Linux - 1
Linux is the best-known and most-used open source operating system.
To Learn
Introduction To Linux
- Linux Basics - Why Different Distros - Ubuntu Desktop Environments
User/Group Operations
- Create User - Delete User - Update user/ its group - Create group - Modify group - Gid. Why <1000 and >1000 - Modify Password - Modify Primay/Secondary Group
Package Managements
- apt install - apt remove/purge - apt search - apt repo configuration, versions - Installation using source - configure - make - make test - make install
File Permission
- How to grant file/folder permission - Why not 777 - rwx and 421 modes - user and group of file
Sudo
- Why not SUDO command - Why not user ROOT user - ROOT user DISK resource allocation - ROOT Permission security issues - sudoers.d and sudoers file - nopasswd sudo
ENVIRONMENTS
- ~/.bashrc - ~/.profile - /etc/profile - /etc/environment - /etc/profile.d
week 2 Process Management
- View - Kill Process and other Signals - cd /Proc - Start a Process - Nohup, Pm2, screen, setsid. bg , fg, disown, - Port Binding 127 vs 192 vs 0
File Management
- less - grep - tail - cat"
Nginx
- Install: ppa and source - Configure - User Permission - Locations - Logs
SSH
- Password/ File based logins - Passphrase - ~/.ssh permission - authorized_keys - id_rsa and id_rsa.pub - ssh_config
Java installation
- from ppa - From Source - adding and editing Environment Variables
TOMCAT
- Install and setup - Run - Log files - directories and files - Working”
User management
These operations are performed using the following commands:
adduser
: add a user to the system.
userdel
: delete a user account and related files.
addgroup
: add a group to the system.
delgroup
: remove a group from the system.
usermod
: modify a user account.
chage
: change user password expiry information.
sudo
: run one or more commands as another user (typically with superuser permissions).
Relevant files: /etc/passwd (user information), /etc/shadow (encrypted passwords), /etc/group (group information) and /etc/sudoers (configuration for sudo
).
The /etc/sudoers File
Now that we have a regular user account created, we will explain how to utilize it to perform user management tasks.
To grant pluralsight superuser permissions, we will need to add an entry for it in /etc/sudoers. This file is used to indicate which users can run what commands with elevated permissions (most likely as root).
https://www.pluralsight.com/guides/user-and-group-management-linux
https://www.pluralsight.com/guides/getting-started-with-user-management-linux-admin
https://www.tecmint.com/fix-user-is-not-in-the-sudoers-file-the-incident-will-be-reported-ubuntu/
https://linuxize.com/post/how-to-create-users-in-linux-using-the-useradd-command/
Sudo vs. Su
On some Linux distributions like Ubuntu, the root user account is disabled by default for security reasons. This means that no password is set for root, and you cannot use su
to switch to root.
One option to change to root would be to prepend the su
command with sudo
and enter the currently logged in user password:
sudo su -
usermod
Group membership can be modified with the useradd or usermod command.
Be careful when using usermod to add users to groups. By default, the usermod command will remove the user from every group of which he is a member if the group is not listed in the command! Using the -a (append) switch prevents this behavior.
usermod -a -G tennis,sports venus
useradd vs adduser
https://askubuntu.com/questions/345974/what-is-the-difference-between-adduser-and-useradd
force user to logout in Linux
cut command
grep command
Overriding the Default /etc/login.defs
Values
The -K
(--key
) option followed by KEY=VAL
allows you to override the default values specified in the /etc/login.defs
file.
Basically, all you can override are the maximum and minimum values of the normal and system group IDs for automatic GID selection when creating a new group.
Let’s say you want to create a new group with GID in the range between 1200 and 1500. To do that, specify the min/max values as shown below:
groupadd -K GID_MIN=1200 -K GID_MAX=1500 mygroup
Forcing Linux user to change password at their next login
Linux change password for other user account
Command to Add Multiple Users to a Group at once:
gpasswd -M *username1, *username2, *username3 ...., *usernamen *group_name
Example:
gpasswd -M Person1, Person2, Person3 Group1
Adding Repositories with add-apt-repository
Personal Package Archives (PPAs) repo
Manually Adding Repositories
https://www.makeuseof.com/compile-install-software-from-source-linux/
samba - SMB networking protocol
How to Create and Manage Archive Files in Linux
To create an archive called ‘project.tar’ from the contents of the ‘project’ directory, type:
$ tar -cvf project.tar project
To list the contents of an archive called ‘project.tar’, type:
$ tar -tvf project.tar
To extract the contents of an archive called ‘project.tar’, type:
$ tar -xvf project.tar
https://www.fosslinux.com/34665/15-tar-command-in-linux-uses-with-examples.htm
chmod command
why not 777
Suitable Permissions for a Web Server
When it comes to files that you are serving through a web server such as Apache or NGINX, some general permissions will work for most cases.
The first thing is there is zero need for any files within the directories your serving to have the execute privilege.
When a web server serves these files, it only needs to be able to read from them.
Typically for files within a web server, you will want to use the permission 644
for files and 755
for directories.
You can update the permissions for all of the files within a directory by running the following command.
find /var/www -type f -exec chmod 644 {} \;
To apply these new permissions to all directories within a directory, you can use the following command.
find /var/www -type d -exec chmod 755 {} \;
absolute and symbolic mode of changing file and folder permissions
Add an Existing User to Multiple Groups
Symbolic link - soft and hard
Symbolic links, also known as soft links, are special types of files that point to other files, much like shortcuts in Windows and Macintosh aliases. The data in the target file does not appear in a symbolic link, unlike a hard link. Instead, it points to another file system entry.
What is Umask and How To Setup Default umask Under Linux?
Explain Octal umask Mode 022 And 002
As I said earlier, if the default settings are not changed, files are created with the access mode 666 and directories with 777. In this example:
- The default umask 002 used for normal user. With this mask default directory permissions are 775 and default file permissions are 664.
- The default umask for the root user is 022 result into default directory permissions are 755 and default file permissions are 644.
- For directories, the base permissions are (rwxrwxrwx) 0777 and for files they are 0666 (rw-rw-rw).
In short,
- A umask of 022 allows only you to write data, but anyone can read data.
- A umask of 077 is good for a completely private system. No other user can read or write your data if umask is set to 077.
- A umask of 002 is good when you share data with other users in the same group. Members of your group can create and modify data files; those outside your group can read data file, but cannot modify it. Set your umask to 007 to completely exclude users who are not group members.
But, How Do I Calculate umasks?
The octal umasks are calculated via the bitwise AND of the unary complement of the argument using bitwise NOT. The octal notations are as follows:
- Octal value : Permission
- 0 : read, write and execute
- 1 : read and write
- 2 : read and execute
- 3 : read only
- 4 : write and execute
- 5 : write only
- 6 : execute only
- 7 : no permissions
Now, you can use above table to calculate file permission. For example, if umask is set to 077, the permission can be calculated as follows:
sudo - cautions, uses
- Privilege escalation - If there is a security vulnerability that's exploited (in say, your web browser), by not running your programs as root will limit damage. If your web browser is running as root (because you logged in as root), then any security failures will have access to your entire system.
- Acountability - There is only one root account. If everything is using the root account, it's difficult to find out who did what. This applies less in a single-user environment, but that's still not a good argument to avoid good security practices. With something like
sudo
, every command that's executed with super-user powers is logged, along with the specific user that requested it be executed.
root - why is it bad to login as root
Inodes and the Linux filesystem
Linux filesystems are complicated things to understand, especially when you get down into the weeds of data and metadata. Every time you run the ls
command and see the output—files listed, permissions, account ownership, etc.—understand that the data about
the files you see is stored somewhere separate from the files themselves, and must be called up. Inodes are behind the scenes working hard, so you don't have to. Let's take a look at what precisely an inode is and what it does for us.
What is an inode?
By definition, an inode is an index node. It serves as a unique identifier for a specific piece of metadata on a given filesystem. Each piece of metadata describes what we think of as a file. That's right, inodes operate on each filesystem, independent of the others. Where this gets confusing is when you realize that each inode is stored in a common table. In short, each filesystem mounted to your computer has its own inodes. An inode number may be used more than once but never by the same filesystem. The filesystem id combines with the inode number to create a unique identification label.
Allocating disk space
swap memory
grep Swap /proc/meminfo
Type the following command to show swap usage summary by device
# swapon -s
Use the free command as follows:
# free -g
Monitoring Tools In Linux
top, htop, vmstat, iostat, atop, nmon, glances, saidar
vmstat
vmstat 1 5
Description
vmstat is a computer system monitoring tool that collects and displays summary information about operating system memory, processes, interrupts, paging and block I/O. Users of vmstat can specify a sampling interval which permits observing system activity in near-real time
vmstat command (also known as virtual memory statistic tool) shows information about processes, memory, disk, and CPU activity in Linux, whereas the iostat command is used to monitor CPU utilization, system input/output statistics for all the disks and partitions.
iostat
iostat 1 5
sudo apt-get install sysstat -y
Top - This command used to check cpu and memory utilization process wise
Htop - command is well refine and have extra feature of top command.it have very good looking use interface.
Here are some shortcuts to configure htop output interactively.
M:
Sort processes by memory usage
P:
Sort processes by processor usage
?:
Access help
k:
Kill current/tagged process
F2:
Setup htop. You can choose display options here.
/:
Search processes
Atop - Atop shows the current usage levels of cpu, memory, disk and network along with a list of processes sorted by cpu usage in descending order.
Nmon- is used to monitor cpu, memory, network, disk usage and process list on a single screen. We can generate spreadsheet file form this report.
Glances is similar to Nmon that report statistics on cpu, memory, network, disk and processes.
Glances gives a quick overview of system usage on Linux
Saidar is the simplest of all tools. The output includes statistics on CPU, processes, load, memory, swap, network I/O, disk I/O, and file system information. The output does not mention the running processes at all.
How to Create Partitions in Linux
https://phoenixnap.com/kb/linux-create-partition
Partition a Disk Using parted Command
sudo parted -l
Partitions types can be:
- Primary – Holds the operating system files. Only four primary partitions can be created.
- Extended – Special type of partition in which more than the four primary partitions can be created.
- Logical – Partition that has been created inside of an extended partition.
Open the storage disk that you intend to partition by running the following command:
sudo parted /dev/sdb
select /dev/sdb
mklabel [partition_table_type]
eg mklabel gpt
eg mkpart primary ext4 1MB 1855MB
The “You may need to update /etc/fstab file” message signals that the partition can be mounted automatically at boot time.
Your Linux system's filesystem table, aka fstab, is a configuration table designed to ease the burden of mounting and unmounting file systems to a machine. It is a set of rules used to control how different filesystems are treated each time they are introduced to a system. Consider USB drives, for example. Today, we are so used to the plug and play nature of our favorite external drives that we may completely forget that operations are going on behind the scenes to mount the drive and read/write data.
In the time of the ancients, users had to manually mount these drives to a file location using the mount command. The fstab file became an attractive option because of challenges like this. It is designed to configure a rule where specific file systems are detected, then automatically mounted in the user's desired order every time the system boots. Not only is it less work over time, but it also allows the user to avoid load order errors that could eat up valuable time and energy.
Partition a Disk Using fdisk Command
sudo fdisk -l
select storage disk : sudo fdisk /dev/sdb
Run the n
command to create a new partition.
Select the partition number by typing the default number (2).
After that, you are asked for the starting and ending sector of your hard drive. It is best to type the default number in this section (3622912).
The last prompt is related to the size of the partition. You can choose to have several sectors or to set the size in megabytes or gigabytes. Type +2GB
to set the size of the partition to 2GB.
The system created the partition, but the changes are not written on the disk.
To write the changes on disk, run the w command:
Verify that the partition is created by running the following command:
sudo fdisk -l
Format the Partition
Once a partition has been created with the parted
of fdisk
command, format it before using it.
Format the partition by running the following command:
sudo mkfs -t ext4 /dev/sdb1
Mount the Partition
To begin interacting with the disk, create a mount point and mount the partition to it.
1. Create a mount point by running the following command:
sudo mkdir -p /mt/sdb1
2. After that, mount the partition by entering:
sudo mount -t auto /dev/sbd1 /mt/sdb1
The terminal does not print out an output if the commands are executed successfully.
3. Verify if partition is mounted by using the df -hT
command:
Security Holes Caused by Root Users and Privileged Accounts on Linux
The Sudoers File
The sudo command is configured through a file located in /etc/ called sudoers.
Through the sudo command you provide administrative level privileges to regular users. Normally the first user you create while installing Ubuntu has sudo rights. In a VPS environment that is the default root user. You can configure other users to also be able to run the sudo command. That can be done by editing sudoers.
Use the Sudoers File to Grant Specific Privileges
What if we want bill to be able to run only specific kinds of commands with sudo privileges, like networking?
To do so we create a configuration file in /etc/sudoers.d/ called networking.
Use the following command to create the file:
sudo visudo -f /etc/sudoers.d/networking
Add following text in the file:
Cmnd_Alias CAPTURE = /usr/sbin/tcpdump
Cmnd_Alias SERVERS = /usr/sbin apache2ctl, /usr/bin/htpasswd
Cmnd_Alias NETALL = CAPTURE, SERVERS
%netadmin ALL=NETALL
Then run the command:
addgroup netadmin
How To Run “sudo” Command Without Password with NOPASSWD?
%sudo ALL=(ALL:ALL) NOPASSWD: ALL
or for an user
ismail ALL=(ALL:ALL) NOPASSWD: ALL
NOPASSWD For Command or Application
Another use case for the NOPASSWD configuration is disabling the sudo password for a specific command. By default, the NOPASSWD will disable the password for all commands with the sudo. But we can set a specific command to run with sudo without a password. All other commands with sudo will require a password too. In the following example, the user ismail can run /bin/passwd commands with sudo without a password.
ismail ALL=(ALL:ALL) NOPASSWD: /bin/passwd
Multiple commands can be also specified for passwordless sudo usage like below.
ismail ALL=(ALL:ALL) NOPASSWD: /bin/passwd, /bin/rm, /bin/mkdir
What is .bashrc file in Linux?
The .bashrc file is a script file that’s executed when a user logs in. The file itself contains a series of configurations for the terminal session. This includes setting up or enabling: coloring, completion, shell history, command aliases, and more
https://www.journaldev.com/41479/bashrc-file-in-linux
The most common use of the .bashrc file is to set up custom environment variables for different users. It helps a user set up their preferences for the bash shell.
Being a shell script, the .bashrc file can be used to do virtually anything that a user is allowed to do.
Being invoked as soon as the bash shell is opened in the interactive mode, the .bashrc file can be used to set up custom commands for your personal use.
Further, you can set up aliases for your bash session. It can limit the length of shell history as well. Essentially, by editing the .bashrc file using any text editor, a user can set system parameters and create environment variables in a way where their customizations will be available in every future session.
Defining aliases in .bashrc
Aliases are different names for the same command. Consider them as shortcuts to a longer form command. The .bashrc file already has a set of predefined aliases.
source ~/. bashrc
will preserve your entire shell environment (though likely modified by the sourcing of ~/. bashrc ), whereas exec bash will only preserve your current shell's environment variables (any ad-hoc changes to the current shell in terms of shell variables, function, options are lost).
What is the .bash_profile file in Linux?
The .bash_profile file is another bash shell script file which we can see as a config file. It is stored at ~/.bash_profile.
However, unlike the .bashrc file, it gets executed every time a user logs into a system.
In simple words, it is invoked when you enter your username and password to log in on your Linux system. This login can be both local or remote. It is different from a regular bash shell invocation and is seen as a login shell mode session.
The most common use of the .bash_profile file is to set up custom environment variables for different users. In practice, the usage of the .bash_profile file is the same as the usage for the .bashrc file. Most .bash_profile files call the .bashrc file for the user by default. Then why do we have two different configuration files? Why can’t we do everything using a single file?
Well, the short answer is freedom and convenience. The longer answer is as follows: Suppose, You wish to run a system diagnostic every time you log in to your Linux system. You can edit the configuration file to print the results or save it in a file. But you only wish to see it at startup and not every time you open your terminal. This is when you need to use the .bash_profile file instead of .bashrc
What is .profile file in Linux?
.profile file in Linux comes under the System startup files(defines user environment after reading the initialization files that you have set up when you log in to shell).
File like /etc/profile controls variables for profile of all users of the system whereas, .profile allows you to customize your own environment.
The .profile file is present in your home ($HOME) directory and lets you customize your individual working environment.
.profile file controls the following by default:
- Shells to open
- Prompt appearance
- Keyboard Sound.
- The .profile file contains your individual profile that overrides the variables set in the /etc/profile file.
https://www.baeldung.com/linux/bashrc-vs-bash-profile-vs-profile
https://bencane.com/2013/09/16/understanding-a-little-more-about-etcprofile-and-etcbashrc/
What is /etc/profile used for?
If you have been using Linux for a while you are probably familiar with the .profile
or .bash_profile
files in your home directory. These files are used to set environmental items for a users shell. Items such as umask, and variables such as PS1
or PATH
.
The /etc/profile
file is not very different however it is used to set system wide environmental variables on users shells. The variables are sometimes the same ones that are in the .bash_profile
, however this file is used to set an initial PATH
or PS1
for all shell users of the system.
/etc/profile.d
In addition to the setting environmental items the /etc/profile
will execute the scripts within /etc/profile.d/*.sh
. If you plan on setting your own system wide environmental variables it is recommended to place your configuration in a shell script within /etc/profile.d
.
What is /etc/bashrc used for?
Like .bash_profile
you will also commonly see a .bashrc file in your home directory. This file is meant for setting command aliases and functions used by bash shell users.
Just like the /etc/profile
is the system wide version of .bash_profile
. The /etc/bashrc
for Red Hat and /etc/bash.bashrc
in Ubuntu is the system wide version of .bashrc
.
Interestingly enough in the Red Hat implementation the /etc/bashrc
also executes the shell scripts within /etc/profile.d
but only if the users shell is a Interactive Shell (aka Login Shell)
Setting PATH variable in /etc/environment vs .profile
https://askubuntu.com/questions/866161/setting-path-variable-in-etc-environment-vs-profile
/etc/environment
is a system-wide configuration file, which means it is used by all users. It is owned byroot
though, so you need to be an admin user and usesudo
to modify it.
~/.profile
is one of your own user's personal shell initialization scripts. Every user has one and can edit their file without affecting others.
/etc/profile
and/etc/profile.d/*.sh
are the global initialization scripts that are equivalent to~/.profile
for each user. The global scripts get executed before the user-specific scripts though; and the main/etc/profile
executes all the.sh
scripts in/etc/profile.d/
just before it exits.
/etc/profile.d - it’s a directory
This directory contains files configuring system-wide behavior of specific programs and site-specific environment customization. As seen previously, these scripts are run from the /etc/profile script.
This would be where the administrator can place customization scripts of their own.
Depending on which distribution of Linux you are using, you will find a variety of files in this directory.
ls -la /etc/profile.d
Process management in linux
An instance of a program is called a Process. In simple terms, any command that you give to your Linux machine starts a new process.
Having multiple processes for the same program is possible.
Types of Processes:
- Foreground Processes: They run on the screen and need input from the user. For example Office Programs
- Background Processes: They run in the background and usually do not need user input. For example Antivirus.
https://www.geeksforgeeks.org/process-management-in-linux/
https://www.tutorialspoint.com/unix/unix-processes.htm#
few commands
Stop a process
To stop a process in Linux, use the ‘kill’ command. kill command sends a signal to the process.
There are different types of signals that you can send. However, the most common one is ‘kill -9’ which is ‘SIGKILL‘.
You can list all the signals using:
$
kill
-L
The default signal is 15, which is SIGTERM. Which means if you just use the kill command without any number, it sends the SIGTERM signal.
The syntax for killing a process is:
$
kill
[pid]
Alternatively you can also use :
$
kill
-9 [pid]
This command will send a ‘SIGKILL’ signal to the process. This should be used in case the process ignores a normal kill request.
change priority of a process
In Linux, you can prioritize between processes. The priority value for a process is called the ‘Niceness’ value. Niceness value can range from –20 to 19. 0 is the default value. Lower the value higher the priority.
The fourth column in the output of top command is the column for niceness value.
To start a process and give it a nice value other than the default one, use:
$
nice
-n [value] [process name]
To change nice value of a process that is already running use:
renice
[value] -p
'PID'
https://www.cyberciti.biz/faq/how-to-check-running-process-in-linux-using-command-line/
How to manage processes from the Linux terminal
The ps command is a traditional Linux command to lists running processes. The following command shows all processes running on your Linux based server or system:
vek@nixcraft:~$ ps -aux
vivek@nixcraft:~$ sudo ps -a
You can search for a particular Linux process using grep command /egrep command :
vivek@nixcraft:~$ ps aux | grep firefox
vivek@nixcraft:~$ sudo ps aux | grep vim
vivek@nixcraft:~$ sudo ps -aux | egrep 'sshd|openvpn|nginx'
Linux Kill Signals
The way of communicating a message from one process to another process is called a signal. The message that we try to communicate is also called notification that the destination process is to be processed. They might ignore the signals or leave to perform the default action. The kill command in Linux will allow users in sending a signal to the process. When we use the signal command to send a signal to a process that is owned by other users (like root), then we would need admin rights and have the privilege to use the ‘sudo’ command.
Kill signal command in Linux does not only use to stop processes running in the Linux system, but also used to terminate the software from all illegal programs. Thus, few of the kill command signals in Linux are a part of security parameters. Remarkably, these kill commands do not only terminate or kill the programs but also they are used to pause, restart, or continue the programs.
Linux kill command
Want to kill a process? Try kill command. The syntax is:vivek@nixcraft:~$ kill pid
vivek@nixcraft:~$ kill -signal pid
Find PID using ps, pgrep or top commands. Say you want to kill a PID # 16750, run:vivek@nixcraft:~$ kill 16750
For some reason if the process can not be killed, try forceful killing:vivek@nixcraft:~$ kill -9 16750
ORvivek@nixcraft:~$ kill -KILL 16750
Linux pkill command
If you wish to kill a process by name, try pkill command. The syntax is:vivek@nixcraft:~$ pkill processName
vivek@nixcraft:~$ pkill vim
vivek@nixcraft:~$ pkill firefox
vivek@nixcraft:~$ pkill -9 emacs
vivek@nixcraft:~$ sudo pkill -KILL php7-fpm
Linux killall command
The killall command kills processes by name, as opposed to the selection by PID as done by kill command:vivek@nixcraft:~$ killall vim
vivek@nixcraft:~$ killall -9 emacs
Here are the common signals that we generally use in Linux.
Below are the list of Signals and their descriptions:
- SIGTRAP – The main purpose of SIGTRAP command signal is to debug a process. When a signal is sent to a process and it is waiting for an action or condition to meet the debugger then this signal will be sent.
- SIGABRT – This SIGABRT kill signal is used for aborting the processing signal. Basically, a process is initiated to SIGABRT to kill the signal on its own.
- SIGBUS – Whenever a program sends the SIGBUS signal, it happens to be caused by a bus error. Generally, the bus errors are because of a program that tries to utilize duplicate physical addresses or it might be due to the program that may have its memory settings that is set incorrectly.
- SIGCHLD – Whenever a parent program does not find its child process, then the parent program sends the SIGCHLD signal. This is used to clear up the resources which are used by the child program.
- SIGPROF – Whenever any process is using CPU Time then the SIGPROF signal is sent by the system when the program is elapsing.
- SIGPOLL – Whenever a program is causing any non-concurrent I/O actions, then that program will send the SIGPOLL signal.
The SIGHUP (“hang-up”) signal is used to report that the user's terminal is disconnected, perhaps because a network or telephone connection was broken.
The default action for SIGINT, SIGTERM, SIGQUIT, and SIGKILL is to terminate the process. However, SIGTERM, SIGQUIT, and SIGKILL are defined as signals to terminate the process, but SIGINT is defined as an interruption requested by the user
common kill signals
Signal Name | Signal Number | Description |
---|---|---|
SIGINT | 2 | Signals when the Linux user presses ‘CONTROL-C’ |
SIGHUP | 1 | Hangs up signals when controlling the terminal or at the end of the controlling processes. |
SIGQUIT | 3 | Signals when the Linux user presses ‘CONTROL-D’ |
SIGFPE | 8 | Signals when any unexpected mathematical operation is performed. |
SIGKILL | 9 | When any of the process issues this signal, it will quit immediately. |
SIGALRM | 14 | Signals for alarm clock |
SIGTERM | 15 | Signals to terminate the process or the software. |
SIGSTOP | 17,19,23 | Signals to stop the process in Linux. |
Untitled |