' displa'er

xrandr --output eDP$ --right-of J$ /xtend the screen on an additional 6A! ph'sical screen situated to the left

xsel 4anipulate the @ selection Eprimar'" secondar'" and clipboardF

xsel -b F file Put the contents of a file in the @ clipboard

xsel -b -a F file2 !ppend the contents of a file to the @ clipboard

xsel -b -o utput onscreen the contents of the @ clipboard

m&fontdir Catalog the newl' installed fonts in the new director'

xset fp) /usr/local/fonts +'namicall' add the new installed fonts in /usr/local/fonts to the @

server

xfs 7tart the @ font server

fc-cache Install fonts and build font information cache



53/128

51$12% :11 ke!i* code!

X11 keysim codes

'#in L#"in 1 L#"in 2

3ac&+pace ff#7ab ff#*Linefeed ff#aIlear ff#b

9eturn ff#dPause ff$'+crollNLoc& ff$%+"sN9e ff$54scape ff$bDelete ffff

space ##2#exclam ##2$uotedbl ##22numbersign ##2'

dollar ##2%percent ##25ampersand ##21apostrophe ##20uoteright ##20parenleft ##2parenright ##2*asteris& ##2aplus ##2bcomma ##2cminus ##2dperiod ##2eslash ##2f# - * ##'# - ##'*colon ##'asemicolon ##'b

less ##'ceual ##'dgreater ##'euestion ##'fat ##%# - ##%$ - ##5abrac&etleft ##5bbac&slash ##5cbrac&etright ##5dasciicircum ##5eunderscore ##5fgrave ##1#uoteleft ##1#a - ( ##1$ - ##0abraceleft ##0bbar ##0cbraceright ##0dasciitilde ##0enobrea&space ##a#exclamdown ##a$cent ##a2sterling ##a'currenc" ##a%"en ##a5bro&enbar ##a1section ##a0diaeresis ##acop"right ##a*ordfeminine ##aaguillemotleft ##abnotsign ##ach"phen ##adregistered ##ae

macron ##afdegree ##b#plusminus ##b$twosuperior ##b2threesuperior ##b'acute ##b%mu ##b5paragraph ##b1periodcentered ##b0cedilla ##bonesuperior ##b*masculine ##baguillemotright ##bboneuarter ##bconehalf ##bdthreeuarters ##be

uestiondown ##bfgrave ##c#acute ##c$circumflex ##c2

tilde ##c'diaeresis ##c%ring ##c54 ##c1Icedilla ##c04grave ##c4acute ##c*4circumflex ##ca4diaeresis ##cb6grave ##cc6acute ##cd6circumflex ##ce6diaeresis ##cf47G ##d#4th ##d#tilde ##d$

8grave ##d28acute ##d'8circumflex ##d%8tilde ##d58diaeresis ##d1multipl" ##d08slash ##d8obliue ##dHgrave ##d*Hacute ##daHcircumflex ##dbHdiaeresis ##dcRacute ##dd7G89 ##de7horn ##dessharp ##dfagrave ##e#aacute ##e$acircumflex ##e2atilde ##e'adiaeresis ##e%aring ##e5ae ##e1ccedilla ##e0egrave ##eeacute ##e*ecircumflex ##eaediaeresis ##ebigrave ##eciacute ##edicircumflex ##eeidiaeresis ##efeth ##f#

ntilde ##f$ograve ##f2oacute ##f'ocircumflex ##f%otilde ##f5odiaeresis ##f1division ##f0oslash ##foobliue ##fugrave ##f*uacute ##faucircumflex ##fbudiaeresis ##fc"acute ##fdthorn ##fe"diaeresis ##ff

ogone& #$a$breve #$a2Lstro&e #$a'Lcaron #$a5

+acute #$a1+caron #$a*+cedilla #$aa7caron #$abacute #$accaron #$aeabovedot #$afaogone& #$b$ogone& #$b2lstro&e #$b'lcaron #$b5sacute #$b1caron #$b0scaron #$b*scedilla #$batcaron #$bb

(acute #$bcdoubleacute #$bd(caron #$be(abovedot #$bf9acute #$c#breve #$c'Lacute #$c5Iacute #$c1Icaron #$c4ogone& #$ca4caron #$ccDcaron #$cfDstro&e #$d#acute #$d$caron #$d28doubleacute #$d59caron #$dHring #$d*Hdoubleacute #$db7cedilla #$deracute #$e#abreve #$e'lacute #$e5cacute #$e1ccaron #$eeogone& #$eaecaron #$ecdcaron #$efdstro&e #$f#nacute #$f$ncaron #$f2odoubleacute #$f5rcaron #$f

uring #$f*udoubleacute #$fbtcedilla #$feabovedot #$ff

Cur!or con"ro)

Gome ff5#Left ff5$Hp ff529ight ff5'Down ff5%Prior ff55PageNHp ff55ext ff51

PageNDown ff514nd ff503egin ff5

'i!c func"ion!

+elect ff1#Print ff1$4xecute ff126nsert ff1'Hndo ff159edo ff11!enu ff10,ind ff1Iancel ff1*Gelp ff1a3rea& ff1b

!odeNswitch ff0escriptNswitch ff0eumNLoc& ff0f

'odifier!

+hiftNL ffe$+hiftN9 ffe2IontrolNL ffe'IontrolN9 ffe%IapsNLoc& ffe5+hiftNLoc& ffe1!etaNL ffe0!etaN9 ffeltNL ffe*ltN9 ffea+uperNL ffeb

+uperN9 ffecG"perNL ffedG"perN9 ffee

This is an excerpt of &e"s"mdef.h which defines ke's'm codes Eie characters or functions associated with each ke' in @11Fas ENkey and the key hex value These ke's can be used as argument for the xdotool &e" command



54/128

52$12% 9!er #ccoun"!

User accounts

/etc/passwd 9!er #ccoun"!

root:x:0:0:/root:/bin/bash bin:x:1:1:/bin:/bin/bash

jdoe:x:500:100:John oe!!555-1"#$!!:/home/jdoe:/bin/bash1 2 3 < 5 % 7

1 Login name

2 /ncr'pted password EobsoleteF" or x if password is in /etc/shadow

3 BI+ S Bser I+ EBI+ % is superuserG b' convention BI+s 1-?? are s'stem accounts" BI+s above are regular usersF

< AI+ S +efault Aroup I+

5 A/C7 field S Information about the userH =ull name" ,oom number" ork phone" *ome phone" ther

% *ome director' of the user

7 Login shell Ecan be set to /bin/false to prevent a user from logging inF

/etc/shadow 9!er /#!!word! re#d#)e on) roo"

root:f%&e5$/'ldu(#"pl0)/*:155#+:0:,,,,,:+::: bin::15(#+:0:,,,,,:+:::jdoe:hspe#j2dw,3u5#:1550:0:,,,,,:+::15+((:1 2 3 < 5 % 7 > ?

1 Login name

2 /ncr'pted password Ea V prefix if the account is locked" if account is disabled" V or VV if no passwordF

3 +ate of last password change Ein number of da's since 1 Danuar' 1?


55/128

53$12% 9!er *#n#e*en"

User

management

useradd -m Cdoe Create a user account" creating and populating his homedir from /etc/s&el

useradd -mc BOohn DoeB Cdoe Create a user account" specif'ing his full name

useradd -ms /bin/&sh Cdoe Create a user account" specif'ing his login shell

useradd -D 7how default values Especified in /etc/login.defsF for user account creation

usermod -c BOonas DoeB Cdoe 4odif' the A/C7 field of a user account

Eusermod accepts man'

useradd optionsFusermod -L Cdoe Lock a user account

usermod -H Cdoe Bnlock a user account

userdel -r Cdoe +elete a user and his homedir

chfn Cdoe Change the A/C7 field of a user

chsh Cdoe Change the login shell of a user

passwd Cdoe Change the password of a user

passwd -l Cdoe Lock a user account

passwd -+ Cdoe Aet information about a user accountPrints username" account status ELJlocked" PJpassword" 0PJno passwordF" date oflast password change" min age" max age" warning period" inactivit' period in da's

chage -4 2#$'-#2-$% Cdoe Change the password expiration date" locking the account at that date

chage -d $'$$$ Cdoe Change the date Ein number of da's since 1 Danuar' 1?


56/128

5


57/128

55$12% Pri;i)ee e!c#)#"ion

Privilege escalation

runuser -u Cdoe command ,un a command as user $doe Can be launched onl' b' the superuser

su Cdoe ,un a shell as user $doe If user is not specified" assume root

su -c Bfdis& -lB Pass a single command to the shellsu -su -l

/nsure that the spawned shell is a login shell" hence running login scripts and settingthe correct environment variables ,ecommended option

sudo fdis& -lsudo -uroot fdis& -l

,un a command as root 7udo commands are logged via s'slog on/var/log/auth.log E+ebianF or /var/log/secure E,ed *atF

sudo VV ,un again the last command" but this time as root

sudoedit /etc/passwdsudo -e /etc/passwd

/dit a protected file It is recommended to use this instead of allowing users to sudotext editors as root" which will cause securit' problems if the editor spawns a shell

visudo /dit /etc/sudoers" the configuration file that specifies access rights to sudo

g&su -u root -lg&sudo -u root gparted

ABI front-ends to su and sudo used to run a @ indow command as root ill pop up

a re#uester prompting the user for root.s password



58/128

5%$12% 8er*in#)!

Terminals

write Cdoe rite interactivel' a message to the terminal of user $doe Emust be logged inF

wall rite interactivel' a message to the terminal of all logged in users

echo BGelloB M write Cdoe rite a message to the terminal of user $doe Emust be logged inF

echo BGelloB M wall rite a message to the terminal of all logged in userstal& Cdoe pen an interactive chat session with user $doe Emust be logged inF

mesg "chmod g)w \=tt">

!llow the other users to message 'ou via write" wall" and tal&

mesg nchmod g-w \=tt">

+isallow the other users to message 'ou via write" wall" and tal&

mesg +ispla' 'our current message permission status

mesg works b' enabling;disabling the group write permission of 'our terminal device" which is owned b' s'stem group tt"

The superuser is alwa's able to message users

screen 7creen manager that multiplexes a virtual 6T1%%;!07I terminal betweenprocessesThis command creates a screen sessionG this is useful to be able later toreattach to a remote 77* session lost because of timeout

screen -list 7how the list of detached screen sessions

screen -r pid.tty.hostscreen -r sessiono&ner / pid.tty.host

,esume a detached screen session

screen -9 ,esume the last detached screen session

echo \=tt"> Print 'our terminal device Eeg /dev/tt"$" /dev/pts/$F

/etc/issue 4essage to be printed before the login prompt Can contain these escapecodesH

;b 5audrate of line

;d +ate

;s 7'stem name and 7

;l Terminal device line

;m !rchitecture identifier of machine

;n 0odename aka hostname

;o +omain name

;r 7 release number

;t Time

;u 0umber of users logged in

;H Qn usersQ logged in

;v 7 version and build date

/etc/issue.net 4essage to be printed before the login prompt on a remote session

/etc/motd 4essage to be printed after a successful login" before execution of the loginshell



59/128

57$12% cron

cron

cron permits repeated scheduled execution

If /etc/cron.allow exists" onl' users listed therein can access the service

If /etc/cron.den" exists" all users except those listed therein can access the service

If none of these files exist" all users can access the service

crontab -e /dit 'our user crontab file

crontab -l List the contents of 'our crontab file

crontab -e -u Cdoe /dit the crontab file of another user Ecommand available onl' to the superuserF

/etc/cron.hourl"/etc/cron.dail"/etc/cron.wee&l"/etc/cron.monthl"

7cripts placed in these directories will be automaticall' executed with the specified periods

/etc/crontab

8 m h dom mon dow user command

"5 ( 1 root foo.sh ever' 4onda' at :H29 !4

/5 1( root /opt/m9script.sh from 8H%% to 8H99 P4 ever' 9 minutes ever'da'

0!#0 + "5 1" jdoe /home/jdoe/bar.sh at


60/128

5>$12% #"

at

at permits scheduled execution once

If /etc/at.allow exists" onl' users listed therein can access the service

If /etc/at.den" exists" all users except those listed therein can access the service

If none of these files exist" no user except root can access the service

at 5:##pm tomorrow m"script.shat -f m"listofcommands.txt 5:##pm tomorrowecho Brm fileB M at now)2 minutes

/xecute a command once at the specified time Eabsolute or relativeF

at -lat List the scheduled $obs

at -d 'atrm ' ,emove $ob number & from the list



61/128

5?$12% Loc#)i,#"ion

Localization

Loc#)e en;iron*en" ;#ri#)e!

LLH4

Language" stored in /etc/default/locale

hen scripting" L


62/128

%0$12% S!"e* "i*e

System time

t(selectt(config

dp&g-reconfigure t(data E+ebianF7et the time(one" stored in /etc/time(one

Time(one is also set as a s'mbolic link from /etc/localtime to the correct time(one file in /usr/share/(oneinfo/

date 7how current date and time

date -d B**** da"s agoB Calculate a date and show it

date -d B$*0#/#$/#$ ) %2%2B Convert the number of da's passed since 1 Danuar' 1?


63/128

%1$12% S!)o

Syslog

7'slog logging facilit'Hs"slogd +aemon logging events from user processes

&logd +aemon logging events from kernel processes

/etc/s9slog.conf

8 facilit9.level action.info;mail.none;authpriv.none /var/log/messagesauthpriv. /var/log/secure

mail. /var/log/maillog.alert root.emerg local5.


64/128

%2$12% -*#i)

E-mail

eg !lpine" 4utt eg 7endmail" /xim" Postfix" #mail eg Procmail" 7pam!ssassin

@/.forward 4ail addressEesF to forward the user.s mail to" or mail commands

/etc/aliases/etc/mail/aliases

!liases database for users on the local machine /ach line has s'ntax alias: user

/var/spool/mail/user Inbox for user on the local machine

/var/log/mail.log E+ebianF

/var/log/maillog E,ed *atF4ail logs

mail -s B(ub)ectB CdoeUexample.org F message.t$t 7end a mail message to $doeRexampleorg

uuencode binaryfile M mail CdoeUexample.org 7end a binar' file to $doeRexampleorg Enot recommended"man' mailclients will displa' the received attachment inlineF

mutt -a binaryfile -- CdoeUexample.org F /dev/null 7end a binar' file to $doeRexampleorg using the 4utt 4B!

newaliasessendmail -bi

Bpdate the aliases databaseG must be run after an' change to /etc/aliases

mailexim% -bp /xamine the mail #ueue

exim% -! message"D !ttempt deliver' of message

exim% -!rm message"D ,emove a message from the mail #ueueexim% -!vh message"D 7ee the headers of a message in the mail #ueue

exim% -!vb message"D 7ee the bod' of a message in the mail #ueue

exim% -!vc message"D 7ee a message in the mail #ueue

exim% -f domain =orce a #ueue run of all #ueued messages for a domain

exim% -9ff domain !ttempt deliver' of all #ueued messages for a domain

exim% -bJ 7how version and other info

'#i)ox for*#"!

mbox

/ach mail folder is a single file" storing multiple email messages

!dvantagesH universall' supported" fast search inside a mail folder

+isadvantagesH issues with file locking" possible mailbox corruption

\G8!4/!ail/m"folder

4aildir

/ach mail folder is a director'" and contains the subdirectories /cur" /new" and /tmp

/ach email message is stored in its own file with an uni#ue filename I+

The process that delivers an email message writes it to a file in the tmp/ director'"

and then moves it to new/ The moving is commonl' done b' hard linking the file to

new/ and then unlinking the file from tmp/" which guarantees that a 4B! will not see

a partiall' written message as it never looks in tmp/

hen the 4B! finds mail messages in new/ it moves them to cur/

!dvantagesH fast location;retrieval;deletion of a specific mail message" no file locking

needed" can be used with 0=7+isadvantagesH some files'stems ma' not efficientl' handle a large number of smallfiles" searching text inside all mail messages is slow

\G8!4/!ail/m"folder/


4B!E4ail Bser !gentF

mailclient of sender

4T!E4ail Transfer !gentF74TP server of sender

4T!E4ail Transfer !gentF

remote host

4+!E4ail +eliver' !gentFmailserver of recipient

4B!E4ail Bser !gentF

mailclient of recipient


65/128

%3$12% S'8P

SMTP

S'8P co**#nd!

22# smtp.example.com 4+!7P PostfixG4L8 abc.example.org25# Gello abc.example.orgA glad to meet "ou!6L ,98!: aliceUexample.org

25# 8&9IP7 78 bobUfoobar.com25# 8&9IP7 78 eveUfoobar.com25# 8&D7'5% 4nd data with FI9FL,.FI9FL,,rom: lice FaliceUexample.org7o: 3ob FbobUfoobar.comIc: 4ve FeveUfoobar.comDate: ?edA $' ugust 2#$% $:#2:%' -#5##+ubCect: 7est message

7his is a test message..25# 8 id


66/128

%


67/128

%5$12% Po!"fix

Postfix

Postfix is a fast" secure" eas' to configure" open source 4T! intended as a replacement for 7endmail It is implemented asa set of small helper daemons" most of which run in a chroot $ail with low privileges The main ones areH

master Postfix master daemon" alwa's runningG starts the other daemons when necessar'

nmgr ueue manager for incoming and outgoing mail" alwa's running

smtpd 74TP daemon for incoming mail

smtp 74TP daemon for outgoing mail

bounce 4anager of bounce messages

cleanup +aemon that verifies the s'ntax of outgoing messages before the' are handed to the #ueue manager

local +aemon that handles local mail deliver'

virtual +aemon that handles mail deliver' to virtual users

/var/spool/postfix/incoming Incoming #ueue!ll new mail entering the Postfix #ueue is written here b' the cleanup daemon

Bnder normal conditions this #ueue is nearl' empt'

/var/spool/postfix/active !ctive #ueueContains messages read' to be sent The #ueue manager places messages herefrom the incoming #ueue as soon as the' are available

/var/spool/postfix/deferred +eferred #ueue! message is placed here when all its deliverable recipients are delivered" and forsome recipients deliver' failed for a transient reason The #ueue manager scansthis #ueue periodicall' and puts some messages into the active #ueue for a retr'

/var/spool/postfix/bounce 4essage deliver' status report about wh' mail is bounced Enon-delivered mailF

/var/spool/postfix/defer 4essage deliver' status report about wh' mail is dela'ed Enon-delivered mailF

/var/spool/postfix/trace 4essage deliver' status report Edelivered mailF

postfix reload ,eload configuration

postconf -e Wm"domain < example.orgW /dit a setting in the Postfix configuration

postconf -l List supported mailbox lock methods

postconf -m List supported database t'pes

postconf -v Increase logfile verbosit'

postmap dbtype*te$tfile 4anage Postfix lookup tables" creating a hashed map file of databaset'pe dbty#e from textfile

postmap hash:/etc/postfix/transport ,egenerate the transport database

postaliasnewaliases

Convert /etc/aliases into the aliases database file /etc/aliases.db



68/128

%%$12% Po!"fix confiur#"ion

Postfix configuration

/etc/postfix/main.cf Po!"fix confiur#"ion fi)e

m"domain < example.org This s'stem.s domain

m"origin < \m"domain +omain from which all sent mail will appear to originate

m"hostname < foobar.\m"domain This s'stem.s hostnameinetNinterfaces < all 0etwor

Linux Lpic Guide

Documents

Transcript of Linux Lpic Guide