Unix crash course: Difference between revisions
(created page) |
mNo edit summary |
||
Line 1: | Line 1: | ||
==Introduction to Unix== | |||
=== Syllabus === | |||
===Syllabus=== | |||
<ol style="list-style-type: decimal;"> | <ol style="list-style-type: decimal;"> | ||
<li>Recommended | <li>Recommended material: | ||
<ul> | <ul> | ||
<li>Unix and Linux System Administration 5th Edition - Evi Nemeth, et al.</li> | <li>Unix and Linux System Administration 5th Edition - Evi Nemeth, et al.</li> | ||
<li>CompTIA Linux+ Study Guide 4th Edition - Chritine Bresnahan and Richard Blum</li></ul> | <li> CompTIA Linux+ Study Guide 4th Edition - Chritine Bresnahan and Richard Blum</li></ul> | ||
</li> | </li> | ||
<li>Objectives | <li>Objectives | ||
<ol style="list-style-type: lower-alpha;"> | <ol style="list-style-type: lower-alpha;"> | ||
<li>Shell scripting, input redirection, and C++/C code in a GNU/Linux environment</li> | <li>Shell scripting, input redirection, and C++/C code in a GNU/Linux environment</li> | ||
<li> | <li>Understanding of Linux file system including permissions</li> | ||
<li> | <li>Understanding of command and how to intermingle them to achieve more complex goals </li> | ||
<li> | <li> Basic system architecture, installation process, and management of Linux/Unix</li> </ol> | ||
</li> | </li> | ||
<li>General notes | <li>General notes | ||
<ol style="list-style-type: lower-alpha;"> | <ol style="list-style-type: lower-alpha;"> | ||
<li>Learning to use Bash scripting and <code>vi</code>/<code>neovim</code> essential to professional usage of Linux in real life</li> | <li>Learning to use Bash scripting and <code>vi</code>/<code>neovim</code> essential to professional usage of Linux in real life</li> | ||
<li>Any commands discussed in class can be looked up via ‘man’</li></ol> | <li> Any commands discussed in class can be looked up via ‘man’</li><li>More detailed information for any command available from the command shell with an internet connection: <code>curl cheat.sh/command_na</code></li></ol> | ||
</li></ol> | </li></ol> | ||
===History=== | |||
# | <li> Bell System | ||
#<li>Dates back to late 1960s, Originally developed by Ken Thompson and Dennis Ritchie of Bell Labs </li><li>Ritchie described the initial goal as to create a good environment in which to: | |||
##<li>do programming and development </li><li>foster communal computing through remote access and close communication </li></li><li>Unix originally written in assembly, but was later re-written in C in 1972 </li><li>First public releases in 1973, at Symposium on Operating Systems Principles; early source code sent by standard mail </li><li>1975, Version 6 of Unix was licensed to companies for the first time. However, commercial users were rare. Licensees only received source code from AT&T. </li><li>Also in 1975, Ken Thompson takes a sabbatical from Bell Labs as a professor at UC Berkeley. | |||
##<li>Creates BSD: The Berkeley System Distribution of Unix 4.2. </li><li>Includes C-shell and vi editor for first time </li></li><li>1983, Bell broken into several companies in anti-trust suit against AT&T. </li><li> AT&T new restrictive license almost kills commercial Unix. | |||
##<li>By 1991, BSD had grown to a complete rewrite of AT&T Unix and comes with BSD license. </li><li>BSD survives today as: FreeBSD, OpenBSD, NetBSD, etc. </li><li>Additionally, Darwin kernel of Mac OSX continues as a form of Unix. </li></li></li><li>GNU Project into Linux | |||
#<li>Around 1983, Richard Stallman creates GNU project </li><li>Stallman’s GNU system goal was to create a ‘free’ system of software that had many of other capabilities of the commercial tools that many Unix also had </li><li>By 1985, Stallman had founded the Free Software Foundation to raise funds to develop free versions of all the components of the Unix syste, under GNU GPL </li><li>In 1991, Linus Torvalds began the development of a new free OS based on the MINIX operation system and SunOS. The 21 year old puts together the kernel. </li><li>As the kernel for the GNU project was still very much in development, the two projects became a natural fit. </li><li>To this day, Stallman insists that Linux is GNU/Linux due to the large reliance on GNU toolchain </li></li> | |||
===Introduction to Red Hat Enterprise Linux=== | |||
#Package Manager - YUM | |||
##Stands for YellowDog Updater Modified | |||
##Provides a set of tools for retrieving software from the internet using subscriptions to an update server | |||
##Utilizes .rpm software files to install packages for management | |||
##Creates an Enterprise Linux environment | |||
##*'''cons:''' less software options overall | |||
##*'''pro:''' all available software is tested and works without additional configuration | |||
##5. <code>yum</code> has an additional, alternative wrapper program <code>dnf</code> to improve output and ease of use | |||
##*stands for DaNdified YUM - commands in the format <code>sudo dnf [verb] [objects]</code> | |||
##*<code>-y</code> flag gives YES as passed option for less attended installation 6. command commands | |||
##*<code>sudo dnf -y install [package_name]</code> install a particular package and dependencies | |||
##* <code>sudo dnf -y update</code> update all packages | |||
===Introduction to Ubuntu=== | |||
# Package Manager - APT | |||
##Stands for Advanced Package Manager | |||
##Ubuntu’s set of tools to install packages and keep them up to date | |||
##Utilizes .deb software packages for management | |||
##Keep in mind this package management system is far from standard | |||
##*Many commercial Unixes have their own package managers | |||
##*When all else fails, a tarball (.tar) file can be used to build from source | |||
##Commands | |||
##*<code>apt-get update</code> synchronizes the index of packages to your system | |||
##*<code>apt-get upgrade</code> downloads and installs new versions of all currently installed packages in place, based on the index | |||
##*<code>apt-get dist-upgrade</code> downloads and installs new versions, and moves the system up to the next version, based on the index | |||
##*<code>sudo</code> was originally “superuserdo”, now works to substitute - users and run programs as that user. /etc/sudoers controls this behavior. | |||
##*<code>sudo apt-get install foo</code> : installs package named '''foo''' | |||
##*<code>sudo apt-get remove bar</code> : removes a package named '''bar''', but not the config files | |||
##*<code>sudo apt-get purge bar</code> : removes a package named '''bar''', and removes config files | |||
##*<code>sudo apt-get source * </code>: gets the source code for a package | |||
##*<code>sudo apt-get clean</code> : removes downloaded packages (.deb files) used to install | |||
<span id="filesystem"></span> | <span id="filesystem"></span> | ||
=== | ===File System=== | ||
<ol style="list-style-type: decimal;"> | <ol style="list-style-type: decimal;"> | ||
<li>Directories | <li>Directories | ||
<ol style="list-style-type: lower-alpha;"> | <ol style="list-style-type: lower-alpha;"> | ||
<li>first and bottom of the directory of the file structure tree is called root '''/'''</li> | <li>first and bottom of the directory of the file structure tree is called root '''/'''</li> | ||
<li>'''/root''' in addition, there is a file directory, within the root directory called /root (“slash root”), which acts as root’s home directory</li> | <li>'''/root''' in addition, there is a file directory, within the root directory called /root (“slash root”), which acts as root’s home directory </li> | ||
<li>'''/home''' normal users’ directories</li> | <li>'''/home''' normal users’ directories</li> | ||
<li>'''/boot''' contains the boot directory, including kernel, initial RAMdisk, and bootloader</li> | <li>'''/boot''' contains the boot directory, including kernel, initial RAMdisk, and bootloader</li> | ||
<li>'''/dev''' lists all devices of the computer</li> | <li> '''/dev''' lists all devices of the computer</li> | ||
<li>'''/etc''' configuration files for nearly all programs that need a state</li> | <li>'''/etc''' configuration files for nearly all programs that need a state</li> | ||
<li>'''/tmp''' temporary files for the system</li> | <li>'''/tmp''' temporary files for the system</li> | ||
Line 47: | Line 82: | ||
<li>'''/var/www''' location of http server files</li></ul> | <li>'''/var/www''' location of http server files</li></ul> | ||
</li> | </li> | ||
<li>'''/usr''' files available to users, including binaries for daily user tasks in /usr/bin</li> | <li>'''/usr''' files available to users, including binaries for daily user tasks in /usr/bin </li> | ||
<li>'''/sbin''' binaries used only by root</li> | <li>'''/sbin''' binaries used only by root</li> | ||
<li>'''/bin''' binaries for the system everyone needs to use</li></ol> | <li>'''/bin''' binaries for the system everyone needs to use</li></ol> | ||
Line 61: | Line 96: | ||
<li>'''..''' : go up one directory#User and Group Configuration</li></ol> | <li>'''..''' : go up one directory#User and Group Configuration</li></ol> | ||
</li></ol> | </li></ol> | ||
===useradd/usermod=== | |||
< | #<code>useradd</code> and <code>usermod</code> do much the same thing | ||
#* <code>-c</code> allows to add comments | |||
#*<code>-d</code> allows to change user home directory | |||
#*<code>-e</code> expiration date - date an account will expire (in YYYYMMDD format), kept in <code>/etc/shadow</code> | |||
#*<code>-f</code> specify how many days the account can be inactive before password expires, kept in <code>/etc/shadow</code> | |||
#*<code>-g</code> specify default group of the user | |||
#*<code>-G</code> append a list of additional groups for the user | |||
#*<code>-l</code>(usermod only) changes a user login ex: <code>usermod -l darren darseife</code> | |||
#*<code>-u</code> uid | |||
#*<code>-s</code> specifies login shell | |||
#*<code>-p</code> specify pre-hashed password | |||
#*<code>-L</code> (usermod only) locks the user’s password so it cannot be entered directly (best used with -e, as well) | |||
#*<code>-U</code> will unlock a user’s password | |||
===passwd=== | |||
commands | |||
# | # <code>sudo passwd darseife</code> change the password of darseife | ||
#<code>passwd</code> can also be used to lock and unlock accounts | |||
#*<code>passwd -l</code> will lock the account’s password | |||
#*a locked password will always be input incorrectly | |||
#*does not necessarily lock user out of the account | |||
#*puts an <code>!</code> at the beginning of the password field in <code>/etc/shadow</code> | |||
#*<code>crypt</code>, the algorithm used to implement ciphers, cannot generate an <code>!</code>so the password hash is disabled | |||
#*<code>passwd -u</code> would unlock the account’s password | |||
#<code>passwd -d</code> removes the password of the account | |||
#<code>passwd -S</code> displays account information: | |||
#*last password change | |||
#*password expires | |||
#*password inactive | |||
#*account expires | |||
#*minimum days between password change | |||
#*maximum days before password change | |||
#*warn period before changes | |||
===chage=== | |||
1. The <code>chage</code> command allows you to modify account settings related to password expiration and aging 2. <code>chage</code> can also be used to configure accounts to automatically expire if: - the password hasn’t been changed - or a date has been passed 3. <code>chage -l</code> print expiration settings of an account 4. <code>chage -m DAYS username</code> to set the minimum time between password changes 5. <code>chage -M DAYS username</code> to set the maximum time between password changes 6. <code>chage -d YYYYMMDD username</code> update the last day YYYY-MM-DD on which to change the password 7. <code>chage -E YYYYMMDD username</code> set the expiration date as YYYY-MM-DD on which username’s account expires - setting the number to <code>-1</code> will make it never expire 8. <code>chage -I DAYS username</code> will lock the account password after number of days inactive 9. <code>chage -W DAYS username</code> number of days the user will be warned before their account is made inactive 10. All of these settings are stored in <code>/etc/shadow</code> | |||
###userdel 1. <code>userdel username</code> deletes users 2. <code>userdel -r username</code> deletes the user, their mail spool, their home directory, and everything in it 3. <code>userdel -f username</code> deletes the user ''right now'' even if they are logged in | ###userdel 1. <code>userdel username</code> deletes users 2. <code>userdel -r username</code> deletes the user, their mail spool, their home directory, and everything in it 3. <code>userdel -f username</code> deletes the user ''right now'' even if they are logged in | ||
Line 89: | Line 142: | ||
###gpasswd - group password 1. <code>gpasswd groupname</code> sets password for a group; it is most common to not have a group password 2. <code>gpasswd -R</code> restricts access to users logging in with password via newgrp | ###gpasswd - group password 1. <code>gpasswd groupname</code> sets password for a group; it is most common to not have a group password 2. <code>gpasswd -R</code> restricts access to users logging in with password via newgrp | ||
###getent - get entities 1. can be used to view individual records in <code>/etc/passwd</code>, and other files 2. useful for getting exact matches for items 3. <code>getent password username</code> - get passwd information for user 4. <code>getent shadow username</code> - get shadow information for user 5. <code>getent group groupname</code> - get group information for user#The *nix CLI ###The Shell explained 1. A shell is a command interpreter where the user interacts with the system via command line interface (CLI) 2. Different shells currently in-use A. '''Bourne-Again SHell''' - located at <code>/bin/bash</code> is the main shell and is used was a default on most Linux systems B. '''sh''' - The Bourne Shell, old school version does not require any libraries. Rarely seen as a user-interface shell; typically a symbolic link to another shell binary. Created by Stephen Bourne, first included in Unix V7 C. '''tcsh''' Tee Shell. Based on the earlier C-shell from Unix. Has some additional features built into it. D. '''csh''' C-shell, a BSD component not often seen on Linux. Created by Bill Joy at UC Berkeley. E. '''ksh''' Korn shell from Bell Labs in the 1980s. The idea was to incorporate features from the Bourne Shell along with C-programming syntax. F. '''zsh''' 1990s, incorporates additional ideas into ksh. 3. Built-in Commands A. <code>cd</code> changes directory - <code>cd ~</code> or <code>cd /home/user</code> are equivalent B. <code>ls -</code> lists files in a directory - default behavior just lists files - <code>-a</code> lists all files including hidden ones - <code>-l</code> long format - <code>-d</code> just directories - <code>-F</code> uses a special character to rep filetypes - <code>-R</code> recursive listing C. Single characters are substituted by <code>?</code>, wildcards by <code>*</code> D. Exiting the system - <code>exit</code> exits the current shell - <code>logout</code> only works for login shells E. Shutting down the system - <code>shutdown -h now</code> halts the system now - <code>shutdown -r now</code> restarts the system now - <code>shutdown -h +5 " "</code> broadcasts the message in quotes and tells people it will be down in 5minutes - <code>halt</code> on most systems, will drop the system into single user mode - <code>poweroff</code> “on fire” graceless exit. Sends HW signal to kill power - <code>reboot</code> essentially ‘shutdown -r’ - <code>reboot -f</code> graceless restart exit, Sends HW signal to reboot F. <code>init</code> relies on a series of programs or scripts to change run-state of machine and to start/stop linux services - <code>init 0</code> - shuts the machine down - <code>init 6</code> - reboots the machine - <code>init S</code> - initializes system boot | ###getent - get entities 1. can be used to view individual records in <code>/etc/passwd</code>, and other files 2. useful for getting exact matches for items 3. <code>getent password username</code> - get passwd information for user 4. <code>getent shadow username</code> - get shadow information for user 5. <code>getent group groupname</code> - get group information for user#The *nix CLI ###The Shell explained 1. A shell is a command interpreter where the user interacts with the system via command line interface (CLI) 2. Different shells currently in-use A. '''Bourne-Again SHell''' - located at <code>/bin/bash</code> is the main shell and is used was a default on most Linux systems B. '''sh''' - The Bourne Shell, old school version does not require any libraries. Rarely seen as a user-interface shell; typically a symbolic link to another shell binary. Created by Stephen Bourne, first included in Unix V7 C. '''tcsh''' Tee Shell. Based on the earlier C-shell from Unix. Has some additional features built into it. D. '''csh''' C-shell, a BSD component not often seen on Linux. Created by Bill Joy at UC Berkeley. E. '''ksh''' Korn shell from Bell Labs in the 1980s. The idea was to incorporate features from the Bourne Shell along with C-programming syntax. F. '''zsh''' 1990s, incorporates additional ideas into ksh. 3. Built-in Commands A. <code>cd</code> changes directory - <code>cd ~</code> or <code>cd /home/user</code> are equivalent B. <code>ls -</code> lists files in a directory - default behavior just lists files - <code>-a</code> lists all files including hidden ones - <code>-l</code> long format - <code>-d</code> just directories - <code>-F</code> uses a special character to rep filetypes - <code>-R</code> recursive listing C. Single characters are substituted by <code>?</code>, wildcards by <code>*</code> D. Exiting the system - <code>exit</code> exits the current shell - <code>logout</code> only works for login shells E. Shutting down the system - <code>shutdown -h now</code> halts the system now - <code>shutdown -r now</code> restarts the system now - <code>shutdown -h +5 " "</code> broadcasts the message in quotes and tells people it will be down in 5minutes - <code>halt</code> on most systems, will drop the system into single user mode - <code>poweroff</code> “on fire” graceless exit. Sends HW signal to kill power - <code>reboot</code> essentially ‘shutdown -r’ - <code>reboot -f</code> graceless restart exit, Sends HW signal to reboot F. <code>init</code> relies on a series of programs or scripts to change run-state of machine and to start/stop linux services - <code>init 0</code> - shuts the machine down - <code>init 6</code> - reboots the machine - <code>init S</code> - initializes system boot | ||
###Man pages and getting help 1. displays the manual pages for any packages on the system 2. typing <code>[/]</code> will allow you to search through the page 3. allows you to move via <code>[spacebar]</code> or <code>[pgup/pgdn]</code> 4. <code>man</code> is broken up into seperate chapters: <code>man 5</code> would show chapter 5 1. executable programs and shell 2. system calls 3. library calls 4. device calls 5. file formats 6. games 7. misc. (macro packages) 8. sys admin commands 9. kernel routines 5. <code>man -k *</code> : to find any pages matching <code>*</code> 6. most programs also allow for <code>--help</code> or <code>-?</code> to be passed for a quick rundown on commands and usage | ###Man pages and getting help 1. displays the manual pages for any packages on the system 2. typing <code>[/]</code> will allow you to search through the page 3. allows you to move via <code>[spacebar]</code> or <code>[pgup/pgdn]</code> 4. <code>man</code> is broken up into seperate chapters: <code>man 5</code> would show chapter 5 1. executable programs and shell 2. system calls 3. library calls 4. device calls 5. file formats 6. games 7. misc. (macro packages) 8. sys admin commands 9. kernel routines 5. <code>man -k *</code> : to find any pages matching <code>*</code> 6. most programs also allow for <code>--help</code> or <code>-?</code> to be passed for a quick rundown on commands and usage | ||
###Unix filesystem permissions 1. filesystem permissions saved as a series of 3 bit numbers 2. format: <code>d,rwx,rwx,rwx</code> for read-write-execute a. <code>d</code> - denotes a Directory or file b. first triad is for the User of the file c. second triad is for Group members of the file d. third triad is for Everyone else 3. Read-write-execute for files a. '''Read''' allows the file to be opened b. '''Write''' allows for the file to be edited c. '''Execute''' allows for the file to run as a program 4. Read-write-execute for directories a. '''Read''' allows for the directory to view filenames in the directory b. '''Write''' allows files to be added or deleted from a dir c. '''Execute''' allows the directory to be visited, “permission to traverse through”; must have this to execute programs within a directory 5. <code>chmod</code> changes file and directory permissions a. two modes for chmod 1. '''symbolic mode''' <code>chmod {u,g,o}[+,-,=]{r,w,x}</code> 2. absolute mode - chmod 777 /path/to/file` * 0 no permissions * 1 execute * 2 write * 4 read F. chown - change file owner and group 1. chown user /foo - changes foo’s owner to user 2. chown root:root /foo - changes foo’s owner to root, also changes foo’s group to root G. echo - displays any text you enter after the command 1. primarially used in shell scripts or ‘programs’ that utilize a combination of of built-in commands, variables, and executables to complete tasks 2. variables reached from echo by invoking the variable name as $NAME #Input Redirection and Utils | ###Unix filesystem permissions 1. filesystem permissions saved as a series of 3 bit numbers 2. format: <code>d,rwx,rwx,rwx</code> for read-write-execute a. <code>d</code> - denotes a Directory or file b. first triad is for the User of the file c. second triad is for Group members of the file d. third triad is for Everyone else 3. Read-write-execute for files a. '''Read''' allows the file to be opened b. '''Write''' allows for the file to be edited c. '''Execute''' allows for the file to run as a program 4. Read-write-execute for directories a. '''Read''' allows for the directory to view filenames in the directory b. '''Write''' allows files to be added or deleted from a dir c. '''Execute''' allows the directory to be visited, “permission to traverse through”; must have this to execute programs within a directory 5. <code>chmod</code> changes file and directory permissions a. two modes for chmod 1. '''symbolic mode''' <code>chmod {u,g,o}[+,-,=]{r,w,x}</code> 2. absolute mode - chmod 777 /path/to/file` * 0 no permissions * 1 execute * 2 write * 4 read F. chown - change file owner and group 1. chown user /foo - changes foo’s owner to user 2. chown root:root /foo - changes foo’s owner to root, also changes foo’s group to root G. echo - displays any text you enter after the command 1. primarially used in shell scripts or ‘programs’ that utilize a combination of of built-in commands, variables, and executables to complete tasks 2. variables reached from echo by invoking the variable name as $NAME #Input Redirection and Utils | ||
###Redirection symbols 1. prog > - redirects std output to the file, truncating and rewriting 2. prog 2> - redirect std error to the file, truncating and rewriting 3. &> - redirects both std output and error to file 4. <code>>></code> - non-destructively appends to end of file rather than rewriting 5. <code>- "backtick" process commands in the middle of another command a. A tool similar to xargs b. text within backticks are treated as a separate command line who's results are substituted on this command line c. things inside of backticks are attempted to be used as a command d. example: rm</code> find / - user darren ` 6. $() - is used like a backtick; more resistant to weird syntax | ###Redirection symbols 1. prog > - redirects std output to the file, truncating and rewriting 2. prog 2> - redirect std error to the file, truncating and rewriting 3. &> - redirects both std output and error to file 4. <code>>></code> - non-destructively appends to end of file rather than rewriting 5. <code>- "backtick" process commands in the middle of another command a. A tool similar to xargs b. text within backticks are treated as a separate command line who's results are substituted on this command line c. things inside of backticks are attempted to be used as a command d. example: rm</code> find / - user darren ` 6. $() - is used like a backtick; more resistant to weird syntax | ||
Line 100: | Line 153: | ||
<span id="c-programs-and-makefiles"></span> | <span id="c-programs-and-makefiles"></span> | ||
=== C++ programs and Makefiles === | ===C++ programs and Makefiles=== | ||
# Basic C++ program with input and output | #Basic C++ program with input and output | ||
<pre>int main (int args, char * argv[]){ | <pre>int main (int args, char * argv[]){ | ||
Line 111: | Line 164: | ||
} | } | ||
// outputs every character given to it</pre> | // outputs every character given to it</pre> | ||
<ol start="2" style="list-style-type: decimal;"> | <ol start="2" style="list-style-type: decimal;"> | ||
<li>Let’s write a less good version of grep called greb:</li></ol> | <li>Let’s write a less good version of grep called greb:</li></ol> | ||
Line 145: | Line 198: | ||
</pre> | </pre> | ||
<ol start="3" style="list-style-type: decimal;"> | <ol start="3" style="list-style-type: decimal;"> | ||
<li>Make A. Allows for automatic configuration and creation of usable binararies from OOP files, and can be used to install and uninstall programs B. Allows for the creation of archives of source code that build as packages into useful code C. typically named ‘makefile’</li></ol> | <li>Make A. Allows for automatic configuration and creation of usable binararies from OOP files, and can be used to install and uninstall programs B. Allows for the creation of archives of source code that build as packages into useful code C. typically named ‘makefile’</li> </ol> | ||
<pre># set a variables for the compiler | <pre># set a variables for the compiler | ||
Line 182: | Line 235: | ||
cp $< $(DESTDIR)$(PREFIX)/bin/$<</pre> | cp $< $(DESTDIR)$(PREFIX)/bin/$<</pre> | ||
<span id="tar-and-packaging"></span> | <span id="tar-and-packaging"></span> | ||
=== Tar and Packaging === | === Tar and Packaging=== | ||
# tar A. the name ‘tar’ comes from its original purpose: Tape ARchive B. you can bundle files as .tar, ‘tarballs’, which contain a series of file entries and terminating bytes between files C. each entry has a file descriptor and the binary contents of the file D. file descriptor, or header, contains the name of a file, a checksum of that file, and permissions data E. does not compress data, but instead keeps it in one file F. tar options: -c: Creates a tar archive -v: Verbose output -x: eXtract from a tar archive -f: specify a Filename -A: Appends two archives together -M: create or extract a multivolume archive -j: specify bzip2 compression -J: specify xz compression -z: specify gzip compression –lzma: specify lzma compression -t: Test an archive | #tar A. the name ‘tar’ comes from its original purpose: Tape ARchive B. you can bundle files as .tar, ‘tarballs’, which contain a series of file entries and terminating bytes between files C. each entry has a file descriptor and the binary contents of the file D. file descriptor, or header, contains the name of a file, a checksum of that file, and permissions data E. does not compress data, but instead keeps it in one file F. tar options: -c: Creates a tar archive -v: Verbose output -x: eXtract from a tar archive -f: specify a Filename -A: Appends two archives together -M: create or extract a multivolume archive -j: specify bzip2 compression -J: specify xz compression -z: specify gzip compression –lzma: specify lzma compression -t: Test an archive | ||
<span id="more-unix-commands"></span> | <span id="more-unix-commands"></span> | ||
=== More Unix Commands === | ===More Unix Commands=== | ||
# fmt - format A. some files have crazy long lines of text B. reformats to a certain -width C. by default, truncates after 75 characters and cleans up paragraphs D. anything with 2+ blankline removed, and adds indention E. -s : prevents truncation of paragraphs | #fmt - format A. some files have crazy long lines of text B. reformats to a certain -width C. by default, truncates after 75 characters and cleans up paragraphs D. anything with 2+ blankline removed, and adds indention E. -s : prevents truncation of paragraphs | ||
# nl - line number A. nl does count whitespace by default B. identical to cat -b (but not cat -n) | #nl - line number A. nl does count whitespace by default B. identical to cat -b (but not cat -n) | ||
# pr - prepare a file for printing A. includes header, footer, and page breaks B. create colummns: pr -3 file.txt C. -l sets the length of lines D. -o choose the header text | #pr - prepare a file for printing A. includes header, footer, and page breaks B. create colummns: pr -3 file.txt C. -l sets the length of lines D. -o choose the header text | ||
# regular expressions - sed and awk A. simliar to wildcard expansion: ex; ls ''.txt B. grep and sed are two examples of regEx programs C. unix system programs have two different forms of regular expressions: basic and extended D. types of expresssions: 1. exact text match: grep “blah” returns all lines with “blah” 2. bracketed expressions: b[aeiou]g - returns bag, beg, big, bog, bug 3. bracketed with range: a[2-4]z - returns a2z, a3z, a4z 4. matching single char: a.z (allows for anything between a and z) 5. matching begin/end of line: ^ beginning, $ end 6. any of these can be combined with the wildcard: '' ex: A.* Lincoln (with 0 or more occurances of a pattern.) ex: A[ae]* Lincoln (with 0 or more occurances of a-e after A. 7. matching at least one of: + symbol ex. A[ae]+ Lincoln - returns at least Aa or Ae Lincoln 8. multiple possibilities or: | needs to be set up with ’ ex. ‘Darren (F|Fredrick) Seifert’ 9. grep -E invokes regex functionality | #regular expressions - sed and awk A. simliar to wildcard expansion: ex; ls ''.txt B. grep and sed are two examples of regEx programs C. unix system programs have two different forms of regular expressions: basic and extended D. types of expresssions: 1. exact text match: grep “blah” returns all lines with “blah” 2. bracketed expressions: b[aeiou]g - returns bag, beg, big, bog, bug 3. bracketed with range: a[2-4]z - returns a2z, a3z, a4z 4. matching single char: a.z (allows for anything between a and z) 5. matching begin/end of line: ^ beginning, $ end 6. any of these can be combined with the wildcard: '' ex: A.* Lincoln (with 0 or more occurances of a pattern.) ex: A[ae]* Lincoln (with 0 or more occurances of a-e after A. 7. matching at least one of: + symbol ex. A[ae]+ Lincoln - returns at least Aa or Ae Lincoln 8. multiple possibilities or: | needs to be set up with ’ ex. ‘Darren (F|Fredrick) Seifert’ 9. grep -E invokes regex functionality | ||
<span id="shell-scripting"></span> | <span id="shell-scripting"></span> | ||
=== Shell Scripting === | ===Shell Scripting=== | ||
# The first line of a shell script tells which program to use to interpret the contents: #!/bin/bash or another shell A. the first two characters are (#!) are special code to tell the kernel this is a script - crunchbang, shebang, hashbang, poundbang B. the remaining lines beginning with # are considered comments <code># this is a comment</code> | #The first line of a shell script tells which program to use to interpret the contents: #!/bin/bash or another shell A. the first two characters are (#!) are special code to tell the kernel this is a script - crunchbang, shebang, hashbang, poundbang B. the remaining lines beginning with # are considered comments <code># this is a comment</code> | ||
# Classic Hello World | #Classic Hello World | ||
<pre># hello.sh | <pre># hello.sh | ||
Line 204: | Line 257: | ||
# Print out hello world | # Print out hello world | ||
echo 'Hello World!'</pre> | echo 'Hello World!'</pre> | ||
<ol start="3" style="list-style-type: decimal;"> | <ol start="3" style="list-style-type: decimal;"> | ||
<li>When you want to run a shell script, it needs to be made executable before it is an executable file: ‘# chmod u+x ./file.sh’</li> | <li>When you want to run a shell script, it needs to be made executable before it is an executable file: ‘# chmod u+x ./file.sh’</li> | ||
<li>Can be invoked with ./file.sh</li> | <li>Can be invoked with ./file.sh</li> | ||
Line 217: | Line 270: | ||
echo "Details for $2" | echo "Details for $2" | ||
ls -l $2</pre> | ls -l $2</pre> | ||
* handling user input and output can use ‘echo’ to create interactive scripts: | *handling user input and output can use ‘echo’ to create interactive scripts: | ||
<pre># plususer.sh | <pre># plususer.sh | ||
Line 226: | Line 279: | ||
echo $username | echo $username | ||
read -sp 'Password:' password # -s stealth</pre> | read -sp 'Password:' password # -s stealth</pre> | ||
* scripts can also handle files as standard input like other commands | *scripts can also handle files as standard input like other commands | ||
<pre># salesreport.sh | <pre># salesreport.sh | ||
Line 233: | Line 286: | ||
echo Data Summary: | echo Data Summary: | ||
cat /dev/stdin | cut -d ' ' -F2,3 | sort</pre> | cat /dev/stdin | cut -d ' ' -F2,3 | sort</pre> | ||
* variables can be made global via export | *variables can be made global via export | ||
<pre># script.sh | <pre># script.sh | ||
Line 250: | Line 303: | ||
echo $0 :: var1 : $var1 , var2 : $var2</pre> | echo $0 :: var1 : $var1 , var2 : $var2</pre> | ||
<span id="sed---stream-editor"></span> | <span id="sed---stream-editor"></span> | ||
=== Sed - Stream EDitor === | ===Sed - Stream EDitor=== | ||
# the sed command uses regular expressions to modify stdin and sends the changes to stdout | #the sed command uses regular expressions to modify stdin and sends the changes to stdout | ||
# usage : <code>sed [options] script.txt [inputfile]</code> | #usage : <code>sed [options] script.txt [inputfile]</code> | ||
# some of the commands that can be used in the script portion | #some of the commands that can be used in the script portion | ||
#* <code>=</code> - display the current line number | #* <code>=</code> - display the current line number | ||
#* <code>a\text</code> - append text to file | #*<code>a\text</code> - append text to file | ||
#* <code>i\text</code> - insert text to file | #*<code>i\text</code> - insert text to file | ||
#* <code>r file</code> - append text from filename into the file | #*<code>r file</code> - append text from filename into the file | ||
#* <code>c\text</code> - replace the selected range with the text | #*<code>c\text</code> - replace the selected range with the text | ||
#* <code>s/2012/2013/</code> - replace the first occurrence of 2012 on first occurrence on each line | #* <code>s/2012/2013/</code> - replace the first occurrence of 2012 on first occurrence on each line | ||
#* <code>s/2012/2013/g</code> - replace ’’ ’’ every occurrence on each line | #* <code>s/2012/2013/g</code> - replace ’’ ’’ every occurrence on each line | ||
# examples | #examples | ||
#* <code>sed 's/Nick\|nick/Gary/g' < salaryprojections.txt</code> | #*<code>sed 's/Nick\|nick/Gary/g' < salaryprojections.txt</code> | ||
#* ^ this would replace any ‘Nick’ or ‘nick’ with ‘Gary’ at all points in the file | #*^ this would replace any ‘Nick’ or ‘nick’ with ‘Gary’ at all points in the file | ||
#* standard replace format: <code>sed 's/^/ /' file.txt > file.new.txt</code> ### Examining Processes | #*standard replace format: <code>sed 's/^/ /' file.txt > file.new.txt</code> ### Examining Processes | ||
# <code>ps</code> command | #<code>ps</code> command | ||
#* The internal Unix command for process control is <code>ps</code> | #*The internal Unix command for process control is <code>ps</code> | ||
#* By default, <code>ps</code> reports back what is happening inside of the current terminal/tty; | #*By default, <code>ps</code> reports back what is happening inside of the current terminal/tty; | ||
#* shows <code>PID</code>, <code>TTY</code>, <code>TIME</code>, and <code>CMD</code> | #* shows <code>PID</code>, <code>TTY</code>, <code>TIME</code>, and <code>CMD</code> | ||
#** <code>PID</code> is the Process ID number for a running program | #**<code>PID</code> is the Process ID number for a running program | ||
#** <code>TTY</code> is the Teletypewriter device which the process runs from; reports stdout and stderr to this by default | #**<code>TTY</code> is the Teletypewriter device which the process runs from; reports stdout and stderr to this by default | ||
#** TIME is the cumulative processor time used by the program on Linux | #**TIME is the cumulative processor time used by the program on Linux | ||
#* <code>ps</code> supports traditional Unix options and GNU flags, which can be somewhat confusing | #*<code>ps</code> supports traditional Unix options and GNU flags, which can be somewhat confusing | ||
#* Options for ps | #*Options for ps | ||
#** Display all processes running <code>ps -A/-e</code> both cause all processes on the system to be listed and output is identical | #**Display all processes running <code>ps -A/-e</code> both cause all processes on the system to be listed and output is identical | ||
#** Display processes belonging to a specific user: <code>ps -u user</code> | #** Display processes belonging to a specific user: <code>ps -u user</code> | ||
#** Display extra fields as a “full format” <code>ps -f</code> can be combined with other options | #**Display extra fields as a “full format” <code>ps -f</code> can be combined with other options | ||
#*** <code>UID</code> User ID shows the username of the user running the command | #***<code>UID</code> User ID shows the username of the user running the command | ||
#*** <code>PPID</code> parent process ID, the process ID of the process that spawned the process | #***<code>PPID</code> parent process ID, the process ID of the process that spawned the process | ||
#*** <code>C</code> processor utilization as % of usage over the lifetime of the process | #***<code>C</code> processor utilization as % of usage over the lifetime of the process | ||
#*** <code>STIME</code> start time of the process as per system time (only in 24h clock format if current day; otherwise uses MMDD format) | #***<code>STIME</code> start time of the process as per system time (only in 24h clock format if current day; otherwise uses MMDD format) | ||
#** Display long format <code>ps -l</code> | #**Display long format <code>ps -l</code> | ||
#*** <code>F</code> Flags field | #***<code>F</code> Flags field | ||
#**** <code>0</code> = no special flags for this process | #****<code>0</code> = no special flags for this process | ||
#**** <code>1</code> = forked process, but did not call exec | #****<code>1</code> = forked process, but did not call exec | ||
#**** <code>4</code> = executable was executed with superuser privileges | #****<code>4</code> = executable was executed with superuser privileges | ||
#*** <code>S</code> State codes | #***<code>S</code> State codes | ||
#**** <code>D</code> Uninterruptible sleep (usually IO) | #****<code>D</code> Uninterruptible sleep (usually IO) | ||
#**** <code>R</code> Running or runnable (on run queue) | #****<code>R</code> Running or runnable (on run queue) | ||
#**** <code>S</code> interruptible Sleep (waiting for an event to complete) | #****<code>S</code> interruptible Sleep (waiting for an event to complete) | ||
#**** <code>T</code> Stopped, either by a job control signal or because it is being traced. | #****<code>T</code> Stopped, either by a job control signal or because it is being traced. | ||
#**** <code>X</code> dead (should never be seen) | #****<code>X</code> dead (should never be seen) | ||
#**** <code>Z</code> Defunct (“zombie”) process, terminated but not reaped by its parent. | #****<code>Z</code> Defunct (“zombie”) process, terminated but not reaped by its parent. | ||
#*** <code>UID</code> uses system number rather than human readable name | #*** <code>UID</code> uses system number rather than human readable name | ||
#*** <code>PRI</code> Priority is used by the kernel, rather than in userspace, to determine the next in queue for processing | #***<code>PRI</code> Priority is used by the kernel, rather than in userspace, to determine the next in queue for processing | ||
#*** <code>NI</code> Niceness of a process describes how accommodating a process is to sharing time on the system. | #***<code>NI</code> Niceness of a process describes how accommodating a process is to sharing time on the system. | ||
#**** This number ranges from +19 to -20, with 0 as the default. | #**** This number ranges from +19 to -20, with 0 as the default. | ||
#**** In the scheduling system, niceness is used to determine how much processing to give to each process when it asks for it. | #**** In the scheduling system, niceness is used to determine how much processing to give to each process when it asks for it. | ||
#*** <code>ADDR</code> the memory address of the process | #***<code>ADDR</code> the memory address of the process | ||
#*** <code>SZ</code> the size of the image in pages | #***<code>SZ</code> the size of the image in pages | ||
#**** how much virtual memory is in use by the process. | #****how much virtual memory is in use by the process. | ||
#**** Includes text, data, and stack space | #****Includes text, data, and stack space | ||
#**** page size is a kernel variable and can be read by <code>getconf PAGE_SIZE</code> | #****page size is a kernel variable and can be read by <code>getconf PAGE_SIZE</code> | ||
#*** <code>WCHAN</code> address of where a function is sleeping (only kernel functions) | #***<code>WCHAN</code> address of where a function is sleeping (only kernel functions) | ||
#*** <code>RSS</code> amount of physical memory in use | #***<code>RSS</code> amount of physical memory in use | ||
#* User-oriented format <code>ps -u</code> displays information in a more readable manner | #*User-oriented format <code>ps -u</code> displays information in a more readable manner | ||
#** <code>%CPU</code> percent of processor time used by process divided by real time | #**<code>%CPU</code> percent of processor time used by process divided by real time | ||
#** <code>%MEM</code> actual percentage of non-reserved physical RAM | #**<code>%MEM</code> actual percentage of non-reserved physical RAM | ||
#** <code>VSIZE</code> virtual memory size used | #**<code>VSIZE</code> virtual memory size used | ||
#* Virtual memory format <code>ps -v</code> displays information including number of: | #*Virtual memory format <code>ps -v</code> displays information including number of: | ||
#** <code>MAJFL</code> major page faults of the process, indicating times it has used swap space | #**<code>MAJFL</code> major page faults of the process, indicating times it has used swap space | ||
#** <code>TRS</code> physical memory devoted to stack | #**<code>TRS</code> physical memory devoted to stack | ||
#** <code>DRS</code> physical memory devoted to non-executable code | #**<code>DRS</code> physical memory devoted to non-executable code | ||
#* Recieve a process hierarchy <code>ps -AH</code> see parent-child relationships visually | #* Recieve a process hierarchy <code>ps -AH</code> see parent-child relationships visually | ||
#* Choose your own adventure mode <code>ps -o uid,pid,ppid,command</code> | #*Choose your own adventure mode <code>ps -o uid,pid,ppid,command</code> | ||
#** this command used to determine certain columns | #**this command used to determine certain columns | ||
#* Piping ps can be piped as per normal to other programs: | #*Piping ps can be piped as per normal to other programs: | ||
#** Ex; <code>ps -u darseife \| grep bash</code> | #**Ex; <code>ps -u darseife \| grep bash</code> | ||
#** <code>pgrep</code> is a common utility that behaves similarly to the previous command | #**<code>pgrep</code> is a common utility that behaves similarly to the previous command | ||
# <code>top</code> | #<code>top</code> | ||
#* <code>top</code> is used to view processes as they execute in real time | #*<code>top</code> is used to view processes as they execute in real time | ||
#** <code>-d</code> used to choose update frequency in seconds | #**<code>-d</code> used to choose update frequency in seconds | ||
#** <code>-p</code> pid to monitor specifically | #**<code>-p</code> pid to monitor specifically | ||
#** <code>-n</code> run for N iterations | #**<code>-n</code> run for N iterations | ||
#** <code>-r</code> command to renice a process within top | #**<code>-r</code> command to renice a process within top | ||
#** <code>-s</code> to change the update rate within top | #**<code>-s</code> to change the update rate within top | ||
#* <code>htop</code> can also be used as a next generation to top | #*<code>htop</code> can also be used as a next generation to top | ||
# <code>nice</code> and <code>renice</code> | #<code>nice</code> and <code>renice</code> | ||
#* The <code>nice</code> command is used to run a command with an adjusted niceness | #*The <code>nice</code> command is used to run a command with an adjusted niceness | ||
#** generally can’t give negative values to programs without superuser access | #**generally can’t give negative values to programs without superuser access | ||
#** <code>nice -n 12 ./script.sh</code> will add 12 to the default priority (0) | #**<code>nice -n 12 ./script.sh</code> will add 12 to the default priority (0) | ||
#* <code>renice</code> is used to adjust niceness of running processes. | #*<code>renice</code> is used to adjust niceness of running processes. | ||
#** <code>renice 0 -p 2772 3562</code> renices the processes 2772 and 3562 to 0 | #**<code>renice 0 -p 2772 3562</code> renices the processes 2772 and 3562 to 0 | ||
#** <code>renice 1 -u darseife</code> renices the processes of user darsiefe to 1 | #**<code>renice 1 -u darseife</code> renices the processes of user darsiefe to 1 | ||
# Killing processes | #Killing processes | ||
## <code>kill</code> | ##<code>kill</code> | ||
##* stopping a process currently running <code>-kill -s signal PID</code> | ##*stopping a process currently running <code>-kill -s signal PID</code> | ||
##** <code>PID</code> PID by default, kill sends a signal to a number of process IDs | ##** <code>PID</code> PID by default, kill sends a signal to a number of process IDs | ||
##** signal 1 is <code>SIGHUP</code> terminates interactive programs and causes daemons to reread config files | ##**signal 1 is <code>SIGHUP</code> terminates interactive programs and causes daemons to reread config files | ||
##** signal 9 is <code>SIGKILL</code> stops all processes without performing a graceful exit or shutdown | ##** signal 9 is <code>SIGKILL</code> stops all processes without performing a graceful exit or shutdown | ||
##** signal 15 is <code>SIGTERM</code> asks the process to terminate and to close out open files, run its shutdown script, etc. | ##**signal 15 is <code>SIGTERM</code> asks the process to terminate and to close out open files, run its shutdown script, etc. | ||
##* <code>kill</code> will only kill processes owned by the user, unless run with superuser access | ##*<code>kill</code> will only kill processes owned by the user, unless run with superuser access | ||
## <code>killall</code> | ##<code>killall</code> | ||
##* kill multiple things | ##*kill multiple things | ||
##* <code>killall vi</code> kills all running instances of vi for the user; when run as a superuser, this will kill any running instance of vi | ##*<code>killall vi</code> kills all running instances of vi for the user; when run as a superuser, this will kill any running instance of vi | ||
##* <code>killall -s 9 vi</code> kills all running instances of vi for the user by sending the <code>SIGKILL</code> signal to it; when run as a superuser, this will kill any running instance of vi. | ##* <code>killall -s 9 vi</code> kills all running instances of vi for the user by sending the <code>SIGKILL</code> signal to it; when run as a superuser, this will kill any running instance of vi. | ||
##* <code>killall -i vi</code> uses interactive mode to ask which processes to kill | ##*<code>killall -i vi</code> uses interactive mode to ask which processes to kill | ||
##* if you are running killall as root, try to use -i to prevent loss of other people’s work | ##*if you are running killall as root, try to use -i to prevent loss of other people’s work | ||
# Additional process control | #Additional process control | ||
#* If you are running a program inside of a terminal, <code>[Ctrl + Z]</code> will pause and go to background | #*If you are running a program inside of a terminal, <code>[Ctrl + Z]</code> will pause and go to background | ||
#** To restart the process, run the command <code>fg</code> in the same terminal | #**To restart the process, run the command <code>fg</code> in the same terminal | ||
#** With multiple processes paused, <code>fg 1</code> or <code>fg 2</code> will bring back process 1 or 2 | #** With multiple processes paused, <code>fg 1</code> or <code>fg 2</code> will bring back process 1 or 2 | ||
#* Processes can be started in the background with & at the end of the line; unlike paused processes, these will continue to run. | #*Processes can be started in the background with & at the end of the line; unlike paused processes, these will continue to run. | ||
<span id="linux-time-and-scheduling"></span> | <span id="linux-time-and-scheduling"></span> | ||
=== Linux Time and Scheduling === | === Linux Time and Scheduling=== | ||
# Overview | #Overview | ||
#* Computer systems in general rely on a pair of clocks to operate | #*Computer systems in general rely on a pair of clocks to operate | ||
#* Two clocks | #*Two clocks | ||
#** '''Hardware clock''' - initialized in BIOS/UEFI and kept updated via battery while computer is off | #**'''Hardware clock''' - initialized in BIOS/UEFI and kept updated via battery while computer is off | ||
#** '''Software clock''' - initialized at boot from BIOS/UEFI time, and is used to track time while running | #**'''Software clock''' - initialized at boot from BIOS/UEFI time, and is used to track time while running | ||
#* Typically, the clock of the computer is set using coordinated universal time (UTC) | #* Typically, the clock of the computer is set using coordinated universal time (UTC) | ||
#** adjusted for use based on timezones and localization settings like DST before entering userspace | #**adjusted for use based on timezones and localization settings like DST before entering userspace | ||
#* Both the hardware clock and the software clock are not terribly reliable and tends to drift over time | #*Both the hardware clock and the software clock are not terribly reliable and tends to drift over time | ||
#* This can be a problem on x86_64 systems in general because many network services rely on accurate timekeeping | #*This can be a problem on x86_64 systems in general because many network services rely on accurate timekeeping | ||
#* This is made worse when having hundreds or thousands of servers requesting time from a single source could be bad | #*This is made worse when having hundreds or thousands of servers requesting time from a single source could be bad | ||
# Unix Time Commands | #Unix Time Commands | ||
#* <code>date</code> outputs the current software clock time | #*<code>date</code> outputs the current software clock time | ||
#* <code>date -u</code> outputs the UTC time | #*<code>date -u</code> outputs the UTC time | ||
#* <code>date 102715022019</code> sets the time to exactly Oct 27, 15:02, 2019 in local time | #*<code>date 102715022019</code> sets the time to exactly Oct 27, 15:02, 2019 in local time | ||
#* <code>hwclock</code> used to retrieve the value of the hardware clock; must be done as root | #* <code>hwclock</code> used to retrieve the value of the hardware clock; must be done as root | ||
#* setting the hardware clock | #*setting the hardware clock | ||
#** <code>hwclock --set--date 102715022019</code> is a manual set | #** <code>hwclock --set--date 102715022019</code> is a manual set | ||
#** <code>hwclock -hctosys</code> set the hardware clock to the system clock | #**<code>hwclock -hctosys</code> set the hardware clock to the system clock | ||
#** <code>hwclock --synctohc</code> synchronizes system clock to hardware | #**<code>hwclock --synctohc</code> synchronizes system clock to hardware | ||
#* these are called by daemons and init on startup and shutdown | #*these are called by daemons and init on startup and shutdown | ||
#* both the system time and the hardware clock still suck and need a replacement | #*both the system time and the hardware clock still suck and need a replacement | ||
# <code>NTP</code> Network Time Protocol | #<code>NTP</code> Network Time Protocol | ||
#* NTP relies on a tree of servers (each level is called a stratum) from a hardware atomic clock server | #*NTP relies on a tree of servers (each level is called a stratum) from a hardware atomic clock server | ||
#* The further down the tree you are the less accurate the time is. | #*The further down the tree you are the less accurate the time is. | ||
#* One NTP server requesting time from a center will exchange packet via timestamp and the delay between communications is estimated | #*One NTP server requesting time from a center will exchange packet via timestamp and the delay between communications is estimated | ||
#* It is best to pick NTP servers with a short delay | #*It is best to pick NTP servers with a short delay | ||
#* Typically, a cluster of computer is requested from a local time server, which in turn is the only computer requesting times outside of the network | #*Typically, a cluster of computer is requested from a local time server, which in turn is the only computer requesting times outside of the network | ||
# <code>timesyncd</code> | #<code>timesyncd</code> | ||
#* Traditionally, <code>ntpd</code> is the daemon that has provided client time synchronization | #*Traditionally, <code>ntpd</code> is the daemon that has provided client time synchronization | ||
#* Newer versions of Ubuntu use a service called <code>timesyncd</code> | #* Newer versions of Ubuntu use a service called <code>timesyncd</code> | ||
#** uses a slightly different protocol than NTP, called <code>SNTP</code> (simplified network time protocol) | #**uses a slightly different protocol than NTP, called <code>SNTP</code> (simplified network time protocol) | ||
#** configuration information is at <code>/etc/systemd/timesyncd.conf</code> | #**configuration information is at <code>/etc/systemd/timesyncd.conf</code> | ||
#** <code>timedatectl</code> is a way to view the current SNTP settings | #**<code>timedatectl</code> is a way to view the current SNTP settings | ||
#* also more information related to this accessible with <code>sudo systemctl status systemd-timesyncd</code> | #*also more information related to this accessible with <code>sudo systemctl status systemd-timesyncd</code> | ||
# Running jobs in the future: <code>cron</code> | #Running jobs in the future: <code>cron</code> | ||
#* <code>cron</code> like timesyncd or ntpd, cron is a daemon that runs continuously and looks for events to cause it to spring into action | #*<code>cron</code> like timesyncd or ntpd, cron is a daemon that runs continuously and looks for events to cause it to spring into action | ||
#* Most daemons are network services, but cron responds to temporal events | #*Most daemons are network services, but cron responds to temporal events | ||
#* A cron daemon wakes up once per minute, and examines its config files in: | #*A cron daemon wakes up once per minute, and examines its config files in: | ||
#** <code>/var/spool/cron/</code> | #**<code>/var/spool/cron/</code> | ||
#** <code>/etc/cron.d/</code> | #**<code>/etc/cron.d/</code> | ||
#** <code>/etc/crontab</code> | #**<code>/etc/crontab</code> | ||
#* Executes command specified: | #*Executes command specified: | ||
#** System jobs - run as root, and perform system maintenance tasks (rotate logs, clean out <code>/tmp</code>, remove old files, update system) | #**System jobs - run as root, and perform system maintenance tasks (rotate logs, clean out <code>/tmp</code>, remove old files, update system) | ||
#** User jobs - run jobs in the future for users | #**User jobs - run jobs in the future for users | ||
#* <code>/etc/crontab</code> | #*<code>/etc/crontab</code> | ||
#** System cronjobs are controlled by this file | #** System cronjobs are controlled by this file | ||
#** Normally, begins with environment variable configuration, then several lines like: | #**Normally, begins with environment variable configuration, then several lines like: | ||
#*** On a typical system <code>02 4 * * * root run-parts /etc/cron.daily</code> | #***On a typical system <code>02 4 * * * root run-parts /etc/cron.daily</code> | ||
#*** On Ubuntu Desktop <code>25 6 * * * root test -x /usr/sbin/anacron || cd / && run-parts --report /etc/cron.daily</code> | #***On Ubuntu Desktop <code>25 6 * * * root test -x /usr/sbin/anacron || cd / && run-parts --report /etc/cron.daily</code> | ||
#** Fields for cron, in order | #**Fields for cron, in order | ||
#**# the minute of the hour | #**#the minute of the hour | ||
#**# the hour of the day | #**#the hour of the day | ||
#**# day of the month | #**#day of the month | ||
#**# month of the year | #**#month of the year | ||
#**# day of the week | #**#day of the week | ||
#** different scripts for items are run from: | #** different scripts for items are run from: | ||
#*** <code>/etc/cron.daily</code> | #***<code>/etc/cron.daily</code> | ||
#*** <code>/etc/cron.weekly</code> | #***<code>/etc/cron.weekly</code> | ||
#*** <code>/etc/cron.monthly</code> | #***<code>/etc/cron.monthly</code> | ||
# <code>anacron</code> a specific implementation of cron | #<code>anacron</code> a specific implementation of cron | ||
#* <code>anacron</code> is not intended to be a replacement for cron, it is a supplement | #*<code>anacron</code> is not intended to be a replacement for cron, it is a supplement | ||
#* cron works great on systems that are ''always on'' | #*cron works great on systems that are ''always on'' | ||
#* <code>anacron</code> is smart in that it can tell if things are run | #* <code>anacron</code> is smart in that it can tell if things are run | ||
#** if things are missed, it plays catchup | #**if things are missed, it plays catchup | ||
#** light-night log rotation, for example, might never run | #**light-night log rotation, for example, might never run | ||
#** anacron is intended to address this | #**anacron is intended to address this | ||
#*** when run it checks to see when it last executed each program | #***when run it checks to see when it last executed each program | ||
#*** if a period greater than the programs interval has passed, the program gets run by anacron | #***if a period greater than the programs interval has passed, the program gets run by anacron | ||
#** config file <code>/etc/anacrontab</code> | #** config file <code>/etc/anacrontab</code> | ||
#*** format: <code>1 5 cron.daily run-parts --report /etc/cron.daily</code> | #***format: <code>1 5 cron.daily run-parts --report /etc/cron.daily</code> | ||
#**** first column: delay in minutes | #****first column: delay in minutes | ||
#**** second column: frequency in days | #****second column: frequency in days | ||
# <code>crontab</code> edit cronjobs for users | #<code>crontab</code> edit cronjobs for users | ||
#* cron jobs for the system are under <code>/etc/</code> but user ones are kept in <code>/var</code> | #*cron jobs for the system are under <code>/etc/</code> but user ones are kept in <code>/var</code> | ||
#* <code>crontab -e</code> edit your user cronfile | #*<code>crontab -e</code> edit your user cronfile | ||
#* root can edit other users with <code>crontab -u username -e</code> | #*root can edit other users with <code>crontab -u username -e</code> | ||
#* <code>/etc/cron.allow</code> and <code>/etc/cron.deny</code> exist for whitelisting or blacklisting users from using <code>cron</code> | #*<code>/etc/cron.allow</code> and <code>/etc/cron.deny</code> exist for whitelisting or blacklisting users from using <code>cron</code> | ||
#** an empty <code>/etc/cron.deny</code> allows ALL USERS if present | #**an empty <code>/etc/cron.deny</code> allows ALL USERS if present | ||
#** an empty <code>/etc/cron.allow</code> blocks ALL USERS if present | #**an empty <code>/etc/cron.allow</code> blocks ALL USERS if present | ||
#* if neither of these exist, then only root may use <code>cron</code> | #*if neither of these exist, then only root may use <code>cron</code> | ||
# <code>at</code> a handy simple task timer | #<code>at</code> a handy simple task timer | ||
#* cron and anacron can be overkill for simple tasks that need to be done once | #*cron and anacron can be overkill for simple tasks that need to be done once | ||
#* example: | #*example: | ||
#** <code>at 5am Oct 31</code> | #**<code>at 5am Oct 31</code> | ||
#** <code>at> /home/darren/run-backup.sh</code> | #**<code>at> /home/darren/run-backup.sh</code> | ||
#** <code>at> echo "job done"</code> | #**<code>at> echo "job done"</code> | ||
#** <code>at> mail -s "backup job finished" root</code> | #**<code>at> mail -s "backup job finished" root</code> | ||
#** <code>at></code> '''ctrl+d''' to finish | #**<code>at></code> '''ctrl+d''' to finish | ||
#* <code>at now +1 hour</code> will run 1 hour from now relative to current system time | #*<code>at now +1 hour</code> will run 1 hour from now relative to current system time | ||
#* other examples: | #* other examples: | ||
#*# <code>at midnight</code> | #*#<code>at midnight</code> | ||
#*# <code>at noon</code> | #*# <code>at noon</code> | ||
#*# <code>at teatime</code> | #*#<code>at teatime</code> | ||
#* <code>aterm</code> to remove an upcoming command | #* <code>aterm</code> to remove an upcoming command | ||
#* <code>atq</code> used to list pending commands | #* <code>atq</code> used to list pending commands | ||
<span id="log-files"></span> | <span id="log-files"></span> | ||
=== Log Files === | ===Log Files=== | ||
# Intro | #Intro | ||
#* Linux machines log files that record key details about system operation and are typically stored in <code>/var/log</code> | #*Linux machines log files that record key details about system operation and are typically stored in <code>/var/log</code> | ||
#* Logging on Linux system is generally performed by the syslog daemon, <code>syslogd</code> | #*Logging on Linux system is generally performed by the syslog daemon, <code>syslogd</code> | ||
#** However, some daemons and programs perform logging independently of syslog | #**However, some daemons and programs perform logging independently of syslog | ||
#* Logging on Linux can be done locally to the computer, but in a networked environment, logs may be sent to a central logging server and by email | #*Logging on Linux can be done locally to the computer, but in a networked environment, logs may be sent to a central logging server and by email | ||
#* Logging is a security action and is typically a part of the system worth hardening because it is exploitable by an attacker to hide their break-in | #*Logging is a security action and is typically a part of the system worth hardening because it is exploitable by an attacker to hide their break-in | ||
#* Logs should be rotated, aka moved out of the system, to prevent <code>/var/log</code> from being filled completely | #* Logs should be rotated, aka moved out of the system, to prevent <code>/var/log</code> from being filled completely | ||
# <code>syslog</code> | #<code>syslog</code> | ||
#* The basic idea of a system logger is to provide a unified means of a handling log files | #*The basic idea of a system logger is to provide a unified means of a handling log files | ||
#* The daemon runs in the background and and accepts data delivered from servers and other programs | #*The daemon runs in the background and and accepts data delivered from servers and other programs | ||
#* Once the log daemon receives a message, it is classified and directed to an appropriate file | #*Once the log daemon receives a message, it is classified and directed to an appropriate file | ||
#* <code>syslogd</code> might be managing several services at the same time and providing different rule-based logging based on priority of the messages received | #*<code>syslogd</code> might be managing several services at the same time and providing different rule-based logging based on priority of the messages received | ||
#* <code>syslogd</code> relies on the config file <code>/etc/syslog.conf</code> | #*<code>syslogd</code> relies on the config file <code>/etc/syslog.conf</code> | ||
#** Ubuntu uses <code>/etc/rsyslog.conf</code> for rocket-fast syslog | #**Ubuntu uses <code>/etc/rsyslog.conf</code> for rocket-fast syslog | ||
#** the configuration file supports a ruleset, located at <code>/etc/rsyslog.d/</code> or <code>/etc/syslog.d/</code> respectively | #**the configuration file supports a ruleset, located at <code>/etc/rsyslog.d/</code> or <code>/etc/syslog.d/</code> respectively | ||
#** standard logging is done by daemon, with the format <code>facility.priority action</code> | #**standard logging is done by daemon, with the format <code>facility.priority action</code> | ||
#*** example: <code>mail.* /var/log/mail.log</code> | #***example: <code>mail.* /var/log/mail.log</code> | ||
#** facility parameter is the name of the type of program the daemon that generates messages to be logged | #**facility parameter is the name of the type of program the daemon that generates messages to be logged | ||
#**# <code>auth/priv</code> security messages | #**#<code>auth/priv</code> security messages | ||
#**# <code>cron</code> from the cron daemon | #**#<code>cron</code> from the cron daemon | ||
#**# <code>daemon</code> catch-all for various systems servers | #**#<code>daemon</code> catch-all for various systems servers | ||
#**# <code>kern</code> kernel messages | #**#<code>kern</code> kernel messages | ||
#**# <code>lpr</code> printer and CUPS messages | #**#<code>lpr</code> printer and CUPS messages | ||
#**# <code>mail</code> mail subsystems | #**#<code>mail</code> mail subsystems | ||
#**# <code>news</code> oldschool newsgroups | #**#<code>news</code> oldschool newsgroups | ||
#**# <code>syslog</code> internally generated messages | #**#<code>syslog</code> internally generated messages | ||
#**# <code>uucp</code> unix-to-unix copy daemon | #**#<code>uucp</code> unix-to-unix copy daemon | ||
#**# <code>local[0-7]</code> predefined facilities for custom configurations | #**#<code>local[0-7]</code> predefined facilities for custom configurations | ||
#** priority parameters include: | #** priority parameters include: | ||
#*** <code>deb</code> debugging messages | #*** <code>deb</code> debugging messages | ||
#*** <code>info</code> normal operations | #*** <code>info</code> normal operations | ||
#*** <code>notice</code> abnormalities that do not effect functionality | #*** <code>notice</code> abnormalities that do not effect functionality | ||
#*** <code>warn</code> tells that an error will occur is action is not taken | #***<code>warn</code> tells that an error will occur is action is not taken | ||
#*** <code>err</code> standard error for the daemon, non-urgent failure of the daemon causing an error message | #***<code>err</code> standard error for the daemon, non-urgent failure of the daemon causing an error message | ||
#*** <code>crit</code> critical error causing a secondary system to fail urgently | #***<code>crit</code> critical error causing a secondary system to fail urgently | ||
#*** <code>alert</code> critical error causing a primary system to fail urgently | #***<code>alert</code> critical error causing a primary system to fail urgently | ||
#*** <code>emerg</code> Panic message - system unusable | #***<code>emerg</code> Panic message - system unusable | ||
#** the action parameter is a file or location on the network that will accept the message | #**the action parameter is a file or location on the network that will accept the message | ||
#*** could be a file in <code>/var/log</code> | #***could be a file in <code>/var/log</code> | ||
#*** could also be a tty: <code>/dev/tty8</code> | #***could also be a tty: <code>/dev/tty8</code> | ||
#*** could also be a computer on the network: <code>@logger.ndus.edu</code> | #***could also be a computer on the network: <code>@logger.ndus.edu</code> | ||
#* When a program sends a message to the system logger, it includes the priority: the message is only logged if it is of a certain level or higher | #*When a program sends a message to the system logger, it includes the priority: the message is only logged if it is of a certain level or higher | ||
#** Exceptions: | #**Exceptions: | ||
#*** <code>*</code> all codes | #***<code>*</code> all codes | ||
#*** = <code>(mail.=crit)</code> applies to this priority only | #***= <code>(mail.=crit)</code> applies to this priority only | ||
#** You can also specify multiple facilities with the same priority by using a comma | #**You can also specify multiple facilities with the same priority by using a comma | ||
#** Multiple facilities separated by commas followed by a priority all follow the same priority | #**Multiple facilities separated by commas followed by a priority all follow the same priority | ||
#** A semicolon is used to specify a number of logging priorities <code>kern.info;kern.err</code> everything between info and error | #**A semicolon is used to specify a number of logging priorities <code>kern.info;kern.err</code> everything between info and error | ||
# <code>logger</code> - logging something else | #<code>logger</code> - logging something else | ||
#* The <code>logger</code> command allows a user to log something else other than established facilities | #*The <code>logger</code> command allows a user to log something else other than established facilities | ||
#* <code>logger shutting down for system maintenance</code> | #*<code>logger shutting down for system maintenance</code> | ||
#** will log to <code>/var/log/syslog</code> as <code>Nov 6 15:50:00 darseife-virtualbox darseife: shutting down for system maintenance</code> | #**will log to <code>/var/log/syslog</code> as <code>Nov 6 15:50:00 darseife-virtualbox darseife: shutting down for system maintenance</code> | ||
#* <code>-i</code> records the PID of the logger process when run (useful when run from script) | #*<code>-i</code> records the PID of the logger process when run (useful when run from script) | ||
#* <code>-s</code> print the log message to standard error in addition to logging | #*<code>-s</code> print the log message to standard error in addition to logging | ||
#* <code>-f /foo</code> logs to <code>/foo</code> instead of the system log | #* <code>-f /foo</code> logs to <code>/foo</code> instead of the system log | ||
#* <code>-p</code> specify both a facility and a priority for the system log message; <code>-p local3.info</code> | #*<code>-p</code> specify both a facility and a priority for the system log message; <code>-p local3.info</code> | ||
<span id="firewalling"></span> | <span id="firewalling"></span> | ||
=== Firewalling === | ===Firewalling=== | ||
# TCP Wrappers | #TCP Wrappers | ||
#* TCP wrappers depend on two config files to work properly; these are <code>/etc/hosts.allow</code> and <code>/etc/hosts.deny</code> | #*TCP wrappers depend on two config files to work properly; these are <code>/etc/hosts.allow</code> and <code>/etc/hosts.deny</code> | ||
#* the most common config for these is default <code>deny</code> | #*the most common config for these is default <code>deny</code> | ||
#** <code>ALL:ALL</code> in <code>/etc/hosts.deny</code> | #**<code>ALL:ALL</code> in <code>/etc/hosts.deny</code> | ||
#** <code>ALL:127.0 [::1]</code> in <code>/etc/hosts.allow</code> | #**<code>ALL:127.0 [::1]</code> in <code>/etc/hosts.allow</code> | ||
#** specific services from a specific host enabled as the form <code>sshd:192.168.X.Y</code> in <code>/etc/hosts.allow</code> | #**specific services from a specific host enabled as the form <code>sshd:192.168.X.Y</code> in <code>/etc/hosts.allow</code> | ||
#** all services from a domain as <code>ALL:.minotstateu.edu</code> in <code>/etc/hosts.allow</code> | #**all services from a domain as <code>ALL:.minotstateu.edu</code> in <code>/etc/hosts.allow</code> | ||
#* Also used is specific allow | #*Also used is specific allow | ||
#** nothing is listed in <code>/etc/hosts.allow</code> | #**nothing is listed in <code>/etc/hosts.allow</code> | ||
#** specifically removed IP addresses in the form <code>ALL:165.234.X.Y</code> in <code>/etc/hosts.deny</code> | #**specifically removed IP addresses in the form <code>ALL:165.234.X.Y</code> in <code>/etc/hosts.deny</code> | ||
#* Secondary service-level blocking can be used to apply rules to services in the form <code>/etc/sshd.hosts</code> | #* Secondary service-level blocking can be used to apply rules to services in the form <code>/etc/sshd.hosts</code> | ||
# <code>iptables</code> | #<code>iptables</code> | ||
#* <code>iptables</code> is the kernel level netfilter firewall | #*<code>iptables</code> is the kernel level netfilter firewall | ||
#* <code>iptables -L</code> lists the current ruleset | #*<code>iptables -L</code> lists the current ruleset | ||
#* <code>iptables -A</code> is used to APPEND new rules to a chain (takes a chain name) | #*<code>iptables -A</code> is used to APPEND new rules to a chain (takes a chain name) | ||
#* <code>iptables -I</code> inserts a rule (takes a chain name and a position) | #*<code>iptables -I</code> inserts a rule (takes a chain name and a position) | ||
#** example <code>iptables -A INPUT -ptcp -dport ssh -j ACCEPT</code> | #**example <code>iptables -A INPUT -ptcp -dport ssh -j ACCEPT</code> | ||
#* rule options | #*rule options | ||
#** <code>-p</code> the protocol used | #**<code>-p</code> the protocol used | ||
#** <code>-d</code> the destination port, can accept a range of port | #**<code>-d</code> the destination port, can accept a range of port | ||
#** <code>-j</code> the action to take, includes ACCEPT, DENY, DROP | #**<code>-j</code> the action to take, includes ACCEPT, DENY, DROP | ||
#** <code>-s</code> specify a source address, can be either <code>192.168.0.1</code> or <code>192.168.0.0/24</code> | #**<code>-s</code> specify a source address, can be either <code>192.168.0.1</code> or <code>192.168.0.0/24</code> | ||
#** <code>-m</code> require the rule to match a specific property | #**<code>-m</code> require the rule to match a specific property | ||
#*** ex <code>iptables -m conntrack</code> allows filter rule to match based on connection state | #***ex <code>iptables -m conntrack</code> allows filter rule to match based on connection state | ||
#** <code>--ctstate</code> define a list of connection states for the rule to match on | #**<code>--ctstate</code> define a list of connection states for the rule to match on | ||
#**# NEW - new connections | #**#NEW - new connections | ||
#**# RELATED - new but related to a previous on | #**#RELATED - new but related to a previous on | ||
#**# ESTABLISHED - a preexisting connection already in progress | #**#ESTABLISHED - a preexisting connection already in progress | ||
#**# INVALID - any malformed traffic or unidentified traffic | #**# INVALID - any malformed traffic or unidentified traffic | ||
#** <code>-j</code> tells iptable what to do with the packet given the rule | #**<code>-j</code> tells iptable what to do with the packet given the rule | ||
#*** ACCEPT - routes as normal as per IP header | #***ACCEPT - routes as normal as per IP header | ||
#*** DROP - kills the packet without giving reply | #***DROP - kills the packet without giving reply | ||
#*** REJECT - sends an explicit error message | #***REJECT - sends an explicit error message | ||
# Uncomplicated Firewall (ufw) | # Uncomplicated Firewall (ufw) | ||
#* <code>ufw enable</code> to turn on ufw | #*<code>ufw enable</code> to turn on ufw | ||
#* <code>ufw disable</code> to turn off ufw | #*<code>ufw disable</code> to turn off ufw | ||
#* <code>ufw status</code> view current rules for ufw | #*<code>ufw status</code> view current rules for ufw | ||
#* <code>ufw status verbose</code> reports logging level + access levels for each rule | #*<code>ufw status verbose</code> reports logging level + access levels for each rule | ||
#* <code>ufw allow 80/tcp</code> sets a rule to allow tcp packets on port 80 | #* <code>ufw allow 80/tcp</code> sets a rule to allow tcp packets on port 80 | ||
#* <code>ufw deny 22/udp</code> sets a rule to reject udp packets on port 22 | #*<code>ufw deny 22/udp</code> sets a rule to reject udp packets on port 22 | ||
#* <code>ufw deny ssh</code> sets a rule to reject all ssh protocol packets | #*<code>ufw deny ssh</code> sets a rule to reject all ssh protocol packets | ||
#* <code>ufw allow 6000-6007/tcp</code> sets a rule with a range to allow tcp packets from 6000-6007 | #*<code>ufw allow 6000-6007/tcp</code> sets a rule with a range to allow tcp packets from 6000-6007 | ||
#* <code>ufw allow from 15.15.15.1 to any</code> sets a rule allowing all traffic from 15.15.15.1 | #*<code>ufw allow from 15.15.15.1 to any</code> sets a rule allowing all traffic from 15.15.15.1 | ||
#* <code>ufw status numbered</code> returns a numbered list of rules in the set | #*<code>ufw status numbered</code> returns a numbered list of rules in the set | ||
#* <code>ufw delete 2</code> removes rule number 2 in a list | #*<code>ufw delete 2</code> removes rule number 2 in a list | ||
#* <code>ufw logging {on/off}</code> turns the logging on or off; usually caught by syslogd/rsyslog; logging is set to <code>low</code> by default | #*<code>ufw logging {on/off}</code> turns the logging on or off; usually caught by syslogd/rsyslog; logging is set to <code>low</code> by default | ||
#* <code>ufw logging {low/medium/high/full</code> sets logging verbosity of ufw; | #* <code>ufw logging {low/medium/high/full</code> sets logging verbosity of ufw; | ||
#** note that logging is rate limited at <code>medium</code> and not rate limited at <code>high</code> | #**note that logging is rate limited at <code>medium</code> and not rate limited at <code>high</code> | ||
<span id="bootinitialization"></span> | <span id="bootinitialization"></span> | ||
=== Boot/Initialization === | ===Boot/Initialization=== | ||
# Slackware - SysV Init | # Slackware - SysV Init | ||
#* System 5 style rc script via <code>init</code> | #*System 5 style rc script via <code>init</code> | ||
#* <code>PID 1</code> = <code>init</code> which is the process that starts all other processes when the system boots | #*<code>PID 1</code> = <code>init</code> which is the process that starts all other processes when the system boots | ||
#* <code>init</code> is responsible for processing <code>/etc/inittab</code> to see how to start the system and at what runlevel | #* <code>init</code> is responsible for processing <code>/etc/inittab</code> to see how to start the system and at what runlevel | ||
#* Things <code>init</code> does | #*Things <code>init</code> does | ||
#** Runs the script <code>/etc/rc.d/rc.s</code> to determine to prepare the system before loading to the desired runlevel | #**Runs the script <code>/etc/rc.d/rc.s</code> to determine to prepare the system before loading to the desired runlevel | ||
#** Enables virtual memory for the system and mounts filesystems in <code>/etc/fstab</code> | #**Enables virtual memory for the system and mounts filesystems in <code>/etc/fstab</code> | ||
#** Loads kernel modules | #**Loads kernel modules | ||
#** Near the end of the script <code>rc.s</code>, init will run scripts related to the runlevel the system is entering -for example, <code>rc3.d</code> is run at runlevel 3 | #**Near the end of the script <code>rc.s</code>, init will run scripts related to the runlevel the system is entering -for example, <code>rc3.d</code> is run at runlevel 3 | ||
# SystemD | #SystemD | ||
#* Ubuntu, CentOS, RedHat, and others have moved from SysV init process to the SystemD initialization process | #*Ubuntu, CentOS, RedHat, and others have moved from SysV init process to the SystemD initialization process | ||
#* Rather than running many shell scripts during init, the systemD process uses one monolithic program to control startup of services | #*Rather than running many shell scripts during init, the systemD process uses one monolithic program to control startup of services | ||
#* The way the services are started are controlled by a configuration file | #*The way the services are started are controlled by a configuration file | ||
#* systemd uses ''units'' and ''targets'' rather than scripts and runlevels | #*systemd uses ''units'' and ''targets'' rather than scripts and runlevels | ||
#** there are 11 different types of units: | #**there are 11 different types of units: | ||
#*** <code>mount</code> unit defines a mountpoint on the system named with the mount path with slashes replaced as dashes | #***<code>mount</code> unit defines a mountpoint on the system named with the mount path with slashes replaced as dashes | ||
#*** <code>swapspace</code> | #***<code>swapspace</code> | ||
#*** <code>device</code> a device in the linux device tree | #***<code>device</code> a device in the linux device tree | ||
#*** <code>socket</code> fifo pipe to an internet port with an associated service | #***<code>socket</code> fifo pipe to an internet port with an associated service | ||
#*** <code>service</code> a service or application on the system | #*** <code>service</code> a service or application on the system | ||
#** targets are used to stop and start the service and group units together | #**targets are used to stop and start the service and group units together | ||
#** systemd identifies units by name and type | #**systemd identifies units by name and type | ||
#*** example ssh could have an ssh.service and an ssh.socket | #***example ssh could have an ssh.service and an ssh.socket | ||
#* <code>systemctl</code> - can list current units loaded on the system | #*<code>systemctl</code> - can list current units loaded on the system | ||
#* config files - <code>/lib/systemd/system</code> | #*config files - <code>/lib/systemd/system</code> | ||
#* modify how a unit functions - <code>/etc/systemd/system</code> | #*modify how a unit functions - <code>/etc/systemd/system</code> |
Revision as of 18:02, 21 October 2022
Introduction to Unix
Syllabus
- Recommended material:
- Unix and Linux System Administration 5th Edition - Evi Nemeth, et al.
- CompTIA Linux+ Study Guide 4th Edition - Chritine Bresnahan and Richard Blum
- Objectives
- Shell scripting, input redirection, and C++/C code in a GNU/Linux environment
- Understanding of Linux file system including permissions
- Understanding of command and how to intermingle them to achieve more complex goals
- Basic system architecture, installation process, and management of Linux/Unix
- General notes
- Learning to use Bash scripting and
vi
/neovim
essential to professional usage of Linux in real life - Any commands discussed in class can be looked up via ‘man’
- More detailed information for any command available from the command shell with an internet connection:
curl cheat.sh/command_na
- Learning to use Bash scripting and
History
- Dates back to late 1960s, Originally developed by Ken Thompson and Dennis Ritchie of Bell Labs
- Ritchie described the initial goal as to create a good environment in which to:
- do programming and development
- foster communal computing through remote access and close communication
- Unix originally written in assembly, but was later re-written in C in 1972
- First public releases in 1973, at Symposium on Operating Systems Principles; early source code sent by standard mail
- 1975, Version 6 of Unix was licensed to companies for the first time. However, commercial users were rare. Licensees only received source code from AT&T.
- Also in 1975, Ken Thompson takes a sabbatical from Bell Labs as a professor at UC Berkeley.
- Creates BSD: The Berkeley System Distribution of Unix 4.2.
- Includes C-shell and vi editor for first time
- 1983, Bell broken into several companies in anti-trust suit against AT&T.
- AT&T new restrictive license almost kills commercial Unix.
- By 1991, BSD had grown to a complete rewrite of AT&T Unix and comes with BSD license.
- BSD survives today as: FreeBSD, OpenBSD, NetBSD, etc.
- Additionally, Darwin kernel of Mac OSX continues as a form of Unix.
- GNU Project into Linux
- Around 1983, Richard Stallman creates GNU project
- Stallman’s GNU system goal was to create a ‘free’ system of software that had many of other capabilities of the commercial tools that many Unix also had
- By 1985, Stallman had founded the Free Software Foundation to raise funds to develop free versions of all the components of the Unix syste, under GNU GPL
- In 1991, Linus Torvalds began the development of a new free OS based on the MINIX operation system and SunOS. The 21 year old puts together the kernel.
- As the kernel for the GNU project was still very much in development, the two projects became a natural fit.
- To this day, Stallman insists that Linux is GNU/Linux due to the large reliance on GNU toolchain
Introduction to Red Hat Enterprise Linux
- Package Manager - YUM
- Stands for YellowDog Updater Modified
- Provides a set of tools for retrieving software from the internet using subscriptions to an update server
- Utilizes .rpm software files to install packages for management
- Creates an Enterprise Linux environment
- cons: less software options overall
- pro: all available software is tested and works without additional configuration
- 5.
yum
has an additional, alternative wrapper programdnf
to improve output and ease of use- stands for DaNdified YUM - commands in the format
sudo dnf [verb] [objects]
-y
flag gives YES as passed option for less attended installation 6. command commandssudo dnf -y install [package_name]
install a particular package and dependenciessudo dnf -y update
update all packages
- stands for DaNdified YUM - commands in the format
Introduction to Ubuntu
- Package Manager - APT
- Stands for Advanced Package Manager
- Ubuntu’s set of tools to install packages and keep them up to date
- Utilizes .deb software packages for management
- Keep in mind this package management system is far from standard
- Many commercial Unixes have their own package managers
- When all else fails, a tarball (.tar) file can be used to build from source
- Commands
apt-get update
synchronizes the index of packages to your systemapt-get upgrade
downloads and installs new versions of all currently installed packages in place, based on the indexapt-get dist-upgrade
downloads and installs new versions, and moves the system up to the next version, based on the indexsudo
was originally “superuserdo”, now works to substitute - users and run programs as that user. /etc/sudoers controls this behavior.sudo apt-get install foo
: installs package named foosudo apt-get remove bar
: removes a package named bar, but not the config filessudo apt-get purge bar
: removes a package named bar, and removes config filessudo apt-get source *
: gets the source code for a packagesudo apt-get clean
: removes downloaded packages (.deb files) used to install
File System
- Directories
- first and bottom of the directory of the file structure tree is called root /
- /root in addition, there is a file directory, within the root directory called /root (“slash root”), which acts as root’s home directory
- /home normal users’ directories
- /boot contains the boot directory, including kernel, initial RAMdisk, and bootloader
- /dev lists all devices of the computer
- /etc configuration files for nearly all programs that need a state
- /tmp temporary files for the system
- /var variable-length files used by programs
- /var/spool old-school webmail location
- /var/www location of http server files
- /usr files available to users, including binaries for daily user tasks in /usr/bin
- /sbin binaries used only by root
- /bin binaries for the system everyone needs to use
- Commands
- cd change directories
- ~ alias used to shortcut the current user directory
- Ctrl+R search history of commands in
bash
; also available as output fromhistory
- !! runs the previous command
- ls list in the contents of current directory
- .: the current directory
- .. : go up one directory#User and Group Configuration
useradd/usermod
useradd
andusermod
do much the same thing-c
allows to add comments-d
allows to change user home directory-e
expiration date - date an account will expire (in YYYYMMDD format), kept in/etc/shadow
-f
specify how many days the account can be inactive before password expires, kept in/etc/shadow
-g
specify default group of the user-G
append a list of additional groups for the user-l
(usermod only) changes a user login ex:usermod -l darren darseife
-u
uid-s
specifies login shell-p
specify pre-hashed password-L
(usermod only) locks the user’s password so it cannot be entered directly (best used with -e, as well)-U
will unlock a user’s password
passwd
commands
sudo passwd darseife
change the password of darseifepasswd
can also be used to lock and unlock accountspasswd -l
will lock the account’s password- a locked password will always be input incorrectly
- does not necessarily lock user out of the account
- puts an
!
at the beginning of the password field in/etc/shadow
crypt
, the algorithm used to implement ciphers, cannot generate an!
so the password hash is disabledpasswd -u
would unlock the account’s password
passwd -d
removes the password of the accountpasswd -S
displays account information:- last password change
- password expires
- password inactive
- account expires
- minimum days between password change
- maximum days before password change
- warn period before changes
chage
1. The chage
command allows you to modify account settings related to password expiration and aging 2. chage
can also be used to configure accounts to automatically expire if: - the password hasn’t been changed - or a date has been passed 3. chage -l
print expiration settings of an account 4. chage -m DAYS username
to set the minimum time between password changes 5. chage -M DAYS username
to set the maximum time between password changes 6. chage -d YYYYMMDD username
update the last day YYYY-MM-DD on which to change the password 7. chage -E YYYYMMDD username
set the expiration date as YYYY-MM-DD on which username’s account expires - setting the number to -1
will make it never expire 8. chage -I DAYS username
will lock the account password after number of days inactive 9. chage -W DAYS username
number of days the user will be warned before their account is made inactive 10. All of these settings are stored in /etc/shadow
- userdel 1.
userdel username
deletes users 2.userdel -r username
deletes the user, their mail spool, their home directory, and everything in it 3.userdel -f username
deletes the user right now even if they are logged in
- userdel 1.
- groupadd and groupmod 1.
groupadd
add a group to a system 2.groupadd -r
used to create a system group, creating a GUID above 1000 3.groupmod
change a group 4.groupmod -n
change a group name
- groupadd and groupmod 1.
- gpasswd - group password 1.
gpasswd groupname
sets password for a group; it is most common to not have a group password 2.gpasswd -R
restricts access to users logging in with password via newgrp
- gpasswd - group password 1.
- getent - get entities 1. can be used to view individual records in
/etc/passwd
, and other files 2. useful for getting exact matches for items 3.getent password username
- get passwd information for user 4.getent shadow username
- get shadow information for user 5.getent group groupname
- get group information for user#The *nix CLI ###The Shell explained 1. A shell is a command interpreter where the user interacts with the system via command line interface (CLI) 2. Different shells currently in-use A. Bourne-Again SHell - located at/bin/bash
is the main shell and is used was a default on most Linux systems B. sh - The Bourne Shell, old school version does not require any libraries. Rarely seen as a user-interface shell; typically a symbolic link to another shell binary. Created by Stephen Bourne, first included in Unix V7 C. tcsh Tee Shell. Based on the earlier C-shell from Unix. Has some additional features built into it. D. csh C-shell, a BSD component not often seen on Linux. Created by Bill Joy at UC Berkeley. E. ksh Korn shell from Bell Labs in the 1980s. The idea was to incorporate features from the Bourne Shell along with C-programming syntax. F. zsh 1990s, incorporates additional ideas into ksh. 3. Built-in Commands A.cd
changes directory -cd ~
orcd /home/user
are equivalent B.ls -
lists files in a directory - default behavior just lists files --a
lists all files including hidden ones --l
long format --d
just directories --F
uses a special character to rep filetypes --R
recursive listing C. Single characters are substituted by?
, wildcards by*
D. Exiting the system -exit
exits the current shell -logout
only works for login shells E. Shutting down the system -shutdown -h now
halts the system now -shutdown -r now
restarts the system now -shutdown -h +5 " "
broadcasts the message in quotes and tells people it will be down in 5minutes -halt
on most systems, will drop the system into single user mode -poweroff
“on fire” graceless exit. Sends HW signal to kill power -reboot
essentially ‘shutdown -r’ -reboot -f
graceless restart exit, Sends HW signal to reboot F.init
relies on a series of programs or scripts to change run-state of machine and to start/stop linux services -init 0
- shuts the machine down -init 6
- reboots the machine -init S
- initializes system boot
- getent - get entities 1. can be used to view individual records in
- Man pages and getting help 1. displays the manual pages for any packages on the system 2. typing
[/]
will allow you to search through the page 3. allows you to move via[spacebar]
or[pgup/pgdn]
4.man
is broken up into seperate chapters:man 5
would show chapter 5 1. executable programs and shell 2. system calls 3. library calls 4. device calls 5. file formats 6. games 7. misc. (macro packages) 8. sys admin commands 9. kernel routines 5.man -k *
: to find any pages matching*
6. most programs also allow for--help
or-?
to be passed for a quick rundown on commands and usage
- Man pages and getting help 1. displays the manual pages for any packages on the system 2. typing
- Unix filesystem permissions 1. filesystem permissions saved as a series of 3 bit numbers 2. format:
d,rwx,rwx,rwx
for read-write-execute a.d
- denotes a Directory or file b. first triad is for the User of the file c. second triad is for Group members of the file d. third triad is for Everyone else 3. Read-write-execute for files a. Read allows the file to be opened b. Write allows for the file to be edited c. Execute allows for the file to run as a program 4. Read-write-execute for directories a. Read allows for the directory to view filenames in the directory b. Write allows files to be added or deleted from a dir c. Execute allows the directory to be visited, “permission to traverse through”; must have this to execute programs within a directory 5.chmod
changes file and directory permissions a. two modes for chmod 1. symbolic modechmod {u,g,o}[+,-,=]{r,w,x}
2. absolute mode - chmod 777 /path/to/file` * 0 no permissions * 1 execute * 2 write * 4 read F. chown - change file owner and group 1. chown user /foo - changes foo’s owner to user 2. chown root:root /foo - changes foo’s owner to root, also changes foo’s group to root G. echo - displays any text you enter after the command 1. primarially used in shell scripts or ‘programs’ that utilize a combination of of built-in commands, variables, and executables to complete tasks 2. variables reached from echo by invoking the variable name as $NAME #Input Redirection and Utils
- Unix filesystem permissions 1. filesystem permissions saved as a series of 3 bit numbers 2. format:
- Redirection symbols 1. prog > - redirects std output to the file, truncating and rewriting 2. prog 2> - redirect std error to the file, truncating and rewriting 3. &> - redirects both std output and error to file 4.
>>
- non-destructively appends to end of file rather than rewriting 5.- "backtick" process commands in the middle of another command a. A tool similar to xargs b. text within backticks are treated as a separate command line who's results are substituted on this command line c. things inside of backticks are attempted to be used as a command d. example: rm
find / - user darren ` 6. $() - is used like a backtick; more resistant to weird syntax
- Redirection symbols 1. prog > - redirects std output to the file, truncating and rewriting 2. prog 2> - redirect std error to the file, truncating and rewriting 3. &> - redirects both std output and error to file 4.
- Piping data between programs 1. programs on a UNIX system frequently use pipes to redirect each other’s output. 2. for instance you might use a text-filtering command on output from a file reading command. 3. allows small programs to operate on a flow of information in a row 4. | - this is an unnamed pipe 5. mkfifo - allows for the creation of named pipes a.
mkfifo fifo1
b.ls -l > fifo1
c.cat < fifo1
6. tee - read from standard input and write to standard output and files a. splits standard input so that is it is both displayed via standard output and also captured to one of more files b. allows for logging and redirection while the process is also shown on screen c. overwrites to a file as per ‘>’ by default rather than like ‘>>’ d. example - echo $PATH | tee file1 file2 - file1, file2, and stdoutput all have same information 5. find - searches for files in directory hierarchy 6. xargs - builds a command from standard input, using command name and arguments to that command and then executes the command on each line of standard input a. example: find / - user darren | xargs -d %rm 7. file - returns the type of file and metadata information regarding files 8. join - combines two text files by matching the contents of specified fields a. by default, join uses spaces as the limiters (unless -t CHAR is given) b. example: join -1 3 -2 2 - this joins the third field of the first file and the second field of the second file 9. paste A. Paste is like cat rotated 90 degrees. When operating on multiple files, it will merge the lines of the files. 10. expand - converts tabs to spaces A. by default assumes you want 8 spaces per tab; -t changes B. unexpand - converts spaces to tabs 11. od - dump files into octal and other formats A. default usage is dumping binary file into octal binary format B. -x for 2byte hex output 12. sort - sorts lines of text files A. writes sorted concatenation of all files as output B. by default, uses first column C. Important options 1. -f : ignore case 2. -m : sort by three digit month abbreviation; ex, jan 3. -n : numeric sort 4. -v : sort by versio 5. -h : compare human readable numbers 6. -r : reverses the sort 7. -R : sorts randomly but groups like files 8. -d : dictionary-order 9. -k : sort via key, sorts by a field number, can be comma-seperated listq D. the opposite of this is ‘shuf’ 13. split - splits a file into 2 or more files A. needs to have an output file prefix B. where do you want to split 1. -b : size in bytes 2. -l : lines C. example: split -l 2 listening1.txt numbers -> output is: ‘numbersaa’ and ‘numbersab’ D. by default: splits every 10,000 lines 14. tr - trnaslate or delete characters A. changes individual characters coming in through standard input and outputs via standard output B. options 1. [:lower:] - all lower case chars 2. [:upper:] - all upper case chars 3. [::] 15. cut - extracts portions of lines of input and prints out as output A. used to remove items within lines, delimited by spaces or tabs B. options 1. -b : cuts the specified list by byte 2. -c : cuts the specified characters 3. -f : cuts specified list of fields from input 4. -d : specifies the delimiter for fields C. EXAMPLE: cut -f 7 -d : /etc/passwd 16. uniq - take an input list and report or omit repeated lines A. only if they are next to each other, so you have to sort first B. EXAMPLE: cut -f 7 -d : /etc/passwd | sort | uniq
- Piping data between programs 1. programs on a UNIX system frequently use pipes to redirect each other’s output. 2. for instance you might use a text-filtering command on output from a file reading command. 3. allows small programs to operate on a flow of information in a row 4. | - this is an unnamed pipe 5. mkfifo - allows for the creation of named pipes a.
C++ programs and Makefiles
- Basic C++ program with input and output
int main (int args, char * argv[]){ for(int x = 0; x < argv[],x++){ cout << arv[x] << endl; } return 0; } // outputs every character given to it
- Let’s write a less good version of grep called greb:
#include <iostream> #include <fstream> using namespace std; int main(int argc, char * argv[]) { string curLine; if (argc == 2){ while(getline(cin,curLine)) { if (curLine.find(argv[1]) != string::npos) { cout << curLine << endl; } } } else if (argc == 3){ ifstream inFile(argv[2], ifstream::in); while(getline(inFile,curLine)) { if (curLine.find(argv[1]) != string::npos) { cout << curLine << endl; } } } else { cerr << "Error: unknown parameters." << endl; return 1; } return 0; }
- Make A. Allows for automatic configuration and creation of usable binararies from OOP files, and can be used to install and uninstall programs B. Allows for the creation of archives of source code that build as packages into useful code C. typically named ‘makefile’
# set a variables for the compiler CC = g++ LC_MESSAGES=C CFLAGS=-g -Wall # target name variable TARGET = greb # file extension FILEXT = cpp # the build target executable => install path of the executable PREFIX = /usr/local DESTDIR = /home/bernd/staging/ # basic makefile format # name of instruction: dependencies # <tab> command to execute # the FIRST one you list is the default $(TARGET): $(TARGET).$(FILEXT) $(CC) $(CFLAGS) -o $(TARGET) $(TARGET).$(FILEXT) .PHONY: all all: $(TARGET).$(FILEXT) $(CC) $(MAKEOPTS) $(CFLAGS) -o $(TARGET) $(TARGET).$(FILEXT) .PHONY: clean clean: rm $(TARGET) .PHONY: install install: $(TARGET) mkdir -p $(DESTDIR)$(PREFIX)/bin cp $< $(DESTDIR)$(PREFIX)/bin/$<
Tar and Packaging
- tar A. the name ‘tar’ comes from its original purpose: Tape ARchive B. you can bundle files as .tar, ‘tarballs’, which contain a series of file entries and terminating bytes between files C. each entry has a file descriptor and the binary contents of the file D. file descriptor, or header, contains the name of a file, a checksum of that file, and permissions data E. does not compress data, but instead keeps it in one file F. tar options: -c: Creates a tar archive -v: Verbose output -x: eXtract from a tar archive -f: specify a Filename -A: Appends two archives together -M: create or extract a multivolume archive -j: specify bzip2 compression -J: specify xz compression -z: specify gzip compression –lzma: specify lzma compression -t: Test an archive
More Unix Commands
- fmt - format A. some files have crazy long lines of text B. reformats to a certain -width C. by default, truncates after 75 characters and cleans up paragraphs D. anything with 2+ blankline removed, and adds indention E. -s : prevents truncation of paragraphs
- nl - line number A. nl does count whitespace by default B. identical to cat -b (but not cat -n)
- pr - prepare a file for printing A. includes header, footer, and page breaks B. create colummns: pr -3 file.txt C. -l sets the length of lines D. -o choose the header text
- regular expressions - sed and awk A. simliar to wildcard expansion: ex; ls .txt B. grep and sed are two examples of regEx programs C. unix system programs have two different forms of regular expressions: basic and extended D. types of expresssions: 1. exact text match: grep “blah” returns all lines with “blah” 2. bracketed expressions: b[aeiou]g - returns bag, beg, big, bog, bug 3. bracketed with range: a[2-4]z - returns a2z, a3z, a4z 4. matching single char: a.z (allows for anything between a and z) 5. matching begin/end of line: ^ beginning, $ end 6. any of these can be combined with the wildcard: ex: A.* Lincoln (with 0 or more occurances of a pattern.) ex: A[ae]* Lincoln (with 0 or more occurances of a-e after A. 7. matching at least one of: + symbol ex. A[ae]+ Lincoln - returns at least Aa or Ae Lincoln 8. multiple possibilities or: | needs to be set up with ’ ex. ‘Darren (F|Fredrick) Seifert’ 9. grep -E invokes regex functionality
Shell Scripting
- The first line of a shell script tells which program to use to interpret the contents: #!/bin/bash or another shell A. the first two characters are (#!) are special code to tell the kernel this is a script - crunchbang, shebang, hashbang, poundbang B. the remaining lines beginning with # are considered comments
# this is a comment
- Classic Hello World
# hello.sh #!/bin/bash # Print out hello world echo 'Hello World!'
- When you want to run a shell script, it needs to be made executable before it is an executable file: ‘# chmod u+x ./file.sh’
- Can be invoked with ./file.sh
- Alternative routes: A. bash file.sh works whether or not #!/bin/bash or chmod +x has been given B. exec file.sh is used to run scripts from within other scripts and to stop the tty instance after it is done (used to run scripts within scripts)
- Passing Parameters A. much like C++ programs, bash scripts can be passed parameters B. accessing these, the dollar sign is used, much like PHP or Perl, to call the number of the parameter 1. $0 - the name of the running script itself 2. $1 - the first parameter 3. and so on… 4. $? - returns the exit status of the last run command 5. $$ - returns the process ID (PID) of the current script 6. $USER - returns the username of the user running the script 7. $SECONDS - returns the runtime of the current script 8. $RANDOM - generates a random number (int 0 - 32000) 9. $LINENO - current line of script C. creation of new variables 1. variablename=value # no spaces ever 2. if you do want spaces, they must be escaped by quotes 3. double quotes recommended for variable substitution later 4. for instance varname=“value $1” allows for insertion of other variables into variables whereas varname=’value (pwd) will run pwd and return the standard output as a variable 3. if you want to capture the standard error for a command, it can be saved as
error=$(</tmp/error)
4. alternative use: curdir=pwd
note the backtics
# foo.sh #!/bin/bash # An example script cp $1 $2 #verify it worked echo "Details for $2" ls -l $2
- handling user input and output can use ‘echo’ to create interactive scripts:
# plususer.sh #!/bin/bash echo -n 'Please enter user name for account:' read username # this saves the stdin input as username read -p 'Username' $username # -n no-newline echo $username read -sp 'Password:' password # -s stealth
- scripts can also handle files as standard input like other commands
# salesreport.sh #!/bin/bash #a sales report generated from standard input echo Data Summary: cat /dev/stdin | cut -d ' ' -F2,3 | sort
- variables can be made global via export
# script.sh #!/bin/bash var1=blah var2=foo echo $0 :: var1 : $var1 , var2 : $var2 export var1 exec ./script2 echo $0 :: var1 : $var1 , var2 : $var2
script2.sh #!/bin/bash echo $0 :: var1 : $var1 , var2 : $var2 var1=flop var2=bleh echo $0 :: var1 : $var1 , var2 : $var2
Sed - Stream EDitor
- the sed command uses regular expressions to modify stdin and sends the changes to stdout
- usage :
sed [options] script.txt [inputfile]
- some of the commands that can be used in the script portion
=
- display the current line numbera\text
- append text to filei\text
- insert text to filer file
- append text from filename into the filec\text
- replace the selected range with the texts/2012/2013/
- replace the first occurrence of 2012 on first occurrence on each lines/2012/2013/g
- replace ’’ ’’ every occurrence on each line
- examples
sed 's/Nick\|nick/Gary/g' < salaryprojections.txt
- ^ this would replace any ‘Nick’ or ‘nick’ with ‘Gary’ at all points in the file
- standard replace format:
sed 's/^/ /' file.txt > file.new.txt
### Examining Processes
ps
command- The internal Unix command for process control is
ps
- By default,
ps
reports back what is happening inside of the current terminal/tty; - shows
PID
,TTY
,TIME
, andCMD
PID
is the Process ID number for a running programTTY
is the Teletypewriter device which the process runs from; reports stdout and stderr to this by default- TIME is the cumulative processor time used by the program on Linux
ps
supports traditional Unix options and GNU flags, which can be somewhat confusing- Options for ps
- Display all processes running
ps -A/-e
both cause all processes on the system to be listed and output is identical - Display processes belonging to a specific user:
ps -u user
- Display extra fields as a “full format”
ps -f
can be combined with other optionsUID
User ID shows the username of the user running the commandPPID
parent process ID, the process ID of the process that spawned the processC
processor utilization as % of usage over the lifetime of the processSTIME
start time of the process as per system time (only in 24h clock format if current day; otherwise uses MMDD format)
- Display long format
ps -l
F
Flags field0
= no special flags for this process1
= forked process, but did not call exec4
= executable was executed with superuser privileges
S
State codesD
Uninterruptible sleep (usually IO)R
Running or runnable (on run queue)S
interruptible Sleep (waiting for an event to complete)T
Stopped, either by a job control signal or because it is being traced.X
dead (should never be seen)Z
Defunct (“zombie”) process, terminated but not reaped by its parent.
UID
uses system number rather than human readable namePRI
Priority is used by the kernel, rather than in userspace, to determine the next in queue for processingNI
Niceness of a process describes how accommodating a process is to sharing time on the system.- This number ranges from +19 to -20, with 0 as the default.
- In the scheduling system, niceness is used to determine how much processing to give to each process when it asks for it.
ADDR
the memory address of the processSZ
the size of the image in pages- how much virtual memory is in use by the process.
- Includes text, data, and stack space
- page size is a kernel variable and can be read by
getconf PAGE_SIZE
WCHAN
address of where a function is sleeping (only kernel functions)RSS
amount of physical memory in use
- Display all processes running
- User-oriented format
ps -u
displays information in a more readable manner%CPU
percent of processor time used by process divided by real time%MEM
actual percentage of non-reserved physical RAMVSIZE
virtual memory size used
- Virtual memory format
ps -v
displays information including number of:MAJFL
major page faults of the process, indicating times it has used swap spaceTRS
physical memory devoted to stackDRS
physical memory devoted to non-executable code
- Recieve a process hierarchy
ps -AH
see parent-child relationships visually - Choose your own adventure mode
ps -o uid,pid,ppid,command
- this command used to determine certain columns
- Piping ps can be piped as per normal to other programs:
- Ex;
ps -u darseife \| grep bash
pgrep
is a common utility that behaves similarly to the previous command
- Ex;
- The internal Unix command for process control is
top
top
is used to view processes as they execute in real time-d
used to choose update frequency in seconds-p
pid to monitor specifically-n
run for N iterations-r
command to renice a process within top-s
to change the update rate within top
htop
can also be used as a next generation to top
nice
andrenice
- The
nice
command is used to run a command with an adjusted niceness- generally can’t give negative values to programs without superuser access
nice -n 12 ./script.sh
will add 12 to the default priority (0)
renice
is used to adjust niceness of running processes.renice 0 -p 2772 3562
renices the processes 2772 and 3562 to 0renice 1 -u darseife
renices the processes of user darsiefe to 1
- The
- Killing processes
kill
- stopping a process currently running
-kill -s signal PID
PID
PID by default, kill sends a signal to a number of process IDs- signal 1 is
SIGHUP
terminates interactive programs and causes daemons to reread config files - signal 9 is
SIGKILL
stops all processes without performing a graceful exit or shutdown - signal 15 is
SIGTERM
asks the process to terminate and to close out open files, run its shutdown script, etc.
kill
will only kill processes owned by the user, unless run with superuser access
- stopping a process currently running
killall
- kill multiple things
killall vi
kills all running instances of vi for the user; when run as a superuser, this will kill any running instance of vikillall -s 9 vi
kills all running instances of vi for the user by sending theSIGKILL
signal to it; when run as a superuser, this will kill any running instance of vi.killall -i vi
uses interactive mode to ask which processes to kill- if you are running killall as root, try to use -i to prevent loss of other people’s work
- Additional process control
- If you are running a program inside of a terminal,
[Ctrl + Z]
will pause and go to background- To restart the process, run the command
fg
in the same terminal - With multiple processes paused,
fg 1
orfg 2
will bring back process 1 or 2
- To restart the process, run the command
- Processes can be started in the background with & at the end of the line; unlike paused processes, these will continue to run.
- If you are running a program inside of a terminal,
Linux Time and Scheduling
- Overview
- Computer systems in general rely on a pair of clocks to operate
- Two clocks
- Hardware clock - initialized in BIOS/UEFI and kept updated via battery while computer is off
- Software clock - initialized at boot from BIOS/UEFI time, and is used to track time while running
- Typically, the clock of the computer is set using coordinated universal time (UTC)
- adjusted for use based on timezones and localization settings like DST before entering userspace
- Both the hardware clock and the software clock are not terribly reliable and tends to drift over time
- This can be a problem on x86_64 systems in general because many network services rely on accurate timekeeping
- This is made worse when having hundreds or thousands of servers requesting time from a single source could be bad
- Unix Time Commands
date
outputs the current software clock timedate -u
outputs the UTC timedate 102715022019
sets the time to exactly Oct 27, 15:02, 2019 in local timehwclock
used to retrieve the value of the hardware clock; must be done as root- setting the hardware clock
hwclock --set--date 102715022019
is a manual sethwclock -hctosys
set the hardware clock to the system clockhwclock --synctohc
synchronizes system clock to hardware
- these are called by daemons and init on startup and shutdown
- both the system time and the hardware clock still suck and need a replacement
NTP
Network Time Protocol- NTP relies on a tree of servers (each level is called a stratum) from a hardware atomic clock server
- The further down the tree you are the less accurate the time is.
- One NTP server requesting time from a center will exchange packet via timestamp and the delay between communications is estimated
- It is best to pick NTP servers with a short delay
- Typically, a cluster of computer is requested from a local time server, which in turn is the only computer requesting times outside of the network
timesyncd
- Traditionally,
ntpd
is the daemon that has provided client time synchronization - Newer versions of Ubuntu use a service called
timesyncd
- uses a slightly different protocol than NTP, called
SNTP
(simplified network time protocol) - configuration information is at
/etc/systemd/timesyncd.conf
timedatectl
is a way to view the current SNTP settings
- uses a slightly different protocol than NTP, called
- also more information related to this accessible with
sudo systemctl status systemd-timesyncd
- Traditionally,
- Running jobs in the future:
cron
cron
like timesyncd or ntpd, cron is a daemon that runs continuously and looks for events to cause it to spring into action- Most daemons are network services, but cron responds to temporal events
- A cron daemon wakes up once per minute, and examines its config files in:
/var/spool/cron/
/etc/cron.d/
/etc/crontab
- Executes command specified:
- System jobs - run as root, and perform system maintenance tasks (rotate logs, clean out
/tmp
, remove old files, update system) - User jobs - run jobs in the future for users
- System jobs - run as root, and perform system maintenance tasks (rotate logs, clean out
/etc/crontab
- System cronjobs are controlled by this file
- Normally, begins with environment variable configuration, then several lines like:
- On a typical system
02 4 * * * root run-parts /etc/cron.daily
- On Ubuntu Desktop
25 6 * * * root test -x /usr/sbin/anacron || cd / && run-parts --report /etc/cron.daily
- On a typical system
- Fields for cron, in order
- the minute of the hour
- the hour of the day
- day of the month
- month of the year
- day of the week
- different scripts for items are run from:
/etc/cron.daily
/etc/cron.weekly
/etc/cron.monthly
anacron
a specific implementation of cronanacron
is not intended to be a replacement for cron, it is a supplement- cron works great on systems that are always on
anacron
is smart in that it can tell if things are run- if things are missed, it plays catchup
- light-night log rotation, for example, might never run
- anacron is intended to address this
- when run it checks to see when it last executed each program
- if a period greater than the programs interval has passed, the program gets run by anacron
- config file
/etc/anacrontab
- format:
1 5 cron.daily run-parts --report /etc/cron.daily
- first column: delay in minutes
- second column: frequency in days
- format:
crontab
edit cronjobs for users- cron jobs for the system are under
/etc/
but user ones are kept in/var
crontab -e
edit your user cronfile- root can edit other users with
crontab -u username -e
/etc/cron.allow
and/etc/cron.deny
exist for whitelisting or blacklisting users from usingcron
- an empty
/etc/cron.deny
allows ALL USERS if present - an empty
/etc/cron.allow
blocks ALL USERS if present
- an empty
- if neither of these exist, then only root may use
cron
- cron jobs for the system are under
at
a handy simple task timer- cron and anacron can be overkill for simple tasks that need to be done once
- example:
at 5am Oct 31
at> /home/darren/run-backup.sh
at> echo "job done"
at> mail -s "backup job finished" root
at>
ctrl+d to finish
at now +1 hour
will run 1 hour from now relative to current system time- other examples:
at midnight
at noon
at teatime
aterm
to remove an upcoming commandatq
used to list pending commands
Log Files
- Intro
- Linux machines log files that record key details about system operation and are typically stored in
/var/log
- Logging on Linux system is generally performed by the syslog daemon,
syslogd
- However, some daemons and programs perform logging independently of syslog
- Logging on Linux can be done locally to the computer, but in a networked environment, logs may be sent to a central logging server and by email
- Logging is a security action and is typically a part of the system worth hardening because it is exploitable by an attacker to hide their break-in
- Logs should be rotated, aka moved out of the system, to prevent
/var/log
from being filled completely
- Linux machines log files that record key details about system operation and are typically stored in
syslog
- The basic idea of a system logger is to provide a unified means of a handling log files
- The daemon runs in the background and and accepts data delivered from servers and other programs
- Once the log daemon receives a message, it is classified and directed to an appropriate file
syslogd
might be managing several services at the same time and providing different rule-based logging based on priority of the messages receivedsyslogd
relies on the config file/etc/syslog.conf
- Ubuntu uses
/etc/rsyslog.conf
for rocket-fast syslog - the configuration file supports a ruleset, located at
/etc/rsyslog.d/
or/etc/syslog.d/
respectively - standard logging is done by daemon, with the format
facility.priority action
- example:
mail.* /var/log/mail.log
- example:
- facility parameter is the name of the type of program the daemon that generates messages to be logged
auth/priv
security messagescron
from the cron daemondaemon
catch-all for various systems serverskern
kernel messageslpr
printer and CUPS messagesmail
mail subsystemsnews
oldschool newsgroupssyslog
internally generated messagesuucp
unix-to-unix copy daemonlocal[0-7]
predefined facilities for custom configurations
- priority parameters include:
deb
debugging messagesinfo
normal operationsnotice
abnormalities that do not effect functionalitywarn
tells that an error will occur is action is not takenerr
standard error for the daemon, non-urgent failure of the daemon causing an error messagecrit
critical error causing a secondary system to fail urgentlyalert
critical error causing a primary system to fail urgentlyemerg
Panic message - system unusable
- the action parameter is a file or location on the network that will accept the message
- could be a file in
/var/log
- could also be a tty:
/dev/tty8
- could also be a computer on the network:
@logger.ndus.edu
- could be a file in
- Ubuntu uses
- When a program sends a message to the system logger, it includes the priority: the message is only logged if it is of a certain level or higher
- Exceptions:
*
all codes- =
(mail.=crit)
applies to this priority only
- You can also specify multiple facilities with the same priority by using a comma
- Multiple facilities separated by commas followed by a priority all follow the same priority
- A semicolon is used to specify a number of logging priorities
kern.info;kern.err
everything between info and error
- Exceptions:
logger
- logging something else- The
logger
command allows a user to log something else other than established facilities logger shutting down for system maintenance
- will log to
/var/log/syslog
asNov 6 15:50:00 darseife-virtualbox darseife: shutting down for system maintenance
- will log to
-i
records the PID of the logger process when run (useful when run from script)-s
print the log message to standard error in addition to logging-f /foo
logs to/foo
instead of the system log-p
specify both a facility and a priority for the system log message;-p local3.info
- The
Firewalling
- TCP Wrappers
- TCP wrappers depend on two config files to work properly; these are
/etc/hosts.allow
and/etc/hosts.deny
- the most common config for these is default
deny
ALL:ALL
in/etc/hosts.deny
ALL:127.0 [::1]
in/etc/hosts.allow
- specific services from a specific host enabled as the form
sshd:192.168.X.Y
in/etc/hosts.allow
- all services from a domain as
ALL:.minotstateu.edu
in/etc/hosts.allow
- Also used is specific allow
- nothing is listed in
/etc/hosts.allow
- specifically removed IP addresses in the form
ALL:165.234.X.Y
in/etc/hosts.deny
- nothing is listed in
- Secondary service-level blocking can be used to apply rules to services in the form
/etc/sshd.hosts
- TCP wrappers depend on two config files to work properly; these are
iptables
iptables
is the kernel level netfilter firewalliptables -L
lists the current rulesetiptables -A
is used to APPEND new rules to a chain (takes a chain name)iptables -I
inserts a rule (takes a chain name and a position)- example
iptables -A INPUT -ptcp -dport ssh -j ACCEPT
- example
- rule options
-p
the protocol used-d
the destination port, can accept a range of port-j
the action to take, includes ACCEPT, DENY, DROP-s
specify a source address, can be either192.168.0.1
or192.168.0.0/24
-m
require the rule to match a specific property- ex
iptables -m conntrack
allows filter rule to match based on connection state
- ex
--ctstate
define a list of connection states for the rule to match on- NEW - new connections
- RELATED - new but related to a previous on
- ESTABLISHED - a preexisting connection already in progress
- INVALID - any malformed traffic or unidentified traffic
-j
tells iptable what to do with the packet given the rule- ACCEPT - routes as normal as per IP header
- DROP - kills the packet without giving reply
- REJECT - sends an explicit error message
- Uncomplicated Firewall (ufw)
ufw enable
to turn on ufwufw disable
to turn off ufwufw status
view current rules for ufwufw status verbose
reports logging level + access levels for each ruleufw allow 80/tcp
sets a rule to allow tcp packets on port 80ufw deny 22/udp
sets a rule to reject udp packets on port 22ufw deny ssh
sets a rule to reject all ssh protocol packetsufw allow 6000-6007/tcp
sets a rule with a range to allow tcp packets from 6000-6007ufw allow from 15.15.15.1 to any
sets a rule allowing all traffic from 15.15.15.1ufw status numbered
returns a numbered list of rules in the setufw delete 2
removes rule number 2 in a listufw logging {on/off}
turns the logging on or off; usually caught by syslogd/rsyslog; logging is set tolow
by defaultufw logging {low/medium/high/full
sets logging verbosity of ufw;- note that logging is rate limited at
medium
and not rate limited athigh
- note that logging is rate limited at
Boot/Initialization
- Slackware - SysV Init
- System 5 style rc script via
init
PID 1
=init
which is the process that starts all other processes when the system bootsinit
is responsible for processing/etc/inittab
to see how to start the system and at what runlevel- Things
init
does- Runs the script
/etc/rc.d/rc.s
to determine to prepare the system before loading to the desired runlevel - Enables virtual memory for the system and mounts filesystems in
/etc/fstab
- Loads kernel modules
- Near the end of the script
rc.s
, init will run scripts related to the runlevel the system is entering -for example,rc3.d
is run at runlevel 3
- Runs the script
- System 5 style rc script via
- SystemD
- Ubuntu, CentOS, RedHat, and others have moved from SysV init process to the SystemD initialization process
- Rather than running many shell scripts during init, the systemD process uses one monolithic program to control startup of services
- The way the services are started are controlled by a configuration file
- systemd uses units and targets rather than scripts and runlevels
- there are 11 different types of units:
mount
unit defines a mountpoint on the system named with the mount path with slashes replaced as dashesswapspace
device
a device in the linux device treesocket
fifo pipe to an internet port with an associated serviceservice
a service or application on the system
- targets are used to stop and start the service and group units together
- systemd identifies units by name and type
- example ssh could have an ssh.service and an ssh.socket
- there are 11 different types of units:
systemctl
- can list current units loaded on the system- config files -
/lib/systemd/system
- modify how a unit functions -
/etc/systemd/system