Unix crash course: Difference between revisions

From Rasulev Lab Wiki
Jump to navigation Jump to search
mNo edit summary
No edit summary
Line 1: Line 1:
#Introduction to Unix


==Introduction to Unix==
<span id="syllabus"></span>
=== Syllabus ===


===Syllabus===
<ol>
 
<li>Recommended course material:
<ol style="list-style-type: decimal;">
<li>Recommended material:
<ul>
<ul>
<li>Unix and Linux System Administration 5th Edition - Evi Nemeth, et al.</li>
<li>Unix and Linux System Administration 5th Edition - Evi Nemeth, et al.</li>
<li> CompTIA Linux+ Study Guide 4th Edition - Chritine Bresnahan and Richard Blum</li></ul>
<li>CompTIA Linux+ Study Guide 4th Edition - Chritine Bresnahan and Richard Blum</li></ul>
</li>
</li>
<li>Objectives
<li>Objectives
<ol style="list-style-type: lower-alpha;">
a. Shell scripting, input redirection, and C++/C code in a GNU/Linux environment
<li>Shell scripting, input redirection, and C++/C code in a GNU/Linux environment</li>
b. understanding of Linux file system including permissions
<li>Understanding of Linux file system including permissions</li>
c. understanding of command and how to intermingle them to achieve more complex goals
<li>Understanding of command and how to intermingle them to achieve more complex goals </li>
d. basic system architecture, installation process, and management of Linux/Unix</li>
<li> Basic system architecture, installation process, and management of Linux/Unix</li> </ol>
</li>
<li>General notes
<li>General notes
<ol style="list-style-type: lower-alpha;">
a. Learning to use Bash scripting and <code>vi</code>/<code>neovim</code> essential to professional usage of Linux in real life
<li>Learning to use Bash scripting and <code>vi</code>/<code>neovim</code> essential to professional usage of Linux in real life</li>
b. Any commands discussed in class can be looked up via 'man'</li></ol>
<li> Any commands discussed in class can be looked up via ‘man’</li><li>More detailed information for any command available from the command shell with an internet connection: <code>curl cheat.sh/command_na</code></li></ol>
 
</li></ol>
##History
###What is Unix?
 
<ol>
<li>Bell System
a. Dates back to late 1960s, Originally developed by Ken Thompson and Dennis Ritchie of Bell Labs
b. Ritchie described the initial goal as to create a good environment in which to: - do programming and development - foster communal computing through remote access and close communication
c. Unix originally written in assembly, but was later re-written in C in 1972
d. first public releases in 1973, at Symposium on Operating Systems Principles; early source code sent by standard mail
e. 1975, Version 6 of Unix was licensed to companies for the first time. However, commercial users were rare. Licensees only recieved source code from AT&amp;T.
f. Also in 1975, Ken Thompson takes a sabbatical from Bell Labs as a professor at UC Berkeley. Creates BSD: The Berkeley System Distribution of Unix 4.2. - includes C-shell and vi editor for first time
g. 1983: Bell broken into several companies in anti-trust suit against AT&amp;T.
h. AT&amp;T new restrictive license almost kills commercial Unix. By 1991, BSD had grown to a complete rewrite of AT&amp;T Unix and comes with BSD license.
i. BSD survives today as: FreeBSD, OpenBSD, NetBSD, etc. Additionally, Darwin kernel of Mac OSX continues as a form of Unix.</li>
<li>GNU Project into Linux
a. Around 1983, Richard Stallman creates GNU project
b. Stallman's GNU system goal was to create a 'free' system of software that had many of other capabilities of the commercial tools that many Unix also had
c. By 1985, Stallman had founded the Free Software Foundation to raise funds to develop free versions of all the components of the Unix syste, under GNU GPL
d. In 1991, Linus Torvalds began the development of a new free OS based on the MINIX operation system and SunOS. The 21 year old puts together the kernel.
e. As the kernel for the GNU project was still very much in development, the two projects became a natural fit.
f. To this day, Stallman insists that Linux is GNU/Linux due to the large reliance on GNU toolchain</li></ol>
 
#Introduction to Red Hat Enterprise Linux
###Package Manager - YUM


===History===
# stands for YellowDog Updater Modified
# provides a set of tools for retrieving software from the internet using subscriptions to an update server
# utilizes .rpm software to install packages for management
# creates an Enterprise Linux environment
#* cons: less software options overall
#* pro: all available software is tested and works without additional configuration
# <code>yum</code> has an additional, alternative wrapper program <code>dnf</code> to improve output and ease of use
#* stands for DaNdified YUM
#* commands in the format <code>sudo dnf [verb] [objects]</code>
#* <code>-y</code> flag gives YES as passed option for less attended installation
# command commands
#* <code>sudo dnf -y install [package_name]</code> install a particular package and dependencies
#* <code>sudo dnf -y update</code> update all packages


<li> Bell System
#Introduction to Ubuntu
#<li>Dates back to late 1960s, Originally developed by Ken Thompson and Dennis Ritchie of Bell Labs </li><li>Ritchie described the initial goal as to create a good environment in which to:
###Package Manager - APT
##<li>do programming and development </li><li>foster communal computing through remote access and close communication </li></li><li>Unix originally written in assembly, but was later re-written in C in 1972 </li><li>First public releases in 1973, at Symposium on Operating Systems Principles; early source code sent by standard mail </li><li>1975, Version 6 of Unix was licensed to companies for the first time. However, commercial users were rare. Licensees only received source code from AT&amp;T. </li><li>Also in 1975, Ken Thompson takes a sabbatical from Bell Labs as a professor at UC Berkeley.
##<li>Creates BSD: The Berkeley System Distribution of Unix 4.2. </li><li>Includes C-shell and vi editor for first time </li></li><li>1983, Bell broken into several companies in anti-trust suit against AT&amp;T. </li><li> AT&amp;T new restrictive license almost kills commercial Unix.
##<li>By 1991, BSD had grown to a complete rewrite of AT&amp;T Unix and comes with BSD license. </li><li>BSD survives today as: FreeBSD, OpenBSD, NetBSD, etc. </li><li>Additionally, Darwin kernel of Mac OSX continues as a form of Unix. </li></li></li><li>GNU Project into Linux
#<li>Around 1983, Richard Stallman creates GNU project </li><li>Stallman’s GNU system goal was to create a ‘free’ system of software that had many of other capabilities of the commercial tools that many Unix also had </li><li>By 1985, Stallman had founded the Free Software Foundation to raise funds to develop free versions of all the components of the Unix syste, under GNU GPL </li><li>In 1991, Linus Torvalds began the development of a new free OS based on the MINIX operation system and SunOS. The 21 year old puts together the kernel. </li><li>As the kernel for the GNU project was still very much in development, the two projects became a natural fit. </li><li>To this day, Stallman insists that Linux is GNU/Linux due to the large reliance on GNU toolchain </li></li>


===Introduction to Red Hat Enterprise Linux===
<ol>
#Package Manager - YUM
<li>stands for Advanced Package Manager</li>
##Stands for YellowDog Updater Modified
<li>Ubuntu's set of tools to install packages and keep them up to date</li>
##Provides a set of tools for retrieving software from the internet using subscriptions to an update server
<li>utilizes .deb software packages for management</li>
##Utilizes .rpm software files to install packages for management
<li>keep in mind this package management system is far from standard
##Creates an Enterprise Linux environment
a. RPM is Linux Standard Base
##*'''cons:''' less software options overall
b. Many commerical Unixes have their own package managers
##*'''pro:''' all available software is tested and works without additional configuration
c. when all else fails, a tarball (.tar) fille can be used to build from source</li>
##5. <code>yum</code> has an additional, alternative wrapper program <code>dnf</code> to improve output and ease of use
<li>Commands
##*stands for DaNdified YUM - commands in the format <code>sudo dnf [verb] [objects]</code>
a. <code>apt-get update</code> synchronizes the index of packages to your system
##*<code>-y</code> flag gives YES as passed option for less attended installation 6. command commands
b. <code>apt-get upgrade</code> downloads and installs new versions of all currently installed packages in place, based on the index
##*<code>sudo dnf -y install [package_name]</code> install a particular package and dependencies
c. <code>apt-get dist-upgrade</code> downloads and installs new versions, and moves the system up to the next version, based on the index
##* <code>sudo dnf -y update</code> update all packages
d. <code>sudo</code> was originally &quot;superuserdo&quot;, now works to substitute - users and run programs as that user. /etc/sudoers controls this behavior.
e. <code>sudo apt-get install foo</code> : installs package named '''foo'''
f. <code>sudo apt-get remove bar</code> : removes a package named '''bar''', but not the config files
g. <code>sudo apt-get purge bar</code> : removes a package named '''bar''', and removes config files 8. sudo apt-get source * : gets the source code for a package 9. sudo apt-get clean : removes downloaded packages (.deb files) used to install</li></ol>


===Introduction to Ubuntu===
# Package Manager - APT
##Stands for Advanced Package Manager
##Ubuntu’s set of tools to install packages and keep them up to date
##Utilizes .deb software packages for management
##Keep in mind this package management system is far from standard
##*Many commercial Unixes have their own package managers
##*When all else fails, a tarball (.tar) file can be used to build from source
##Commands
##*<code>apt-get update</code> synchronizes the index of packages to your system
##*<code>apt-get upgrade</code> downloads and installs new versions of all currently installed packages in place, based on the index
##*<code>apt-get dist-upgrade</code> downloads and installs new versions, and moves the system up to the next version, based on the index
##*<code>sudo</code> was originally “superuserdo”, now works to substitute - users and run programs as that user. /etc/sudoers controls this behavior.
##*<code>sudo apt-get install foo</code> : installs package named '''foo'''
##*<code>sudo apt-get remove bar</code> : removes a package named '''bar''', but not the config files
##*<code>sudo apt-get purge bar</code> : removes a package named '''bar''', and removes config files
##*<code>sudo apt-get source * </code>: gets the source code for a package
##*<code>sudo apt-get clean</code> : removes downloaded packages (.deb files) used to install
<span id="filesystem"></span>
<span id="filesystem"></span>
===File System===
=== Filesystem ===


<ol style="list-style-type: decimal;">  
<ol>
<li>Directories
<li>Directories
<ol style="list-style-type: lower-alpha;">
a. first and bottom of the directory of the file structure tree is called root '''/'''
<li>first and bottom of the directory of the file structure tree is called root '''/'''</li>
b. '''/root''' in addition, there is a file directory, within the root directory called /root (&quot;slash root&quot;), which acts as root's home directory
<li>'''/root''' in addition, there is a file directory, within the root directory called /root (“slash root”), which acts as root’s home directory </li>
c. '''/home''' normal users' directories
<li>'''/home''' normal users’ directories</li>
d. '''/boot''' contains the boot directory, including kernel, initial RAMdisk, and bootloader
<li>'''/boot''' contains the boot directory, including kernel, initial RAMdisk, and bootloader</li>
e. '''/dev''' lists all devices of the computer
<li> '''/dev''' lists all devices of the computer</li>
f. '''/etc''' configuration files for nearly all programs that need a state
<li>'''/etc''' configuration files for nearly all programs that need a state</li>
g. '''/tmp''' temporary files for the system
<li>'''/tmp''' temporary files for the system</li>
h. '''/var''' variable-length files used by programs - '''/var/spool''' old-school webmail location - '''/var/www''' location of http server files
<li>'''/var''' variable-length files used by programs
i. '''/usr''' files available to users, including binaries for daily user tasks in /usr/bin
<ul>
j. '''/sbin''' binaries used only by root
<li>'''/var/spool''' old-school webmail location</li>
k. '''/bin''' binaries for the system everyone needs to use</li>
<li>'''/var/www''' location of http server files</li></ul>
</li>
<li>'''/usr''' files available to users, including binaries for daily user tasks in /usr/bin </li>
<li>'''/sbin''' binaries used only by root</li>
<li>'''/bin''' binaries for the system everyone needs to use</li></ol>
</li>
<li>Commands
<li>Commands
<ol style="list-style-type: lower-alpha;">
a. '''cd''' change directories
<li>'''cd''' change directories</li>
b. '''~''' alias used to shortcut the current user directory
<li>'''~''' alias used to shortcut the current user directory</li>
c. '''Ctrl+R''' search history of commands in <code>bash</code>; also available as output from <code>history</code>
<li>'''Ctrl+R''' search history of commands in <code>bash</code>; also available as output from <code>history</code></li>
d. '''!!''' runs the previous command
<li>'''!!''' runs the previous command</li>
e. '''ls''' list in the contents of current directory
<li>'''ls''' list in the contents of current directory</li>
f. '''.''': the current directory
<li>'''.''': the current directory</li>
g. '''..''' : go up one directory#User and Group Configuration</li></ol>
<li>'''..''' : go up one directory#User and Group Configuration</li></ol>
 
</li></ol>
<span id="useraddusermod"></span>
===useradd/usermod===  
=== useradd/usermod ===


#<code>useradd</code> and <code>usermod</code> do much the same thing
# <code>useradd</code> and <code>usermod</code> do much the same thing
#* <code>-c</code> allows to add comments
#* <code>-c</code> allows to add comments
#*<code>-d</code> allows to change user home directory
#* <code>-d</code> allows to change user home directory
#*<code>-e</code> expiration date - date an account will expire (in YYYYMMDD format), kept in <code>/etc/shadow</code>
#* <code>-e</code> expiration date - date an account will expire (in YYYYMMDD format), kept in <code>/etc/shadow</code>
#*<code>-f</code> specify how many days the account can be inactive before password expires, kept in <code>/etc/shadow</code>
#* <code>-f</code> specify how many days the account can be inactive before password expires, kept in <code>/etc/shadow</code>
#*<code>-g</code> specify default group of the user
#* <code>-g</code> specify default group of the user
#*<code>-G</code> append a list of additional groups for the user
#* <code>-G</code> append a list of additional groups for the user
#*<code>-l</code>(usermod only) changes a user login ex: <code>usermod -l darren darseife</code>
#* <code>-l</code>(usermod only) changes a user login ex: <code>usermod -l darren darseife</code>
#*<code>-u</code> uid
#* <code>-u</code> uid
#*<code>-s</code> specifies login shell
#* <code>-s</code> specifies login shell
#*<code>-p</code> specify pre-hashed password
#* <code>-p</code> specify pre-hashed password
#*<code>-L</code> (usermod only) locks the user’s password so it cannot be entered directly (best used with -e, as well)
#* <code>-L</code> (usermod only) locks the user's password so it cannot be entered directly (best used with -e, as well)
#*<code>-U</code> will unlock a user’s password
#* <code>-U</code> will unlock a user's password


===passwd===
###passwd command revisited
commands


# <code>sudo passwd darseife</code> change the password of darseife
<ol>
#<code>passwd</code> can also be used to lock and unlock accounts
<li><code>sudo passwd darseife</code> change the password of darseife</li>
#*<code>passwd -l</code> will lock the account’s password
<li><code>passwd</code> can also be used to lock and unlock accounts
#*a locked password will always be input incorrectly
a. <code>passwd -l</code> will lock the account's password
#*does not necessarily lock user out of the account
b. a locked password will always be input incorrectly
#*puts an <code>!</code> at the beginning of the password field in <code>/etc/shadow</code>
c. does not necessarily lock user out of the account
#*<code>crypt</code>, the algorithm used to implement ciphers, cannot generate an <code>!</code>so the password hash is disabled
d. puts an <code>!</code> at the beginning of the password field in <code>/etc/shadow</code>
#*<code>passwd -u</code> would unlock the account’s password
e. <code>crypt</code>, the algorithm used to implement ciphers, cannot generate an <code>!</code>so the password hash is disabled
#<code>passwd -d</code> removes the password of the account
f. <code>passwd -u</code> would unlock the account's password
#<code>passwd -S</code> displays account information:  
g. <code>passwd -d</code> removes the password of the account
#*last password change
h. <code>passwd -S</code> displays account information: - last password change - password expires - password inactive - account expires - minimum days between password change - maximum days before password change - warn period before changes</li></ol>
#*password expires
#*password inactive
#*account expires
#*minimum days between password change
#*maximum days before password change
#*warn period before changes


===chage===
###chage
1. The <code>chage</code> command allows you to modify account settings related to password expiration and aging 2. <code>chage</code> can also be used to configure accounts to automatically expire if: - the password hasn’t been changed - or a date has been passed 3. <code>chage -l</code> print expiration settings of an account 4. <code>chage -m DAYS username</code> to set the minimum time between password changes 5. <code>chage -M DAYS username</code> to set the maximum time between password changes 6. <code>chage -d YYYYMMDD username</code> update the last day YYYY-MM-DD on which to change the password 7. <code>chage -E YYYYMMDD username</code> set the expiration date as YYYY-MM-DD on which username’s account expires - setting the number to <code>-1</code> will make it never expire 8. <code>chage -I DAYS username</code> will lock the account password after number of days inactive 9. <code>chage -W DAYS username</code> number of days the user will be warned before their account is made inactive 10. All of these settings are stored in <code>/etc/shadow</code>


###userdel 1. <code>userdel username</code> deletes users 2. <code>userdel -r username</code> deletes the user, their mail spool, their home directory, and everything in it 3. <code>userdel -f username</code> deletes the user ''right now'' even if they are logged in
# The <code>chage</code> command allows you to modify account settings related to password expiration and aging
# <code>chage</code> can also be used to configure accounts to automatically expire if:
#* the password hasn't been changed
#* or a date has been passed
# <code>chage -l</code> print expiration settings of an account
# <code>chage -m DAYS username</code> to set the minimum time between password changes
# <code>chage -M DAYS username</code> to set the maximum time between password changes
# <code>chage -d YYYYMMDD username</code> update the last day YYYY-MM-DD on which to change the password
# <code>chage -E YYYYMMDD username</code> set the expiration date as YYYY-MM-DD on which username's account expires
#* setting the number to <code>-1</code> will make it never expire
# <code>chage -I DAYS username</code> will lock the account password after number of days inactive
# <code>chage -W DAYS username</code> number of days the user will be warned before their account is made inactive
# All of these settings are stored in <code>/etc/shadow</code>


###groupadd and groupmod 1. <code>groupadd</code>add a group to a system 2. <code>groupadd -r</code> used to create a system group, creating a GUID above 1000 3. <code>groupmod</code> change a group 4. <code>groupmod -n</code> change a group name
###userdel


###gpasswd - group password 1. <code>gpasswd groupname</code> sets password for a group; it is most common to not have a group password 2. <code>gpasswd -R</code> restricts access to users logging in with password via newgrp
# <code>userdel username</code> deletes users
# <code>userdel -r username</code> deletes the user, their mail spool, their home directory, and everything in it
# <code>userdel -f username</code> deletes the user ''right now'' even if they are logged in


###getent - get entities 1. can be used to view individual records in <code>/etc/passwd</code>, and other files 2. useful for getting exact matches for items 3. <code>getent password username</code> - get passwd information for user 4. <code>getent shadow username</code> - get shadow information for user 5. <code>getent group groupname</code> - get group information for user#The *nix CLI ###The Shell explained 1. A shell is a command interpreter where the user interacts with the system via command line interface (CLI) 2. Different shells currently in-use A. '''Bourne-Again SHell''' - located at <code>/bin/bash</code> is the main shell and is used was a default on most Linux systems B. '''sh''' - The Bourne Shell, old school version does not require any libraries. Rarely seen as a user-interface shell; typically a symbolic link to another shell binary. Created by Stephen Bourne, first included in Unix V7 C. '''tcsh''' Tee Shell. Based on the earlier C-shell from Unix. Has some additional features built into it. D. '''csh''' C-shell, a BSD component not often seen on Linux. Created by Bill Joy at UC Berkeley. E. '''ksh''' Korn shell from Bell Labs in the 1980s. The idea was to incorporate features from the Bourne Shell along with C-programming syntax. F. '''zsh''' 1990s, incorporates additional ideas into ksh. 3. Built-in Commands A. <code>cd</code> changes directory - <code>cd ~</code> or <code>cd /home/user</code> are equivalent B. <code>ls -</code> lists files in a directory - default behavior just lists files - <code>-a</code> lists all files including hidden ones - <code>-l</code> long format - <code>-d</code> just directories - <code>-F</code> uses a special character to rep filetypes - <code>-R</code> recursive listing C. Single characters are substituted by <code>?</code>, wildcards by <code>*</code> D. Exiting the system - <code>exit</code> exits the current shell - <code>logout</code> only works for login shells E. Shutting down the system - <code>shutdown -h now</code> halts the system now - <code>shutdown -r now</code> restarts the system now - <code>shutdown -h +5 &quot; &quot;</code> broadcasts the message in quotes and tells people it will be down in 5minutes - <code>halt</code> on most systems, will drop the system into single user mode - <code>poweroff</code> “on fire” graceless exit. Sends HW signal to kill power - <code>reboot</code> essentially ‘shutdown -r’ - <code>reboot -f</code> graceless restart exit, Sends HW signal to reboot F. <code>init</code> relies on a series of programs or scripts to change run-state of machine and to start/stop linux services - <code>init 0</code> - shuts the machine down - <code>init 6</code> - reboots the machine - <code>init S</code> - initializes system boot
###groupadd and groupmod


###Man pages and getting help 1. displays the manual pages for any packages on the system 2. typing <code>[/]</code> will allow you to search through the page 3. allows you to move via <code>[spacebar]</code> or <code>[pgup/pgdn]</code> 4. <code>man</code> is broken up into seperate chapters: <code>man 5</code> would show chapter 5 1. executable programs and shell 2. system calls 3. library calls 4. device calls 5. file formats 6. games 7. misc. (macro packages) 8. sys admin commands 9. kernel routines 5. <code>man -k *</code> : to find any pages matching <code>*</code> 6. most programs also allow for <code>--help</code> or <code>-?</code> to be passed for a quick rundown on commands and usage
# <code>groupadd</code>add a group to a system
# <code>groupadd -r</code> used to create a system group, creating a GUID above 1000
# <code>groupmod</code> change a group
# <code>groupmod -n</code> change a group name


###Unix filesystem permissions 1. filesystem permissions saved as a series of 3 bit numbers 2. format: <code>d,rwx,rwx,rwx</code> for read-write-execute a. <code>d</code> - denotes a Directory or file b. first triad is for the User of the file c. second triad is for Group members of the file d. third triad is for Everyone else 3. Read-write-execute for files a. '''Read''' allows the file to be opened b. '''Write''' allows for the file to be edited c. '''Execute''' allows for the file to run as a program 4. Read-write-execute for directories a. '''Read''' allows for the directory to view filenames in the directory b. '''Write''' allows files to be added or deleted from a dir c. '''Execute''' allows the directory to be visited, “permission to traverse through”; must have this to execute programs within a directory 5. <code>chmod</code> changes file and directory permissions a. two modes for chmod 1. '''symbolic mode''' <code>chmod {u,g,o}[+,-,=]{r,w,x}</code> 2. absolute mode - chmod 777 /path/to/file` * 0 no permissions * 1 execute * 2 write * 4 read F. chown - change file owner and group 1. chown user /foo - changes foo’s owner to user 2. chown root:root /foo - changes foo’s owner to root, also changes foo’s group to root G. echo - displays any text you enter after the command 1. primarially used in shell scripts or ‘programs’ that utilize a combination of of built-in commands, variables, and executables to complete tasks 2. variables reached from echo by invoking the variable name as $NAME #Input Redirection and Utils
###gpasswd - group password


###Redirection symbols 1. prog &gt; - redirects std output to the file, truncating and rewriting 2. prog 2&gt; - redirect std error to the file, truncating and rewriting 3. &amp;&gt; - redirects both std output and error to file 4. <code>&gt;&gt;</code> - non-destructively appends to end of file rather than rewriting 5. <code>- &quot;backtick&quot; process commands in the middle of another command a. A tool similar to xargs b. text within backticks are treated as a separate command line who's results are substituted on this command line c. things inside of backticks are attempted to be used as a command d. example: rm</code> find / - user darren ` 6. $() - is used like a backtick; more resistant to weird syntax
# <code>gpasswd groupname</code> sets password for a group; it is most common to not have a group password
# <code>gpasswd -R</code> restricts access to users logging in with password via newgrp


###Piping data between programs 1. programs on a UNIX system frequently use pipes to redirect each other’s output. 2. for instance you might use a text-filtering command on output from a file reading command. 3. allows small programs to operate on a flow of information in a row 4. | - this is an unnamed pipe 5. mkfifo - allows for the creation of named pipes a. <code>mkfifo fifo1</code> b. <code>ls -l &gt; fifo1</code> c. <code>cat &lt; fifo1</code> 6. tee - read from standard input and write to standard output and files a. splits standard input so that is it is both displayed via standard output and also captured to one of more files b. allows for logging and redirection while the process is also shown on screen c. overwrites to a file as per &gt;by default rather than like &gt;&gt;d. example - echo $PATH | tee file1 file2 - file1, file2, and stdoutput all have same information 5. find - searches for files in directory hierarchy 6. xargs - builds a command from standard input, using command name and arguments to that command and then executes the command on each line of standard input a. example: find / - user darren | xargs -d %rm 7. file - returns the type of file and metadata information regarding files 8. join - combines two text files by matching the contents of specified fields a. by default, join uses spaces as the limiters (unless -t CHAR is given) b. example: join -1 3 -2 2 - this joins the third field of the first file and the second field of the second file 9. paste A. Paste is like cat rotated 90 degrees. When operating on multiple files, it will merge the lines of the files. 10. expand - converts tabs to spaces A. by default assumes you want 8 spaces per tab; -t changes B. unexpand - converts spaces to tabs 11. od - dump files into octal and other formats A. default usage is dumping binary file into octal binary format B. -x for 2byte hex output 12. sort - sorts lines of text files A. writes sorted concatenation of all files as output B. by default, uses first column C. Important options 1. -f : ignore case 2. -m : sort by three digit month abbreviation; ex, jan 3. -n : numeric sort 4. -v : sort by versio 5. -h : compare human readable numbers 6. -r : reverses the sort 7. -R : sorts randomly but groups like files 8. -d : dictionary-order 9. -k : sort via key, sorts by a field number, can be comma-seperated listq D. the opposite of this is ‘shuf’ 13. split - splits a file into 2 or more files A. needs to have an output file prefix B. where do you want to split 1. -b : size in bytes 2. -l : lines C. example: split -l 2 listening1.txt numbers -&gt; output is: ‘numbersaa’ and ‘numbersab’ D. by default: splits every 10,000 lines 14. tr - trnaslate or delete characters A. changes individual characters coming in through standard input and outputs via standard output B. options 1. [:lower:] - all lower case chars 2. [:upper:] - all upper case chars 3. [::] 15. cut - extracts portions of lines of input and prints out as output A. used to remove items within lines, delimited by spaces or tabs B. options 1. -b : cuts the specified list by byte 2. -c : cuts the specified characters 3. -f : cuts specified list of fields from input 4. -d : specifies the delimiter for fields C. EXAMPLE: cut -f 7 -d : /etc/passwd 16. uniq - take an input list and report or omit repeated lines A. only if they are next to each other, so you have to sort first B. EXAMPLE: cut -f 7 -d : /etc/passwd | sort | uniq
###getent - get entities
 
<ol>
<li>can be used to view individual records in <code>/etc/passwd</code>, and other files</li>
<li>useful for getting exact matches for items</li>
<li><code>getent password username</code> - get passwd information for user</li>
<li><code>getent shadow username</code> - get shadow information for user</li>
<li><code>getent group groupname</code> - get group information for user#The *nix CLI
###The Shell explained</li>
<li>A shell is a command interpreter where the user interacts with the system via command line interface (CLI)</li>
<li>Different shells currently in-use A. '''Bourne-Again SHell''' - located at <code>/bin/bash</code> is the main shell and is used was a default on most Linux systems B. '''sh''' - The Bourne Shell, old school version does not require any libraries. Rarely seen as a user-interface shell; typically a symbolic link to another shell binary. Created by Stephen Bourne, first included in Unix V7 C. '''tcsh''' Tee Shell. Based on the earlier C-shell from Unix. Has some additional features built into it. D. '''csh''' C-shell, a BSD component not often seen on Linux. Created by Bill Joy at UC Berkeley. E. '''ksh''' Korn shell from Bell Labs in the 1980s. The idea was to incorporate features from the Bourne Shell along with C-programming syntax. F. '''zsh''' 1990s, incorporates additional ideas into ksh.</li>
<li>Built-in Commands A. <code>cd</code> changes directory - <code>cd ~</code> or <code>cd /home/user</code> are equivalent B. <code>ls -</code> lists files in a directory - default behavior just lists files - <code>-a</code> lists all files including hidden ones - <code>-l</code> long format - <code>-d</code> just directories - <code>-F</code> uses a special character to rep filetypes - <code>-R</code> recursive listing C. Single characters are substituted by <code>?</code>, wildcards by <code>*</code> D. Exiting the system - <code>exit</code> exits the current shell - <code>logout</code> only works for login shells E. Shutting down the system - <code>shutdown -h now</code> halts the system now - <code>shutdown -r now</code> restarts the system now - <code>shutdown -h +5 &quot; &quot;</code> broadcasts the message in quotes and tells people it will be down in 5minutes - <code>halt</code> on most systems, will drop the system into single user mode - <code>poweroff</code> &quot;on fire&quot; graceless exit. Sends HW signal to kill power - <code>reboot</code> essentially 'shutdown -r' - <code>reboot -f</code> graceless restart exit, Sends HW signal to reboot F. <code>init</code> relies on a series of programs or scripts to change run-state of machine and to start/stop linux services - <code>init 0</code> - shuts the machine down - <code>init 6</code> - reboots the machine - <code>init S</code> - initializes system boot</li></ol>
 
###Man pages and getting help
 
# displays the manual pages for any packages on the system
# typing <code>[/]</code> will allow you to search through the page
# allows you to move via <code>[spacebar]</code> or <code>[pgup/pgdn]</code>
# <code>man</code> is broken up into seperate chapters: <code>man 5</code> would show chapter 5
## executable programs and shell
## system calls
## library calls
## device calls
## file formats
## games
## misc. (macro packages)
## sys admin commands
## kernel routines
# <code>man -k *</code> : to find any pages matching <code>*</code>
# most programs also allow for <code>--help</code> or <code>-?</code> to be passed for a quick rundown on commands and usage
 
###Unix filesystem permissions
 
<ol>
<li>filesystem permissions saved as a series of 3 bit numbers</li>
<li>format: <code>d,rwx,rwx,rwx</code> for read-write-execute
a. <code>d</code> - denotes a Directory or file
b. first triad is for the User of the file
c. second triad is for Group members of the file
d. third triad is for Everyone else</li>
<li>Read-write-execute for files
a. '''Read''' allows the file to be opened
b. '''Write''' allows for the file to be edited
c. '''Execute''' allows for the file to run as a program</li>
<li>Read-write-execute for directories
a. '''Read''' allows for the directory to view filenames in the directory
b. '''Write''' allows files to be added or deleted from a dir
c. '''Execute''' allows the directory to be visited, &quot;permission to traverse through&quot;; must have this to execute programs within a directory</li>
<li><code>chmod</code> changes file and directory permissions
a. two modes for chmod 1. '''symbolic mode''' <code>chmod {u,g,o}[+,-,=]{r,w,x}</code> 2. absolute mode - chmod 777 /path/to/file` * 0 no permissions * 1 execute * 2 write * 4 read F. chown - change file owner and group 1. chown user /foo - changes foo's owner to user 2. chown root:root /foo - changes foo's owner to root, also changes foo's group to root G. echo - displays any text you enter after the command 1. primarially used in shell scripts or 'programs' that utilize a combination of of built-in commands, variables, and executables to complete tasks 2. variables reached from echo by invoking the variable name as $NAME
#Input Redirection and Utils</li></ol>
 
###Redirection symbols
 
# prog &gt; - redirects std output to the file, truncating and rewriting
# prog 2&gt; - redirect std error to the file, truncating and rewriting
# &amp;&gt; - redirects both std output and error to file
# <code>&gt;&gt;</code> - non-destructively appends to end of file rather than rewriting
# <code>- &quot;backtick&quot; process commands in the middle of another command a. A tool similar to xargs b. text within backticks are treated as a separate command line who's results are substituted on this command line c. things inside of backticks are attempted to be used as a command d. example: rm</code> find / - user darren `
# $() - is used like a backtick; more resistant to weird syntax
 
###Piping data between programs
 
<ol>
<li>programs on a UNIX system frequently use pipes to redirect each other's output.</li>
<li>for instance you might use a text-filtering command on output from a file reading command.</li>
<li>allows small programs to operate on a flow of information in a row</li>
<li>| - this is an unnamed pipe</li>
<li>mkfifo - allows for the creation of named pipes
a. <code>mkfifo fifo1</code>
b. <code>ls -l &gt; fifo1</code>
c. <code>cat &lt; fifo1</code></li>
<li>tee - read from standard input and write to standard output and files
a. splits standard input so that is it is both displayed via standard output and also captured to one of more files
b. allows for logging and redirection while the process is also shown on screen
c. overwrites to a file as per '&gt;' by default rather than like '&gt;&gt;'
d. example - echo $PATH | tee file1 file2 - file1, file2, and stdoutput all have same information</li>
<li>find - searches for files in directory hierarchy</li>
<li>xargs - builds a command from standard input, using command name and arguments to that command and then executes the command on each line of standard input
a. example: find / - user darren | xargs -d %\n rm</li>
<li>file - returns the type of file and metadata information regarding files</li>
<li>join - combines two text files by matching the contents of specified fields
a. by default, join uses spaces as the limiters (unless -t CHAR is given)
b. example: join -1 3 -2 2 - this joins the third field of the first file and the second field of the second file</li>
<li>paste A. Paste is like cat rotated 90 degrees. When operating on multiple files, it will merge the lines of the files.</li>
<li>expand - converts tabs to spaces A. by default assumes you want 8 spaces per tab; -t changes B. unexpand - converts spaces to tabs</li>
<li>od - dump files into octal and other formats A. default usage is dumping binary file into octal binary format B. -x for 2byte hex output</li>
<li>sort - sorts lines of text files A. writes sorted concatenation of all files as output B. by default, uses first column C. Important options 1. -f : ignore case 2. -m : sort by three digit month abbreviation; ex, jan 3. -n : numeric sort 4. -v : sort by versio 5. -h : compare human readable numbers 6. -r : reverses the sort 7. -R : sorts randomly but groups like files 8. -d : dictionary-order 9. -k : sort via key, sorts by a field number, can be comma-seperated listq D. the opposite of this is 'shuf'</li>
<li>split - splits a file into 2 or more files A. needs to have an output file prefix B. where do you want to split 1. -b : size in bytes 2. -l : lines C. example: split -l 2 listening1.txt numbers -&gt; output is: 'numbersaa' and 'numbersab' D. by default: splits every 10,000 lines</li>
<li>tr - trnaslate or delete characters A. changes individual characters coming in through standard input and outputs via standard output B. options 1. [:lower:] - all lower case chars 2. [:upper:] - all upper case chars 3. [::]</li>
<li>cut - extracts portions of lines of input and prints out as output A. used to remove items within lines, delimited by spaces or tabs B. options 1. -b : cuts the specified list by byte 2. -c : cuts the specified characters 3. -f : cuts specified list of fields from input 4. -d : specifies the delimiter for fields C. EXAMPLE: cut -f 7 -d : /etc/passwd</li>
<li>uniq - take an input list and report or omit repeated lines A. only if they are next to each other, so you have to sort first B. EXAMPLE: cut -f 7 -d : /etc/passwd | sort | uniq</li></ol>


<span id="c-programs-and-makefiles"></span>
<span id="c-programs-and-makefiles"></span>
===C++ programs and Makefiles===
=== C++ programs and Makefiles ===


#Basic C++ program with input and output
# Basic C++ program with input and output


<pre>int main (int args, char * argv[]){
<pre>int main (int args, char * argv[]){
Line 164: Line 273:
}
}
// outputs every character given to it</pre>
// outputs every character given to it</pre>
<ol start="2" style="list-style-type: decimal;">
# Let's write a less good version of grep called greb:
<li>Let’s write a less good version of grep called greb:</li></ol>


<pre>#include &lt;iostream&gt;
<pre>#include &lt;iostream&gt;
Line 197: Line 305:
}
}
</pre>
</pre>
<ol start="3" style="list-style-type: decimal;">
# Make A. Allows for automatic configuration and creation of usable binararies from OOP files, and can be used to install and uninstall programs B. Allows for the creation of archives of source code that build as packages into useful code C. typically named 'makefile'
<li>Make A. Allows for automatic configuration and creation of usable binararies from OOP files, and can be used to install and uninstall programs B. Allows for the creation of archives of source code that build as packages into useful code C. typically named ‘makefile’</li> </ol>


<pre># set a variables for the compiler
<pre># set a variables for the compiler
Line 235: Line 342:
cp $&lt; $(DESTDIR)$(PREFIX)/bin/$&lt;</pre>
cp $&lt; $(DESTDIR)$(PREFIX)/bin/$&lt;</pre>
<span id="tar-and-packaging"></span>
<span id="tar-and-packaging"></span>
=== Tar and Packaging===
=== Tar and Packaging ===


#tar A. the name ‘tar’ comes from its original purpose: Tape ARchive B. you can bundle files as .tar, ‘tarballs’, which contain a series of file entries and terminating bytes between files C. each entry has a file descriptor and the binary contents of the file D. file descriptor, or header, contains the name of a file, a checksum of that file, and permissions data E. does not compress data, but instead keeps it in one file F. tar options: -c: Creates a tar archive -v: Verbose output -x: eXtract from a tar archive -f: specify a Filename -A: Appends two archives together -M: create or extract a multivolume archive -j: specify bzip2 compression -J: specify xz compression -z: specify gzip compression –lzma: specify lzma compression -t: Test an archive
# tar A. the name 'tar' comes from its original purpose: Tape ARchive B. you can bundle files as .tar, 'tarballs', which contain a series of file entries and terminating bytes between files C. each entry has a file descriptor and the binary contents of the file D. file descriptor, or header, contains the name of a file, a checksum of that file, and permissions data E. does not compress data, but instead keeps it in one file F. tar options: -c: Creates a tar archive -v: Verbose output -x: eXtract from a tar archive -f: specify a Filename -A: Appends two archives together -M: create or extract a multivolume archive -j: specify bzip2 compression -J: specify xz compression -z: specify gzip compression --lzma: specify lzma compression -t: Test an archive


<span id="more-unix-commands"></span>
<span id="more-unix-commands"></span>
===More Unix Commands===
=== More Unix Commands ===


#fmt - format A. some files have crazy long lines of text B. reformats to a certain -width C. by default, truncates after 75 characters and cleans up paragraphs D. anything with 2+ blankline removed, and adds indention E. -s : prevents truncation of paragraphs
# fmt - format A. some files have crazy long lines of text B. reformats to a certain -width C. by default, truncates after 75 characters and cleans up paragraphs D. anything with 2+ blankline removed, and adds indention E. -s : prevents truncation of paragraphs
#nl - line number A. nl does count whitespace by default B. identical to cat -b (but not cat -n)
# nl - line number A. nl does count whitespace by default B. identical to cat -b (but not cat -n)
#pr - prepare a file for printing A. includes header, footer, and page breaks B. create colummns: pr -3 file.txt C. -l sets the length of lines D. -o choose the header text
# pr - prepare a file for printing A. includes header, footer, and page breaks B. create colummns: pr -3 file.txt C. -l sets the length of lines D. -o choose the header text
#regular expressions - sed and awk A. simliar to wildcard expansion: ex; ls ''.txt B. grep and sed are two examples of regEx programs C. unix system programs have two different forms of regular expressions: basic and extended D. types of expresssions: 1. exact text match: grep “blah” returns all lines with “blah” 2. bracketed expressions: b[aeiou]g - returns bag, beg, big, bog, bug 3. bracketed with range: a[2-4]z - returns a2z, a3z, a4z 4. matching single char: a.z (allows for anything between a and z) 5. matching begin/end of line: ^ beginning, $ end 6. any of these can be combined with the wildcard: '' ex: A.* Lincoln (with 0 or more occurances of a pattern.) ex: A[ae]* Lincoln (with 0 or more occurances of a-e after A. 7. matching at least one of: + symbol ex. A[ae]+ Lincoln - returns at least Aa or Ae Lincoln 8. multiple possibilities or: | needs to be set up with ex. ‘Darren (F|Fredrick) Seifert’ 9. grep -E invokes regex functionality
# regular expressions - sed and awk A. simliar to wildcard expansion: ex; ls ''.txt B. grep and sed are two examples of regEx programs C. unix system programs have two different forms of regular expressions: basic and extended D. types of expresssions: 1. exact text match: grep &quot;blah&quot; returns all lines with &quot;blah&quot; 2. bracketed expressions: b[aeiou]g - returns bag, beg, big, bog, bug 3. bracketed with range: a[2-4]z - returns a2z, a3z, a4z 4. matching single char: a.z (allows for anything between a and z) 5. matching begin/end of line: ^ beginning, $ end 6. any of these can be combined with the wildcard: '' ex: A.* Lincoln (with 0 or more occurances of a pattern.) ex: A[ae]* Lincoln (with 0 or more occurances of a-e after A. 7. matching at least one of: + symbol ex. A[ae]+ Lincoln - returns at least Aa or Ae Lincoln 8. multiple possibilities or: | needs to be set up with ' ex. 'Darren (F|Fredrick) Seifert' 9. grep -E invokes regex functionality


<span id="shell-scripting"></span>
<span id="shell-scripting"></span>
===Shell Scripting===
=== Shell Scripting ===


#The first line of a shell script tells which program to use to interpret the contents: #!/bin/bash or another shell A. the first two characters are (#!) are special code to tell the kernel this is a script - crunchbang, shebang, hashbang, poundbang B. the remaining lines beginning with # are considered comments <code># this is a comment</code>
# The first line of a shell script tells which program to use to interpret the contents: #!/bin/bash or another shell A. the first two characters are (#!) are special code to tell the kernel this is a script - crunchbang, shebang, hashbang, poundbang B. the remaining lines beginning with # are considered comments <code># this is a comment</code>
#Classic Hello World
# Classic Hello World


<pre># hello.sh
<pre># hello.sh
Line 257: Line 364:
# Print out hello world
# Print out hello world
echo 'Hello World!'</pre>
echo 'Hello World!'</pre>
<ol start="3" style="list-style-type: decimal;">
# When you want to run a shell script, it needs to be made executable before it is an executable file: '# chmod u+x ./file.sh'
<li>When you want to run a shell script, it needs to be made executable before it is an executable file: # chmod u+x ./file.sh’</li>
# Can be invoked with ./file.sh
<li>Can be invoked with ./file.sh</li>
# Alternative routes: A. bash file.sh works whether or not #!/bin/bash or chmod +x has been given B. exec file.sh is used to run scripts from within other scripts and to stop the tty instance after it is done (used to run scripts within scripts)
<li>Alternative routes: A. bash file.sh works whether or not #!/bin/bash or chmod +x has been given B. exec file.sh is used to run scripts from within other scripts and to stop the tty instance after it is done (used to run scripts within scripts)</li>
# Passing Parameters A. much like C++ programs, bash scripts can be passed parameters B. accessing these, the dollar sign is used, much like PHP or Perl, to call the number of the parameter 1. $0 - the name of the running script itself 2. $1 - the first parameter 3. and so on... 4. $? - returns the exit status of the last run command 5. $$ - returns the process ID (PID) of the current script 6. $USER - returns the username of the user running the script 7. $SECONDS - returns the runtime of the current script 8. $RANDOM - generates a random number (int 0 - 32000) 9. $LINENO - current line of script C. creation of new variables 1. variablename=value # no spaces ever 2. if you do want spaces, they must be escaped by quotes 3. double quotes recommended for variable substitution later 4. for instance varname=&quot;value $1&quot; allows for insertion of other variables into variables whereas varname='value $1' will not work D. saving output into variables 1. output from programs can be saved into a variable 2. example: curdir=$(pwd) will run pwd and return the standard output as a variable 3. if you want to capture the standard error for a command, it can be saved as <code>error=$(&lt;/tmp/error)</code> 4. alternative use: curdir=<code>pwd</code> note the backtics
<li>Passing Parameters A. much like C++ programs, bash scripts can be passed parameters B. accessing these, the dollar sign is used, much like PHP or Perl, to call the number of the parameter 1. $0 - the name of the running script itself 2. $1 - the first parameter 3. and so on… 4. $? - returns the exit status of the last run command 5. $$ - returns the process ID (PID) of the current script 6. $USER - returns the username of the user running the script 7. $SECONDS - returns the runtime of the current script 8. $RANDOM - generates a random number (int 0 - 32000) 9. $LINENO - current line of script C. creation of new variables 1. variablename=value # no spaces ever 2. if you do want spaces, they must be escaped by quotes 3. double quotes recommended for variable substitution later 4. for instance varname=“value $1” allows for insertion of other variables into variables whereas varname=’value <math display="inline">1' will not work D. saving output into variables 1. output from programs can be saved into a variable 2. example: curdir=</math>(pwd) will run pwd and return the standard output as a variable 3. if you want to capture the standard error for a command, it can be saved as <code>error=$(&lt;/tmp/error)</code> 4. alternative use: curdir=<code>pwd</code> note the backtics</li></ol>


<pre># foo.sh
<pre># foo.sh
Line 270: Line 376:
echo &quot;Details for $2&quot;
echo &quot;Details for $2&quot;
ls -l $2</pre>
ls -l $2</pre>
*handling user input and output can use ‘echo’ to create interactive scripts:
* handling user input and output can use 'echo' to create interactive scripts:


<pre># plususer.sh
<pre># plususer.sh
Line 279: Line 385:
echo $username
echo $username
read -sp 'Password:' password # -s stealth</pre>
read -sp 'Password:' password # -s stealth</pre>
*scripts can also handle files as standard input like other commands
* scripts can also handle files as standard input like other commands


<pre># salesreport.sh
<pre># salesreport.sh
Line 286: Line 392:
echo Data Summary:
echo Data Summary:
cat /dev/stdin | cut -d ' ' -F2,3 | sort</pre>
cat /dev/stdin | cut -d ' ' -F2,3 | sort</pre>
*variables can be made global via export
* variables can be made global via export


<pre># script.sh
<pre># script.sh
Line 303: Line 409:
echo $0 :: var1 : $var1 , var2 : $var2</pre>
echo $0 :: var1 : $var1 , var2 : $var2</pre>
<span id="sed---stream-editor"></span>
<span id="sed---stream-editor"></span>
===Sed - Stream EDitor===  
=== Sed - Stream EDitor ===


#the sed command uses regular expressions to modify stdin and sends the changes to stdout
<ol>
#usage : <code>sed [options] script.txt [inputfile]</code>
<li>the sed command uses regular expressions to modify stdin and sends the changes to stdout</li>
#some of the commands that can be used in the script portion  
<li>usage : <code>sed [options] script.txt [inputfile]</code></li>
#* <code>=</code> - display the current line number
<li>some of the commands that can be used in the script portion
#*<code>a\text</code> - append text to file
<ul>
#*<code>i\text</code> - insert text to file
<li><code>=</code> - display the current line number</li>
#*<code>r file</code> - append text from filename into the file
<li><code>a\text</code> - append text to file</li>
#*<code>c\text</code> - replace the selected range with the text
<li><code>i\text</code> - insert text to file</li>
#* <code>s/2012/2013/</code> - replace the first occurrence of 2012 on first occurrence on each line
<li><code>r file</code> - append text from filename into the file</li>
#* <code>s/2012/2013/g</code> - replace ’’ ’’ every occurrence on each line
<li><code>c\text</code> - replace the selected range with the text</li>
#examples
<li><code>s/2012/2013/</code> - replace the first occurrence of 2012 on first occurrence on each line</li>
#*<code>sed 's/Nick\|nick/Gary/g' &lt; salaryprojections.txt</code>
<li><code>s/2012/2013/g</code> - replace '' '' every occurrence on each line</li></ul>
#*^ this would replace any ‘Nick’ or ‘nick’ with ‘Gary’ at all points in the file
</li>
#*standard replace format: <code>sed 's/^/    /' file.txt &gt; file.new.txt</code> ### Examining Processes
<li>examples
#<code>ps</code> command
<ul>
#*The internal Unix command for process control is <code>ps</code>
<li><p><code>sed 's/Nick\|nick/Gary/g' &lt; salaryprojections.txt</code></p></li>
#*By default, <code>ps</code> reports back what is happening inside of the current terminal/tty;
<li><p>^ this would replace any 'Nick' or 'nick' with 'Gary' at all points in the file</p></li>
#* shows <code>PID</code>, <code>TTY</code>, <code>TIME</code>, and <code>CMD</code>
<li><p>standard replace format: <code>sed 's/^/    /' file.txt &gt; file.new.txt</code></p>
#**<code>PID</code> is the Process ID number for a running program
<span id="examining-processes"></span>
#**<code>TTY</code> is the Teletypewriter device which the process runs from; reports stdout and stderr to this by default
=== Examining Processes ===
#**TIME is the cumulative processor time used by the program on Linux
</li></ul>
#*<code>ps</code> supports traditional Unix options and GNU flags, which can be somewhat confusing
</li>
#*Options for ps
<li><code>ps</code> command
#**Display all processes running <code>ps -A/-e</code> both cause all processes on the system to be listed and output is identical
<ul>
#** Display processes belonging to a specific user: <code>ps -u user</code>
<li>The internal Unix command for process control is <code>ps</code></li>
#**Display extra fields as a “full format” <code>ps -f</code> can be combined with other options
<li>By default, <code>ps</code> reports back what is happening inside of the current terminal/tty;</li>
#***<code>UID</code> User ID shows the username of the user running the command
<li>shows <code>PID</code>, <code>TTY</code>, <code>TIME</code>, and <code>CMD</code>
#***<code>PPID</code> parent process ID, the process ID of the process that spawned the process
<ul>
#***<code>C</code> processor utilization as % of usage over the lifetime of the process
<li><code>PID</code> is the Process ID number for a running program</li>
#***<code>STIME</code> start time of the process as per system time (only in 24h clock format if current day; otherwise uses MMDD format)
<li><code>TTY</code> is the Teletypewriter device which the process runs from; reports stdout and stderr to this by default</li>
#**Display long format <code>ps -l</code>
<li>TIME is the cumulative processor time used by the program on Linux</li></ul>
#***<code>F</code> Flags field
</li>
#****<code>0</code> = no special flags for this process
<li><code>ps</code> supports traditional Unix options and GNU flags, which can be somewhat confusing</li>
#****<code>1</code> = forked process, but did not call exec
<li>Options for ps
#****<code>4</code> = executable was executed with superuser privileges
<ul>
#***<code>S</code> State codes
<li>Display all processes running <code>ps -A/-e</code> both cause all processes on the system to be listed and output is identical</li>
#****<code>D</code> Uninterruptible sleep (usually IO)
<li>Display processes belonging to a specific user: <code>ps -u user</code></li>
#****<code>R</code> Running or runnable (on run queue)
<li>Display extra fields as a “full format” <code>ps -f</code> can be combined with other options
#****<code>S</code> interruptible Sleep (waiting for an event to complete)
<ul>
#****<code>T</code> Stopped, either by a job control signal or because it is being traced.
<li><code>UID</code> User ID shows the username of the user running the command</li>
#****<code>X</code> dead (should never be seen)
<li><code>PPID</code> parent process ID, the process ID of the process that spawned the process</li>
#****<code>Z</code> Defunct (“zombie”) process, terminated but not reaped by its parent.
<li><code>C</code> processor utilization as % of usage over the lifetime of the process</li>
#*** <code>UID</code> uses system number rather than human readable name
<li><code>STIME</code> start time of the process as per system time (only in 24h clock format if current day; otherwise uses MMDD format)</li></ul>
#***<code>PRI</code> Priority is used by the kernel, rather than in userspace, to determine the next in queue for processing
</li>
#***<code>NI</code> Niceness of a process describes how accommodating a process is to sharing time on the system.
<li>Display long format <code>ps -l</code>
#**** This number ranges from +19 to -20, with 0 as the default.
<ul>
#**** In the scheduling system, niceness is used to determine how much processing to give to each process when it asks for it.
<li><code>F</code> Flags field
#***<code>ADDR</code> the memory address of the process
<ul>
#***<code>SZ</code> the size of the image in pages
<li><code>0</code> = no special flags for this process</li>
#****how much virtual memory is in use by the process.
<li><code>1</code> = forked process, but did not call exec</li>
#****Includes text, data, and stack space
<li><code>4</code> = executable was executed with superuser privileges</li></ul>
#****page size is a kernel variable and can be read by <code>getconf PAGE_SIZE</code>
</li>
#***<code>WCHAN</code> address of where a function is sleeping (only kernel functions)
<li><code>S</code> State codes
#***<code>RSS</code> amount of physical memory in use
<ul>
#*User-oriented format <code>ps -u</code> displays information in a more readable manner
<li><code>D</code> Uninterruptible sleep (usually IO)</li>
#**<code>%CPU</code> percent of processor time used by process divided by real time
<li><code>R</code> Running or runnable (on run queue)</li>
#**<code>%MEM</code> actual percentage of non-reserved physical RAM
<li><code>S</code> interruptible Sleep (waiting for an event to complete)</li>
#**<code>VSIZE</code> virtual memory size used
<li><code>T</code> Stopped, either by a job control signal or because it is being traced.</li>
#*Virtual memory format <code>ps -v</code> displays information including number of:
<li><code>X</code> dead (should never be seen)</li>
#**<code>MAJFL</code> major page faults of the process, indicating times it has used swap space
<li><code>Z</code> Defunct (“zombie”) process, terminated but not reaped by its parent.</li></ul>
#**<code>TRS</code> physical memory devoted to stack
</li>
#**<code>DRS</code> physical memory devoted to non-executable code
<li><code>UID</code> uses system number rather than human readable name</li>
#* Recieve a process hierarchy <code>ps -AH</code> see parent-child relationships visually
<li><code>PRI</code> Priority is used by the kernel, rather than in userspace, to determine the next in queue for processing</li>
#*Choose your own adventure mode <code>ps -o uid,pid,ppid,command</code>
<li><code>NI</code> Niceness of a process describes how accommodating a process is to sharing time on the system.
#**this command used to determine certain columns
<ul>
#*Piping ps can be piped as per normal to other programs:
<li>This number ranges from +19 to -20, with 0 as the default.</li>
#**Ex; <code>ps -u darseife \| grep bash</code>
<li>In the scheduling system, niceness is used to determine how much processing to give to each process when it asks for it.</li></ul>
#**<code>pgrep</code> is a common utility that behaves similarly to the previous command
</li>
#<code>top</code>
<li><code>ADDR</code> the memory address of the process</li>
#*<code>top</code> is used to view processes as they execute in real time
<li><code>SZ</code> the size of the image in pages
#**<code>-d</code> used to choose update frequency in seconds
<ul>
#**<code>-p</code> pid to monitor specifically
<li>how much virtual memory is in use by the process.</li>
#**<code>-n</code> run for N iterations
<li>Includes text, data, and stack space</li>
#**<code>-r</code> command to renice a process within top
<li>page size is a kernel variable and can be read by <code>getconf PAGE_SIZE</code></li></ul>
#**<code>-s</code> to change the update rate within top
</li>
#*<code>htop</code> can also be used as a next generation to top
<li><code>WCHAN</code> address of where a function is sleeping (only kernel functions)</li>
#<code>nice</code> and <code>renice</code>
<li><code>RSS</code> amount of physical memory in use</li></ul>
#*The <code>nice</code> command is used to run a command with an adjusted niceness
</li></ul>
#**generally can’t give negative values to programs without superuser access
</li>
#**<code>nice -n 12 ./script.sh</code> will add 12 to the default priority (0)
<li>User-oriented format <code>ps -u</code> displays information in a more readable manner
#*<code>renice</code> is used to adjust niceness of running processes.
<ul>
#**<code>renice 0 -p 2772 3562</code> renices the processes 2772 and 3562 to 0
<li><code>%CPU</code> percent of processor time used by process divided by real time</li>
#**<code>renice 1 -u darseife</code> renices the processes of user darsiefe to 1
<li><code>%MEM</code> actual percentage of non-reserved physical RAM</li>
#Killing processes
<li><code>VSIZE</code> virtual memory size used</li></ul>
##<code>kill</code>
</li>
##*stopping a process currently running <code>-kill -s signal PID</code>
<li>Virtual memory format <code>ps -v</code> displays information including number of:
##** <code>PID</code> PID by default, kill sends a signal to a number of process IDs
<ul>
##**signal 1 is <code>SIGHUP</code> terminates interactive programs and causes daemons to reread config files
<li><code>MAJFL</code> major page faults of the process, indicating times it has used swap space</li>
##** signal 9 is <code>SIGKILL</code> stops all processes without performing a graceful exit or shutdown
<li><code>TRS</code> physical memory devoted to stack</li>
##**signal 15 is <code>SIGTERM</code> asks the process to terminate and to close out open files, run its shutdown script, etc.
<li><code>DRS</code> physical memory devoted to non-executable code</li></ul>
##*<code>kill</code> will only kill processes owned by the user, unless run with superuser access
</li>
##<code>killall</code>
<li>Recieve a process hierarchy <code>ps -AH</code> see parent-child relationships visually</li>
##*kill multiple things
<li>Choose your own adventure mode <code>ps -o uid,pid,ppid,command</code>
##*<code>killall vi</code> kills all running instances of vi for the user; when run as a superuser, this will kill any running instance of vi
<ul>
##* <code>killall -s 9 vi</code> kills all running instances of vi for the user by sending the <code>SIGKILL</code> signal to it; when run as a superuser, this will kill any running instance of vi.
<li>this command used to determine certain columns</li></ul>
##*<code>killall -i vi</code> uses interactive mode to ask which processes to kill
</li>
##*if you are running killall as root, try to use -i to prevent loss of other people’s work
<li>Piping ps can be piped as per normal to other programs:
#Additional process control
<ul>
#*If you are running a program inside of a terminal, <code>[Ctrl + Z]</code> will pause and go to background
<li>Ex; <code>ps -u darseife \| grep bash</code></li>
#**To restart the process, run the command <code>fg</code> in the same terminal
<li><code>pgrep</code> is a common utility that behaves similarly to the previous command</li></ul>
#** With multiple processes paused, <code>fg 1</code> or <code>fg 2</code> will bring back process 1 or 2
</li></ul>
#*Processes can be started in the background with &amp; at the end of the line; unlike paused processes, these will continue to run.
</li>
<li><code>top</code>
<ul>
<li><code>top</code> is used to view processes as they execute in real time
<ul>
<li><code>-d</code> used to choose update frequency in seconds</li>
<li><code>-p</code> pid to monitor specifically</li>
<li><code>-n</code> run for N iterations</li>
<li><code>-r</code> command to renice a process within top</li>
<li><code>-s</code> to change the update rate within top</li></ul>
</li>
<li><code>htop</code> can also be used as a next generation to top</li></ul>
</li>
<li><code>nice</code> and <code>renice</code>
<ul>
<li>The <code>nice</code> command is used to run a command with an adjusted niceness
<ul>
<li>generally can’t give negative values to programs without superuser access</li>
<li><code>nice -n 12 ./script.sh</code> will add 12 to the default priority (0)</li></ul>
</li>
<li><code>renice</code> is used to adjust niceness of running processes.
<ul>
<li><code>renice 0 -p 2772 3562</code> renices the processes 2772 and 3562 to 0</li>
<li><code>renice 1 -u darseife</code> renices the processes of user darsiefe to 1</li></ul>
</li></ul>
</li>
<li>Killing processes
<ol>
<li><code>kill</code>
<ul>
<li>stopping a process currently running <code>-kill -s signal PID</code>
<ul>
<li><code>PID</code> PID by default, kill sends a signal to a number of process IDs</li>
<li>signal 1 is <code>SIGHUP</code> terminates interactive programs and causes daemons to reread config files</li>
<li>signal 9 is <code>SIGKILL</code> stops all processes without performing a graceful exit or shutdown</li>
<li>signal 15 is <code>SIGTERM</code> asks the process to terminate and to close out open files, run its shutdown script, etc.</li></ul>
</li>
<li><code>kill</code> will only kill processes owned by the user, unless run with superuser access</li></ul>
</li>
<li><code>killall</code>
<ul>
<li>kill multiple things</li>
<li><code>killall vi</code> kills all running instances of vi for the user; when run as a superuser, this will kill any running instance of vi</li>
<li><code>killall -s 9 vi</code> kills all running instances of vi for the user by sending the <code>SIGKILL</code> signal to it; when run as a superuser, this will kill any running instance of vi.</li>
<li><code>killall -i vi</code> uses interactive mode to ask which processes to kill</li>
<li>if you are running killall as root, try to use -i to prevent loss of other people’s work</li></ul>
</li></ol>
</li>
<li>Additional process control
<ul>
<li>If you are running a program inside of a terminal, <code>[Ctrl + Z]</code> will pause and go to background
<ul>
<li>To restart the process, run the command <code>fg</code> in the same terminal</li>
<li>With multiple processes paused, <code>fg 1</code> or <code>fg 2</code> will bring back process 1 or 2</li></ul>
</li>
<li>Processes can be started in the background with &amp; at the end of the line; unlike paused processes, these will continue to run.</li></ul>
</li></ol>


<span id="linux-time-and-scheduling"></span>
<span id="linux-time-and-scheduling"></span>
=== Linux Time and Scheduling===
=== Linux Time and Scheduling ===


#Overview
# Overview
#*Computer systems in general rely on a pair of clocks to operate
#* Computer systems in general rely on a pair of clocks to operate
#*Two clocks
#* Two clocks
#**'''Hardware clock''' - initialized in BIOS/UEFI and kept updated via battery while computer is off
#** '''Hardware clock''' - initialized in BIOS/UEFI and kept updated via battery while computer is off
#**'''Software clock''' - initialized at boot from BIOS/UEFI time, and is used to track time while running
#** '''Software clock''' - initialized at boot from BIOS/UEFI time, and is used to track time while running
#* Typically, the clock of the computer is set using coordinated universal time (UTC)
#* Typically, the clock of the computer is set using coordinated universal time (UTC)
#**adjusted for use based on timezones and localization settings like DST before entering userspace
#** adjusted for use based on timezones and localization settings like DST before entering userspace
#*Both the hardware clock and the software clock are not terribly reliable and tends to drift over time
#* Both the hardware clock and the software clock are not terribly reliable and tends to drift over time
#*This can be a problem on x86_64 systems in general because many network services rely on accurate timekeeping
#* This can be a problem on x86_64 systems in general because many network services rely on accurate timekeeping
#*This is made worse when having hundreds or thousands of servers requesting time from a single source could be bad
#* This is made worse when having hundreds or thousands of servers requesting time from a single source could be bad
#Unix Time Commands
# Unix Time Commands
#*<code>date</code> outputs the current software clock time
#* <code>date</code> outputs the current software clock time
#*<code>date -u</code> outputs the UTC time
#* <code>date -u</code> outputs the UTC time
#*<code>date 102715022019</code> sets the time to exactly Oct 27, 15:02, 2019 in local time
#* <code>date 102715022019</code> sets the time to exactly Oct 27, 15:02, 2019 in local time
#* <code>hwclock</code> used to retrieve the value of the hardware clock; must be done as root
#* <code>hwclock</code> used to retrieve the value of the hardware clock; must be done as root
#*setting the hardware clock
#* setting the hardware clock
#** <code>hwclock --set--date 102715022019</code> is a manual set
#** <code>hwclock --set--date 102715022019</code> is a manual set
#**<code>hwclock -hctosys</code> set the hardware clock to the system clock
#** <code>hwclock -hctosys</code> set the hardware clock to the system clock
#**<code>hwclock --synctohc</code> synchronizes system clock to hardware
#** <code>hwclock --synctohc</code> synchronizes system clock to hardware
#*these are called by daemons and init on startup and shutdown
#* these are called by daemons and init on startup and shutdown
#*both the system time and the hardware clock still suck and need a replacement
#* both the system time and the hardware clock still suck and need a replacement
#<code>NTP</code> Network Time Protocol
# <code>NTP</code> Network Time Protocol
#*NTP relies on a tree of servers (each level is called a stratum) from a hardware atomic clock server
#* NTP relies on a tree of servers (each level is called a stratum) from a hardware atomic clock server
#*The further down the tree you are the less accurate the time is.
#* The further down the tree you are the less accurate the time is.
#*One NTP server requesting time from a center will exchange packet via timestamp and the delay between communications is estimated
#* One NTP server requesting time from a center will exchange packet via timestamp and the delay between communications is estimated
#*It is best to pick NTP servers with a short delay
#* It is best to pick NTP servers with a short delay
#*Typically, a cluster of computer is requested from a local time server, which in turn is the only computer requesting times outside of the network
#* Typically, a cluster of computer is requested from a local time server, which in turn is the only computer requesting times outside of the network
#<code>timesyncd</code>
# <code>timesyncd</code>
#*Traditionally, <code>ntpd</code> is the daemon that has provided client time synchronization
#* Traditionally, <code>ntpd</code> is the daemon that has provided client time synchronization
#* Newer versions of Ubuntu use a service called <code>timesyncd</code>
#* Newer versions of Ubuntu use a service called <code>timesyncd</code>
#**uses a slightly different protocol than NTP, called <code>SNTP</code> (simplified network time protocol)
#** uses a slightly different protocol than NTP, called <code>SNTP</code> (simplified network time protocol)
#**configuration information is at <code>/etc/systemd/timesyncd.conf</code>
#** configuration information is at <code>/etc/systemd/timesyncd.conf</code>
#**<code>timedatectl</code> is a way to view the current SNTP settings
#** <code>timedatectl</code> is a way to view the current SNTP settings
#*also more information related to this accessible with <code>sudo systemctl status systemd-timesyncd</code>
#* also more information related to this accessible with <code>sudo systemctl status systemd-timesyncd</code>
#Running jobs in the future: <code>cron</code>
# Running jobs in the future: <code>cron</code>
#*<code>cron</code> like timesyncd or ntpd, cron is a daemon that runs continuously and looks for events to cause it to spring into action
#* <code>cron</code> like timesyncd or ntpd, cron is a daemon that runs continuously and looks for events to cause it to spring into action
#*Most daemons are network services, but cron responds to temporal events
#* Most daemons are network services, but cron responds to temporal events
#*A cron daemon wakes up once per minute, and examines its config files in:
#* A cron daemon wakes up once per minute, and examines its config files in:
#**<code>/var/spool/cron/</code>
#** <code>/var/spool/cron/</code>
#**<code>/etc/cron.d/</code>
#** <code>/etc/cron.d/</code>
#**<code>/etc/crontab</code>
#** <code>/etc/crontab</code>
#*Executes command specified:
#* Executes command specified:
#**System jobs - run as root, and perform system maintenance tasks (rotate logs, clean out <code>/tmp</code>, remove old files, update system)
#** System jobs - run as root, and perform system maintenance tasks (rotate logs, clean out <code>/tmp</code>, remove old files, update system)
#**User jobs - run jobs in the future for users
#** User jobs - run jobs in the future for users
#*<code>/etc/crontab</code>
#* <code>/etc/crontab</code>
#** System cronjobs are controlled by this file
#** System cronjobs are controlled by this file
#**Normally, begins with environment variable configuration, then several lines like:
#** Normally, begins with environment variable configuration, then several lines like:
#***On a typical system <code>02 4 * * * root run-parts /etc/cron.daily</code>
#*** On a typical system <code>02 4 * * * root run-parts /etc/cron.daily</code>
#***On Ubuntu Desktop <code>25 6 * * * root test -x /usr/sbin/anacron || cd / &amp;&amp; run-parts --report /etc/cron.daily</code>
#*** On Ubuntu Desktop <code>25 6 * * * root test -x /usr/sbin/anacron || cd / &amp;&amp; run-parts --report /etc/cron.daily</code>
#**Fields for cron, in order
#** Fields for cron, in order
#**#the minute of the hour
#**# the minute of the hour
#**#the hour of the day
#**# the hour of the day
#**#day of the month
#**# day of the month
#**#month of the year
#**# month of the year
#**#day of the week
#**# day of the week
#** different scripts for items are run from:
#** different scripts for items are run from:
#***<code>/etc/cron.daily</code>
#*** <code>/etc/cron.daily</code>
#***<code>/etc/cron.weekly</code>
#*** <code>/etc/cron.weekly</code>
#***<code>/etc/cron.monthly</code>
#*** <code>/etc/cron.monthly</code>
#<code>anacron</code> a specific implementation of cron
# <code>anacron</code> a specific implementation of cron
#*<code>anacron</code> is not intended to be a replacement for cron, it is a supplement
#* <code>anacron</code> is not intended to be a replacement for cron, it is a supplement
#*cron works great on systems that are ''always on''
#* cron works great on systems that are ''always on''
#* <code>anacron</code> is smart in that it can tell if things are run
#* <code>anacron</code> is smart in that it can tell if things are run
#**if things are missed, it plays catchup
#** if things are missed, it plays catchup
#**light-night log rotation, for example, might never run
#** light-night log rotation, for example, might never run
#**anacron is intended to address this
#** anacron is intended to address this
#***when run it checks to see when it last executed each program
#*** when run it checks to see when it last executed each program
#***if a period greater than the programs interval has passed, the program gets run by anacron
#*** if a period greater than the programs interval has passed, the program gets run by anacron
#** config file <code>/etc/anacrontab</code>
#** config file <code>/etc/anacrontab</code>
#***format: <code>1 5 cron.daily run-parts --report /etc/cron.daily</code>
#*** format: <code>1 5 cron.daily run-parts --report /etc/cron.daily</code>
#****first column: delay in minutes
#**** first column: delay in minutes
#****second column: frequency in days
#**** second column: frequency in days
#<code>crontab</code> edit cronjobs for users
# <code>crontab</code> edit cronjobs for users
#*cron jobs for the system are under <code>/etc/</code> but user ones are kept in <code>/var</code>
#* cron jobs for the system are under <code>/etc/</code> but user ones are kept in <code>/var</code>
#*<code>crontab -e</code> edit your user cronfile
#* <code>crontab -e</code> edit your user cronfile
#*root can edit other users with <code>crontab -u username -e</code>
#* root can edit other users with <code>crontab -u username -e</code>
#*<code>/etc/cron.allow</code> and <code>/etc/cron.deny</code> exist for whitelisting or blacklisting users from using <code>cron</code>
#* <code>/etc/cron.allow</code> and <code>/etc/cron.deny</code> exist for whitelisting or blacklisting users from using <code>cron</code>
#**an empty <code>/etc/cron.deny</code> allows ALL USERS if present
#** an empty <code>/etc/cron.deny</code> allows ALL USERS if present
#**an empty <code>/etc/cron.allow</code> blocks ALL USERS if present
#** an empty <code>/etc/cron.allow</code> blocks ALL USERS if present
#*if neither of these exist, then only root may use <code>cron</code>
#* if neither of these exist, then only root may use <code>cron</code>
#<code>at</code> a handy simple task timer
# <code>at</code> a handy simple task timer
#*cron and anacron can be overkill for simple tasks that need to be done once
#* cron and anacron can be overkill for simple tasks that need to be done once
#*example:
#* example:
#**<code>at 5am Oct 31</code>
#** <code>at 5am Oct 31</code>
#**<code>at&gt; /home/darren/run-backup.sh</code>
#** <code>at&gt; /home/darren/run-backup.sh</code>
#**<code>at&gt; echo &quot;job done&quot;</code>
#** <code>at&gt; echo &quot;job done&quot;</code>
#**<code>at&gt; mail -s &quot;backup job finished&quot; root</code>
#** <code>at&gt; mail -s &quot;backup job finished&quot; root</code>
#**<code>at&gt;</code> '''ctrl+d''' to finish
#** <code>at&gt;</code> '''ctrl+d''' to finish
#*<code>at now +1 hour</code> will run 1 hour from now relative to current system time
#* <code>at now +1 hour</code> will run 1 hour from now relative to current system time
#* other examples:
#* other examples:
#*#<code>at midnight</code>
#*# <code>at midnight</code>
#*# <code>at noon</code>
#*# <code>at noon</code>
#*#<code>at teatime</code>
#*# <code>at teatime</code>
#* <code>aterm</code> to remove an upcoming command
#* <code>aterm</code> to remove an upcoming command
#* <code>atq</code> used to list pending commands
#* <code>atq</code> used to list pending commands


<span id="log-files"></span>
<span id="log-files"></span>
===Log Files===
=== Log Files ===


#Intro
# Intro
#*Linux machines log files that record key details about system operation and are typically stored in <code>/var/log</code>
#* Linux machines log files that record key details about system operation and are typically stored in <code>/var/log</code>
#*Logging on Linux system is generally performed by the syslog daemon, <code>syslogd</code>  
#* Logging on Linux system is generally performed by the syslog daemon, <code>syslogd</code>
#**However, some daemons and programs perform logging independently of syslog
#** However, some daemons and programs perform logging independently of syslog
#*Logging on Linux can be done locally to the computer, but in a networked environment, logs may be sent to a central logging server and by email
#* Logging on Linux can be done locally to the computer, but in a networked environment, logs may be sent to a central logging server and by email
#*Logging is a security action and is typically a part of the system worth hardening because it is exploitable by an attacker to hide their break-in
#* Logging is a security action and is typically a part of the system worth hardening because it is exploitable by an attacker to hide their break-in
#* Logs should be rotated, aka moved out of the system, to prevent <code>/var/log</code> from being filled completely
#* Logs should be rotated, aka moved out of the system, to prevent <code>/var/log</code> from being filled completely
#<code>syslog</code>
# <code>syslog</code>
#*The basic idea of a system logger is to provide a unified means of a handling log files
#* The basic idea of a system logger is to provide a unified means of a handling log files
#*The daemon runs in the background and and accepts data delivered from servers and other programs
#* The daemon runs in the background and and accepts data delivered from servers and other programs
#*Once the log daemon receives a message, it is classified and directed to an appropriate file
#* Once the log daemon receives a message, it is classified and directed to an appropriate file
#*<code>syslogd</code> might be managing several services at the same time and providing different rule-based logging based on priority of the messages received
#* <code>syslogd</code> might be managing several services at the same time and providing different rule-based logging based on priority of the messages received
#*<code>syslogd</code> relies on the config file <code>/etc/syslog.conf</code>
#* <code>syslogd</code> relies on the config file <code>/etc/syslog.conf</code>
#**Ubuntu uses <code>/etc/rsyslog.conf</code> for rocket-fast syslog
#** Ubuntu uses <code>/etc/rsyslog.conf</code> for rocket-fast syslog
#**the configuration file supports a ruleset, located at <code>/etc/rsyslog.d/</code> or <code>/etc/syslog.d/</code> respectively
#** the configuration file supports a ruleset, located at <code>/etc/rsyslog.d/</code> or <code>/etc/syslog.d/</code> respectively
#**standard logging is done by daemon, with the format <code>facility.priority action</code>
#** standard logging is done by daemon, with the format <code>facility.priority action</code>
#***example: <code>mail.* /var/log/mail.log</code>
#*** example: <code>mail.* /var/log/mail.log</code>
#**facility parameter is the name of the type of program the daemon that generates messages to be logged  
#** facility parameter is the name of the type of program the daemon that generates messages to be logged
#**#<code>auth/priv</code> security messages
#**# <code>auth/priv</code> security messages
#**#<code>cron</code> from the cron daemon
#**# <code>cron</code> from the cron daemon
#**#<code>daemon</code> catch-all for various systems servers
#**# <code>daemon</code> catch-all for various systems servers
#**#<code>kern</code> kernel messages
#**# <code>kern</code> kernel messages
#**#<code>lpr</code> printer and CUPS messages
#**# <code>lpr</code> printer and CUPS messages
#**#<code>mail</code> mail subsystems
#**# <code>mail</code> mail subsystems
#**#<code>news</code> oldschool newsgroups
#**# <code>news</code> oldschool newsgroups
#**#<code>syslog</code> internally generated messages
#**# <code>syslog</code> internally generated messages
#**#<code>uucp</code> unix-to-unix copy daemon
#**# <code>uucp</code> unix-to-unix copy daemon
#**#<code>local[0-7]</code> predefined facilities for custom configurations
#**# <code>local[0-7]</code> predefined facilities for custom configurations
#** priority parameters include:
#** priority parameters include:
#*** <code>deb</code> debugging messages
#*** <code>deb</code> debugging messages
#*** <code>info</code> normal operations
#*** <code>info</code> normal operations
#*** <code>notice</code> abnormalities that do not effect functionality
#*** <code>notice</code> abnormalities that do not effect functionality
#***<code>warn</code> tells that an error will occur is action is not taken
#*** <code>warn</code> tells that an error will occur is action is not taken
#***<code>err</code> standard error for the daemon, non-urgent failure of the daemon causing an error message
#*** <code>err</code> standard error for the daemon, non-urgent failure of the daemon causing an error message
#***<code>crit</code> critical error causing a secondary system to fail urgently
#*** <code>crit</code> critical error causing a secondary system to fail urgently
#***<code>alert</code> critical error causing a primary system to fail urgently
#*** <code>alert</code> critical error causing a primary system to fail urgently
#***<code>emerg</code> Panic message - system unusable
#*** <code>emerg</code> Panic message - system unusable
#**the action parameter is a file or location on the network that will accept the message  
#** the action parameter is a file or location on the network that will accept the message
#***could be a file in <code>/var/log</code>
#*** could be a file in <code>/var/log</code>
#***could also be a tty: <code>/dev/tty8</code>
#*** could also be a tty: <code>/dev/tty8</code>
#***could also be a computer on the network: <code>@logger.ndus.edu</code>
#*** could also be a computer on the network: <code>@logger.ndus.edu</code>
#*When a program sends a message to the system logger, it includes the priority: the message is only logged if it is of a certain level or higher
#* When a program sends a message to the system logger, it includes the priority: the message is only logged if it is of a certain level or higher
#**Exceptions:
#** Exceptions:
#***<code>*</code> all codes
#*** <code>*</code> all codes
#***= <code>(mail.=crit)</code> applies to this priority only
#*** = <code>(mail.=crit)</code> applies to this priority only
#**You can also specify multiple facilities with the same priority by using a comma
#** You can also specify multiple facilities with the same priority by using a comma
#**Multiple facilities separated by commas followed by a priority all follow the same priority
#** Multiple facilities separated by commas followed by a priority all follow the same priority
#**A semicolon is used to specify a number of logging priorities <code>kern.info;kern.err</code> everything between info and error
#** A semicolon is used to specify a number of logging priorities <code>kern.info;kern.err</code> everything between info and error
#<code>logger</code> - logging something else
# <code>logger</code> - logging something else
#*The <code>logger</code> command allows a user to log something else other than established facilities
#* The <code>logger</code> command allows a user to log something else other than established facilities
#*<code>logger shutting down for system maintenance</code>
#* <code>logger shutting down for system maintenance</code>
#**will log to <code>/var/log/syslog</code> as <code>Nov 6 15:50:00 darseife-virtualbox darseife: shutting down for system maintenance</code>
#** will log to <code>/var/log/syslog</code> as <code>Nov 6 15:50:00 darseife-virtualbox darseife: shutting down for system maintenance</code>
#*<code>-i</code> records the PID of the logger process when run (useful when run from script)
#* <code>-i</code> records the PID of the logger process when run (useful when run from script)
#*<code>-s</code> print the log message to standard error in addition to logging
#* <code>-s</code> print the log message to standard error in addition to logging
#* <code>-f /foo</code> logs to <code>/foo</code> instead of the system log
#* <code>-f /foo</code> logs to <code>/foo</code> instead of the system log
#*<code>-p</code> specify both a facility and a priority for the system log message; <code>-p local3.info</code>
#* <code>-p</code> specify both a facility and a priority for the system log message; <code>-p local3.info</code>


<span id="firewalling"></span>
<span id="firewalling"></span>
===Firewalling===
=== Firewalling ===


#TCP Wrappers
# TCP Wrappers
#*TCP wrappers depend on two config files to work properly; these are <code>/etc/hosts.allow</code> and <code>/etc/hosts.deny</code>
#* TCP wrappers depend on two config files to work properly; these are <code>/etc/hosts.allow</code> and <code>/etc/hosts.deny</code>
#*the most common config for these is default <code>deny</code>
#* the most common config for these is default <code>deny</code>
#**<code>ALL:ALL</code> in <code>/etc/hosts.deny</code>
#** <code>ALL:ALL</code> in <code>/etc/hosts.deny</code>
#**<code>ALL:127.0 [::1]</code> in <code>/etc/hosts.allow</code>
#** <code>ALL:127.0 [::1]</code> in <code>/etc/hosts.allow</code>
#**specific services from a specific host enabled as the form <code>sshd:192.168.X.Y</code> in <code>/etc/hosts.allow</code>
#** specific services from a specific host enabled as the form <code>sshd:192.168.X.Y</code> in <code>/etc/hosts.allow</code>
#**all services from a domain as <code>ALL:.minotstateu.edu</code> in <code>/etc/hosts.allow</code>
#** all services from a domain as <code>ALL:.minotstateu.edu</code> in <code>/etc/hosts.allow</code>
#*Also used is specific allow
#* Also used is specific allow
#**nothing is listed in <code>/etc/hosts.allow</code>
#** nothing is listed in <code>/etc/hosts.allow</code>
#**specifically removed IP addresses in the form <code>ALL:165.234.X.Y</code> in <code>/etc/hosts.deny</code>
#** specifically removed IP addresses in the form <code>ALL:165.234.X.Y</code> in <code>/etc/hosts.deny</code>
#* Secondary service-level blocking can be used to apply rules to services in the form <code>/etc/sshd.hosts</code>
#* Secondary service-level blocking can be used to apply rules to services in the form <code>/etc/sshd.hosts</code>
#<code>iptables</code>
# <code>iptables</code>
#*<code>iptables</code> is the kernel level netfilter firewall
#* <code>iptables</code> is the kernel level netfilter firewall
#*<code>iptables -L</code> lists the current ruleset
#* <code>iptables -L</code> lists the current ruleset
#*<code>iptables -A</code> is used to APPEND new rules to a chain (takes a chain name)
#* <code>iptables -A</code> is used to APPEND new rules to a chain (takes a chain name)
#*<code>iptables -I</code> inserts a rule (takes a chain name and a position)
#* <code>iptables -I</code> inserts a rule (takes a chain name and a position)
#**example <code>iptables -A INPUT -ptcp -dport ssh -j ACCEPT</code>
#** example <code>iptables -A INPUT -ptcp -dport ssh -j ACCEPT</code>
#*rule options
#* rule options
#**<code>-p</code> the protocol used
#** <code>-p</code> the protocol used
#**<code>-d</code> the destination port, can accept a range of port
#** <code>-d</code> the destination port, can accept a range of port
#**<code>-j</code> the action to take, includes ACCEPT, DENY, DROP
#** <code>-j</code> the action to take, includes ACCEPT, DENY, DROP
#**<code>-s</code> specify a source address, can be either <code>192.168.0.1</code> or <code>192.168.0.0/24</code>
#** <code>-s</code> specify a source address, can be either <code>192.168.0.1</code> or <code>192.168.0.0/24</code>
#**<code>-m</code> require the rule to match a specific property
#** <code>-m</code> require the rule to match a specific property
#***ex <code>iptables -m conntrack</code> allows filter rule to match based on connection state
#*** ex <code>iptables -m conntrack</code> allows filter rule to match based on connection state
#**<code>--ctstate</code> define a list of connection states for the rule to match on
#** <code>--ctstate</code> define a list of connection states for the rule to match on
#**#NEW - new connections
#**# NEW - new connections
#**#RELATED - new but related to a previous on
#**# RELATED - new but related to a previous on
#**#ESTABLISHED - a preexisting connection already in progress
#**# ESTABLISHED - a preexisting connection already in progress
#**# INVALID - any malformed traffic or unidentified traffic
#**# INVALID - any malformed traffic or unidentified traffic
#**<code>-j</code> tells iptable what to do with the packet given the rule
#** <code>-j</code> tells iptable what to do with the packet given the rule
#***ACCEPT - routes as normal as per IP header
#*** ACCEPT - routes as normal as per IP header
#***DROP - kills the packet without giving reply
#*** DROP - kills the packet without giving reply
#***REJECT - sends an explicit error message
#*** REJECT - sends an explicit error message
# Uncomplicated Firewall (ufw)
# Uncomplicated Firewall (ufw)
#*<code>ufw enable</code> to turn on ufw
#* <code>ufw enable</code> to turn on ufw
#*<code>ufw disable</code> to turn off ufw
#* <code>ufw disable</code> to turn off ufw
#*<code>ufw status</code> view current rules for ufw
#* <code>ufw status</code> view current rules for ufw
#*<code>ufw status verbose</code> reports logging level + access levels for each rule
#* <code>ufw status verbose</code> reports logging level + access levels for each rule
#* <code>ufw allow 80/tcp</code> sets a rule to allow tcp packets on port 80
#* <code>ufw allow 80/tcp</code> sets a rule to allow tcp packets on port 80
#*<code>ufw deny 22/udp</code> sets a rule to reject udp packets on port 22
#* <code>ufw deny 22/udp</code> sets a rule to reject udp packets on port 22
#*<code>ufw deny ssh</code> sets a rule to reject all ssh protocol packets
#* <code>ufw deny ssh</code> sets a rule to reject all ssh protocol packets
#*<code>ufw allow 6000-6007/tcp</code> sets a rule with a range to allow tcp packets from 6000-6007
#* <code>ufw allow 6000-6007/tcp</code> sets a rule with a range to allow tcp packets from 6000-6007
#*<code>ufw allow from 15.15.15.1 to any</code> sets a rule allowing all traffic from 15.15.15.1
#* <code>ufw allow from 15.15.15.1 to any</code> sets a rule allowing all traffic from 15.15.15.1
#*<code>ufw status numbered</code> returns a numbered list of rules in the set
#* <code>ufw status numbered</code> returns a numbered list of rules in the set
#*<code>ufw delete 2</code> removes rule number 2 in a list
#* <code>ufw delete 2</code> removes rule number 2 in a list
#*<code>ufw logging {on/off}</code> turns the logging on or off; usually caught by syslogd/rsyslog; logging is set to <code>low</code> by default
#* <code>ufw logging {on/off}</code> turns the logging on or off; usually caught by syslogd/rsyslog; logging is set to <code>low</code> by default
#* <code>ufw logging {low/medium/high/full</code> sets logging verbosity of ufw;
#* <code>ufw logging {low/medium/high/full</code> sets logging verbosity of ufw;
#**note that logging is rate limited at <code>medium</code> and not rate limited at <code>high</code>
#** note that logging is rate limited at <code>medium</code> and not rate limited at <code>high</code>


<span id="bootinitialization"></span>
<span id="bootinitialization"></span>
===Boot/Initialization===
=== Boot/Initialization ===


# Slackware - SysV Init
# Slackware - SysV Init
#*System 5 style rc script via <code>init</code>
#* System 5 style rc script via <code>init</code>
#*<code>PID 1</code> = <code>init</code> which is the process that starts all other processes when the system boots
#* <code>PID 1</code> = <code>init</code> which is the process that starts all other processes when the system boots
#* <code>init</code> is responsible for processing <code>/etc/inittab</code> to see how to start the system and at what runlevel
#* <code>init</code> is responsible for processing <code>/etc/inittab</code> to see how to start the system and at what runlevel
#*Things <code>init</code> does
#* Things <code>init</code> does
#**Runs the script <code>/etc/rc.d/rc.s</code> to determine to prepare the system before loading to the desired runlevel
#** Runs the script <code>/etc/rc.d/rc.s</code> to determine to prepare the system before loading to the desired runlevel
#**Enables virtual memory for the system and mounts filesystems in <code>/etc/fstab</code>
#** Enables virtual memory for the system and mounts filesystems in <code>/etc/fstab</code>
#**Loads kernel modules
#** Loads kernel modules
#**Near the end of the script <code>rc.s</code>, init will run scripts related to the runlevel the system is entering -for example, <code>rc3.d</code> is run at runlevel 3
#** Near the end of the script <code>rc.s</code>, init will run scripts related to the runlevel the system is entering -for example, <code>rc3.d</code> is run at runlevel 3
#SystemD
# SystemD
#*Ubuntu, CentOS, RedHat, and others have moved from SysV init process to the SystemD initialization process
#* Ubuntu, CentOS, RedHat, and others have moved from SysV init process to the SystemD initialization process
#*Rather than running many shell scripts during init, the systemD process uses one monolithic program to control startup of services
#* Rather than running many shell scripts during init, the systemD process uses one monolithic program to control startup of services
#*The way the services are started are controlled by a configuration file
#* The way the services are started are controlled by a configuration file
#*systemd uses ''units'' and ''targets'' rather than scripts and runlevels  
#* systemd uses ''units'' and ''targets'' rather than scripts and runlevels
#**there are 11 different types of units:
#** there are 11 different types of units:
#***<code>mount</code> unit defines a mountpoint on the system named with the mount path with slashes replaced as dashes
#*** <code>mount</code> unit defines a mountpoint on the system named with the mount path with slashes replaced as dashes
#***<code>swapspace</code>
#*** <code>swapspace</code>
#***<code>device</code> a device in the linux device tree
#*** <code>device</code> a device in the linux device tree
#***<code>socket</code> fifo pipe to an internet port with an associated service
#*** <code>socket</code> fifo pipe to an internet port with an associated service
#*** <code>service</code> a service or application on the system
#*** <code>service</code> a service or application on the system
#**targets are used to stop and start the service and group units together
#** targets are used to stop and start the service and group units together
#**systemd identifies units by name and type
#** systemd identifies units by name and type
#***example ssh could have an ssh.service and an ssh.socket
#*** example ssh could have an ssh.service and an ssh.socket
#*<code>systemctl</code> - can list current units loaded on the system
#* <code>systemctl</code> - can list current units loaded on the system
#*config files - <code>/lib/systemd/system</code>
#* config files - <code>/lib/systemd/system</code>
#*modify how a unit functions - <code>/etc/systemd/system</code>
#* modify how a unit functions - <code>/etc/systemd/system</code>

Revision as of 18:03, 21 October 2022

  1. Introduction to Unix

Syllabus

  1. Recommended course material:
    • Unix and Linux System Administration 5th Edition - Evi Nemeth, et al.
    • CompTIA Linux+ Study Guide 4th Edition - Chritine Bresnahan and Richard Blum
  2. Objectives a. Shell scripting, input redirection, and C++/C code in a GNU/Linux environment b. understanding of Linux file system including permissions c. understanding of command and how to intermingle them to achieve more complex goals d. basic system architecture, installation process, and management of Linux/Unix
  3. General notes a. Learning to use Bash scripting and vi/neovim essential to professional usage of Linux in real life b. Any commands discussed in class can be looked up via 'man'
    1. History
      1. What is Unix?
  1. Bell System a. Dates back to late 1960s, Originally developed by Ken Thompson and Dennis Ritchie of Bell Labs b. Ritchie described the initial goal as to create a good environment in which to: - do programming and development - foster communal computing through remote access and close communication c. Unix originally written in assembly, but was later re-written in C in 1972 d. first public releases in 1973, at Symposium on Operating Systems Principles; early source code sent by standard mail e. 1975, Version 6 of Unix was licensed to companies for the first time. However, commercial users were rare. Licensees only recieved source code from AT&T. f. Also in 1975, Ken Thompson takes a sabbatical from Bell Labs as a professor at UC Berkeley. Creates BSD: The Berkeley System Distribution of Unix 4.2. - includes C-shell and vi editor for first time g. 1983: Bell broken into several companies in anti-trust suit against AT&T. h. AT&T new restrictive license almost kills commercial Unix. By 1991, BSD had grown to a complete rewrite of AT&T Unix and comes with BSD license. i. BSD survives today as: FreeBSD, OpenBSD, NetBSD, etc. Additionally, Darwin kernel of Mac OSX continues as a form of Unix.
  2. GNU Project into Linux a. Around 1983, Richard Stallman creates GNU project b. Stallman's GNU system goal was to create a 'free' system of software that had many of other capabilities of the commercial tools that many Unix also had c. By 1985, Stallman had founded the Free Software Foundation to raise funds to develop free versions of all the components of the Unix syste, under GNU GPL d. In 1991, Linus Torvalds began the development of a new free OS based on the MINIX operation system and SunOS. The 21 year old puts together the kernel. e. As the kernel for the GNU project was still very much in development, the two projects became a natural fit. f. To this day, Stallman insists that Linux is GNU/Linux due to the large reliance on GNU toolchain
  1. Introduction to Red Hat Enterprise Linux
      1. Package Manager - YUM
  1. stands for YellowDog Updater Modified
  2. provides a set of tools for retrieving software from the internet using subscriptions to an update server
  3. utilizes .rpm software to install packages for management
  4. creates an Enterprise Linux environment
    • cons: less software options overall
    • pro: all available software is tested and works without additional configuration
  5. yum has an additional, alternative wrapper program dnf to improve output and ease of use
    • stands for DaNdified YUM
    • commands in the format sudo dnf [verb] [objects]
    • -y flag gives YES as passed option for less attended installation
  6. command commands
    • sudo dnf -y install [package_name] install a particular package and dependencies
    • sudo dnf -y update update all packages
  1. Introduction to Ubuntu
      1. Package Manager - APT
  1. stands for Advanced Package Manager
  2. Ubuntu's set of tools to install packages and keep them up to date
  3. utilizes .deb software packages for management
  4. keep in mind this package management system is far from standard a. RPM is Linux Standard Base b. Many commerical Unixes have their own package managers c. when all else fails, a tarball (.tar) fille can be used to build from source
  5. Commands a. apt-get update synchronizes the index of packages to your system b. apt-get upgrade downloads and installs new versions of all currently installed packages in place, based on the index c. apt-get dist-upgrade downloads and installs new versions, and moves the system up to the next version, based on the index d. sudo was originally "superuserdo", now works to substitute - users and run programs as that user. /etc/sudoers controls this behavior. e. sudo apt-get install foo : installs package named foo f. sudo apt-get remove bar : removes a package named bar, but not the config files g. sudo apt-get purge bar : removes a package named bar, and removes config files 8. sudo apt-get source * : gets the source code for a package 9. sudo apt-get clean : removes downloaded packages (.deb files) used to install

Filesystem

  1. Directories a. first and bottom of the directory of the file structure tree is called root / b. /root in addition, there is a file directory, within the root directory called /root ("slash root"), which acts as root's home directory c. /home normal users' directories d. /boot contains the boot directory, including kernel, initial RAMdisk, and bootloader e. /dev lists all devices of the computer f. /etc configuration files for nearly all programs that need a state g. /tmp temporary files for the system h. /var variable-length files used by programs - /var/spool old-school webmail location - /var/www location of http server files i. /usr files available to users, including binaries for daily user tasks in /usr/bin j. /sbin binaries used only by root k. /bin binaries for the system everyone needs to use
  2. Commands a. cd change directories b. ~ alias used to shortcut the current user directory c. Ctrl+R search history of commands in bash; also available as output from history d. !! runs the previous command e. ls list in the contents of current directory f. .: the current directory g. .. : go up one directory#User and Group Configuration

useradd/usermod

  1. useradd and usermod do much the same thing
    • -c allows to add comments
    • -d allows to change user home directory
    • -e expiration date - date an account will expire (in YYYYMMDD format), kept in /etc/shadow
    • -f specify how many days the account can be inactive before password expires, kept in /etc/shadow
    • -g specify default group of the user
    • -G append a list of additional groups for the user
    • -l(usermod only) changes a user login ex: usermod -l darren darseife
    • -u uid
    • -s specifies login shell
    • -p specify pre-hashed password
    • -L (usermod only) locks the user's password so it cannot be entered directly (best used with -e, as well)
    • -U will unlock a user's password
      1. passwd command revisited
  1. sudo passwd darseife change the password of darseife
  2. passwd can also be used to lock and unlock accounts a. passwd -l will lock the account's password b. a locked password will always be input incorrectly c. does not necessarily lock user out of the account d. puts an ! at the beginning of the password field in /etc/shadow e. crypt, the algorithm used to implement ciphers, cannot generate an !so the password hash is disabled f. passwd -u would unlock the account's password g. passwd -d removes the password of the account h. passwd -S displays account information: - last password change - password expires - password inactive - account expires - minimum days between password change - maximum days before password change - warn period before changes
      1. chage
  1. The chage command allows you to modify account settings related to password expiration and aging
  2. chage can also be used to configure accounts to automatically expire if:
    • the password hasn't been changed
    • or a date has been passed
  3. chage -l print expiration settings of an account
  4. chage -m DAYS username to set the minimum time between password changes
  5. chage -M DAYS username to set the maximum time between password changes
  6. chage -d YYYYMMDD username update the last day YYYY-MM-DD on which to change the password
  7. chage -E YYYYMMDD username set the expiration date as YYYY-MM-DD on which username's account expires
    • setting the number to -1 will make it never expire
  8. chage -I DAYS username will lock the account password after number of days inactive
  9. chage -W DAYS username number of days the user will be warned before their account is made inactive
  10. All of these settings are stored in /etc/shadow
      1. userdel
  1. userdel username deletes users
  2. userdel -r username deletes the user, their mail spool, their home directory, and everything in it
  3. userdel -f username deletes the user right now even if they are logged in
      1. groupadd and groupmod
  1. groupaddadd a group to a system
  2. groupadd -r used to create a system group, creating a GUID above 1000
  3. groupmod change a group
  4. groupmod -n change a group name
      1. gpasswd - group password
  1. gpasswd groupname sets password for a group; it is most common to not have a group password
  2. gpasswd -R restricts access to users logging in with password via newgrp
      1. getent - get entities
  1. can be used to view individual records in /etc/passwd, and other files
  2. useful for getting exact matches for items
  3. getent password username - get passwd information for user
  4. getent shadow username - get shadow information for user
  5. getent group groupname - get group information for user#The *nix CLI
        1. The Shell explained
  6. A shell is a command interpreter where the user interacts with the system via command line interface (CLI)
  7. Different shells currently in-use A. Bourne-Again SHell - located at /bin/bash is the main shell and is used was a default on most Linux systems B. sh - The Bourne Shell, old school version does not require any libraries. Rarely seen as a user-interface shell; typically a symbolic link to another shell binary. Created by Stephen Bourne, first included in Unix V7 C. tcsh Tee Shell. Based on the earlier C-shell from Unix. Has some additional features built into it. D. csh C-shell, a BSD component not often seen on Linux. Created by Bill Joy at UC Berkeley. E. ksh Korn shell from Bell Labs in the 1980s. The idea was to incorporate features from the Bourne Shell along with C-programming syntax. F. zsh 1990s, incorporates additional ideas into ksh.
  8. Built-in Commands A. cd changes directory - cd ~ or cd /home/user are equivalent B. ls - lists files in a directory - default behavior just lists files - -a lists all files including hidden ones - -l long format - -d just directories - -F uses a special character to rep filetypes - -R recursive listing C. Single characters are substituted by ?, wildcards by * D. Exiting the system - exit exits the current shell - logout only works for login shells E. Shutting down the system - shutdown -h now halts the system now - shutdown -r now restarts the system now - shutdown -h +5 " " broadcasts the message in quotes and tells people it will be down in 5minutes - halt on most systems, will drop the system into single user mode - poweroff "on fire" graceless exit. Sends HW signal to kill power - reboot essentially 'shutdown -r' - reboot -f graceless restart exit, Sends HW signal to reboot F. init relies on a series of programs or scripts to change run-state of machine and to start/stop linux services - init 0 - shuts the machine down - init 6 - reboots the machine - init S - initializes system boot
      1. Man pages and getting help
  1. displays the manual pages for any packages on the system
  2. typing [/] will allow you to search through the page
  3. allows you to move via [spacebar] or [pgup/pgdn]
  4. man is broken up into seperate chapters: man 5 would show chapter 5
    1. executable programs and shell
    2. system calls
    3. library calls
    4. device calls
    5. file formats
    6. games
    7. misc. (macro packages)
    8. sys admin commands
    9. kernel routines
  5. man -k * : to find any pages matching *
  6. most programs also allow for --help or -? to be passed for a quick rundown on commands and usage
      1. Unix filesystem permissions
  1. filesystem permissions saved as a series of 3 bit numbers
  2. format: d,rwx,rwx,rwx for read-write-execute a. d - denotes a Directory or file b. first triad is for the User of the file c. second triad is for Group members of the file d. third triad is for Everyone else
  3. Read-write-execute for files a. Read allows the file to be opened b. Write allows for the file to be edited c. Execute allows for the file to run as a program
  4. Read-write-execute for directories a. Read allows for the directory to view filenames in the directory b. Write allows files to be added or deleted from a dir c. Execute allows the directory to be visited, "permission to traverse through"; must have this to execute programs within a directory
  5. chmod changes file and directory permissions a. two modes for chmod 1. symbolic mode chmod {u,g,o}[+,-,=]{r,w,x} 2. absolute mode - chmod 777 /path/to/file` * 0 no permissions * 1 execute * 2 write * 4 read F. chown - change file owner and group 1. chown user /foo - changes foo's owner to user 2. chown root:root /foo - changes foo's owner to root, also changes foo's group to root G. echo - displays any text you enter after the command 1. primarially used in shell scripts or 'programs' that utilize a combination of of built-in commands, variables, and executables to complete tasks 2. variables reached from echo by invoking the variable name as $NAME
    1. Input Redirection and Utils
      1. Redirection symbols
  1. prog > - redirects std output to the file, truncating and rewriting
  2. prog 2> - redirect std error to the file, truncating and rewriting
  3. &> - redirects both std output and error to file
  4. >> - non-destructively appends to end of file rather than rewriting
  5. - "backtick" process commands in the middle of another command a. A tool similar to xargs b. text within backticks are treated as a separate command line who's results are substituted on this command line c. things inside of backticks are attempted to be used as a command d. example: rm find / - user darren `
  6. $() - is used like a backtick; more resistant to weird syntax
      1. Piping data between programs
  1. programs on a UNIX system frequently use pipes to redirect each other's output.
  2. for instance you might use a text-filtering command on output from a file reading command.
  3. allows small programs to operate on a flow of information in a row
  4. | - this is an unnamed pipe
  5. mkfifo - allows for the creation of named pipes a. mkfifo fifo1 b. ls -l > fifo1 c. cat < fifo1
  6. tee - read from standard input and write to standard output and files a. splits standard input so that is it is both displayed via standard output and also captured to one of more files b. allows for logging and redirection while the process is also shown on screen c. overwrites to a file as per '>' by default rather than like '>>' d. example - echo $PATH | tee file1 file2 - file1, file2, and stdoutput all have same information
  7. find - searches for files in directory hierarchy
  8. xargs - builds a command from standard input, using command name and arguments to that command and then executes the command on each line of standard input a. example: find / - user darren | xargs -d %\n rm
  9. file - returns the type of file and metadata information regarding files
  10. join - combines two text files by matching the contents of specified fields a. by default, join uses spaces as the limiters (unless -t CHAR is given) b. example: join -1 3 -2 2 - this joins the third field of the first file and the second field of the second file
  11. paste A. Paste is like cat rotated 90 degrees. When operating on multiple files, it will merge the lines of the files.
  12. expand - converts tabs to spaces A. by default assumes you want 8 spaces per tab; -t changes B. unexpand - converts spaces to tabs
  13. od - dump files into octal and other formats A. default usage is dumping binary file into octal binary format B. -x for 2byte hex output
  14. sort - sorts lines of text files A. writes sorted concatenation of all files as output B. by default, uses first column C. Important options 1. -f : ignore case 2. -m : sort by three digit month abbreviation; ex, jan 3. -n : numeric sort 4. -v : sort by versio 5. -h : compare human readable numbers 6. -r : reverses the sort 7. -R : sorts randomly but groups like files 8. -d : dictionary-order 9. -k : sort via key, sorts by a field number, can be comma-seperated listq D. the opposite of this is 'shuf'
  15. split - splits a file into 2 or more files A. needs to have an output file prefix B. where do you want to split 1. -b : size in bytes 2. -l : lines C. example: split -l 2 listening1.txt numbers -> output is: 'numbersaa' and 'numbersab' D. by default: splits every 10,000 lines
  16. tr - trnaslate or delete characters A. changes individual characters coming in through standard input and outputs via standard output B. options 1. [:lower:] - all lower case chars 2. [:upper:] - all upper case chars 3. [::]
  17. cut - extracts portions of lines of input and prints out as output A. used to remove items within lines, delimited by spaces or tabs B. options 1. -b : cuts the specified list by byte 2. -c : cuts the specified characters 3. -f : cuts specified list of fields from input 4. -d : specifies the delimiter for fields C. EXAMPLE: cut -f 7 -d : /etc/passwd
  18. uniq - take an input list and report or omit repeated lines A. only if they are next to each other, so you have to sort first B. EXAMPLE: cut -f 7 -d : /etc/passwd | sort | uniq

C++ programs and Makefiles

  1. Basic C++ program with input and output
int main (int args, char * argv[]){
	for(int x = 0; x < argv[],x++){
		cout << arv[x] << endl;
	}
return 0;
}
// outputs every character given to it
  1. Let's write a less good version of grep called greb:
#include <iostream>
#include <fstream>
using namespace std;

int main(int argc, char * argv[]) {
	string curLine;
	if (argc == 2){
		while(getline(cin,curLine)) {
			if (curLine.find(argv[1]) != string::npos) {
				cout << curLine << endl;
			}
		}
	}

	else if (argc == 3){
		ifstream inFile(argv[2], ifstream::in);

		while(getline(inFile,curLine)) {
			if (curLine.find(argv[1]) != string::npos) {
				cout << curLine << endl;
			}
		}
	}
	else {
		cerr << "Error: unknown parameters." << endl;
		return 1;
	}
	return 0;
}
  1. Make A. Allows for automatic configuration and creation of usable binararies from OOP files, and can be used to install and uninstall programs B. Allows for the creation of archives of source code that build as packages into useful code C. typically named 'makefile'
# set a variables for the compiler
CC = g++
LC_MESSAGES=C
CFLAGS=-g -Wall

# target name variable
TARGET = greb

# file extension
FILEXT = cpp

# the build target executable => install path of the executable
PREFIX = /usr/local
DESTDIR = /home/bernd/staging/

# basic makefile format
# name of instruction: dependencies
# <tab> command to execute
# the FIRST one you list is the default
$(TARGET): $(TARGET).$(FILEXT)
	$(CC) $(CFLAGS) -o $(TARGET) $(TARGET).$(FILEXT)

.PHONY: all
all: $(TARGET).$(FILEXT)
	$(CC) $(MAKEOPTS) $(CFLAGS) -o $(TARGET) $(TARGET).$(FILEXT)

.PHONY: clean
clean:
	rm $(TARGET)

.PHONY: install
install: $(TARGET)
	mkdir -p $(DESTDIR)$(PREFIX)/bin
	cp $< $(DESTDIR)$(PREFIX)/bin/$<

Tar and Packaging

  1. tar A. the name 'tar' comes from its original purpose: Tape ARchive B. you can bundle files as .tar, 'tarballs', which contain a series of file entries and terminating bytes between files C. each entry has a file descriptor and the binary contents of the file D. file descriptor, or header, contains the name of a file, a checksum of that file, and permissions data E. does not compress data, but instead keeps it in one file F. tar options: -c: Creates a tar archive -v: Verbose output -x: eXtract from a tar archive -f: specify a Filename -A: Appends two archives together -M: create or extract a multivolume archive -j: specify bzip2 compression -J: specify xz compression -z: specify gzip compression --lzma: specify lzma compression -t: Test an archive

More Unix Commands

  1. fmt - format A. some files have crazy long lines of text B. reformats to a certain -width C. by default, truncates after 75 characters and cleans up paragraphs D. anything with 2+ blankline removed, and adds indention E. -s : prevents truncation of paragraphs
  2. nl - line number A. nl does count whitespace by default B. identical to cat -b (but not cat -n)
  3. pr - prepare a file for printing A. includes header, footer, and page breaks B. create colummns: pr -3 file.txt C. -l sets the length of lines D. -o choose the header text
  4. regular expressions - sed and awk A. simliar to wildcard expansion: ex; ls .txt B. grep and sed are two examples of regEx programs C. unix system programs have two different forms of regular expressions: basic and extended D. types of expresssions: 1. exact text match: grep "blah" returns all lines with "blah" 2. bracketed expressions: b[aeiou]g - returns bag, beg, big, bog, bug 3. bracketed with range: a[2-4]z - returns a2z, a3z, a4z 4. matching single char: a.z (allows for anything between a and z) 5. matching begin/end of line: ^ beginning, $ end 6. any of these can be combined with the wildcard: ex: A.* Lincoln (with 0 or more occurances of a pattern.) ex: A[ae]* Lincoln (with 0 or more occurances of a-e after A. 7. matching at least one of: + symbol ex. A[ae]+ Lincoln - returns at least Aa or Ae Lincoln 8. multiple possibilities or: | needs to be set up with ' ex. 'Darren (F|Fredrick) Seifert' 9. grep -E invokes regex functionality

Shell Scripting

  1. The first line of a shell script tells which program to use to interpret the contents: #!/bin/bash or another shell A. the first two characters are (#!) are special code to tell the kernel this is a script - crunchbang, shebang, hashbang, poundbang B. the remaining lines beginning with # are considered comments # this is a comment
  2. Classic Hello World
# hello.sh
#!/bin/bash
# Print out hello world
echo 'Hello World!'
  1. When you want to run a shell script, it needs to be made executable before it is an executable file: '# chmod u+x ./file.sh'
  2. Can be invoked with ./file.sh
  3. Alternative routes: A. bash file.sh works whether or not #!/bin/bash or chmod +x has been given B. exec file.sh is used to run scripts from within other scripts and to stop the tty instance after it is done (used to run scripts within scripts)
  4. Passing Parameters A. much like C++ programs, bash scripts can be passed parameters B. accessing these, the dollar sign is used, much like PHP or Perl, to call the number of the parameter 1. $0 - the name of the running script itself 2. $1 - the first parameter 3. and so on... 4. $? - returns the exit status of the last run command 5. $$ - returns the process ID (PID) of the current script 6. $USER - returns the username of the user running the script 7. $SECONDS - returns the runtime of the current script 8. $RANDOM - generates a random number (int 0 - 32000) 9. $LINENO - current line of script C. creation of new variables 1. variablename=value # no spaces ever 2. if you do want spaces, they must be escaped by quotes 3. double quotes recommended for variable substitution later 4. for instance varname="value $1" allows for insertion of other variables into variables whereas varname='value $1' will not work D. saving output into variables 1. output from programs can be saved into a variable 2. example: curdir=$(pwd) will run pwd and return the standard output as a variable 3. if you want to capture the standard error for a command, it can be saved as error=$(</tmp/error) 4. alternative use: curdir=pwd note the backtics
# foo.sh
#!/bin/bash
# An example script
cp $1 $2
#verify it worked
echo "Details for $2"
ls -l $2
  • handling user input and output can use 'echo' to create interactive scripts:
# plususer.sh
#!/bin/bash
echo -n 'Please enter user name for account:'
read username # this saves the stdin input as username
read -p 'Username' $username # -n no-newline
echo $username
read -sp 'Password:' password # -s stealth
  • scripts can also handle files as standard input like other commands
# salesreport.sh
#!/bin/bash
#a sales report generated from standard input
echo Data Summary:
cat /dev/stdin | cut -d ' ' -F2,3 | sort
  • variables can be made global via export
# script.sh
#!/bin/bash
var1=blah
var2=foo
echo $0 :: var1 : $var1 , var2 : $var2
export var1
exec ./script2
echo $0 :: var1 : $var1 , var2 : $var2
script2.sh
#!/bin/bash
echo $0 :: var1 : $var1 , var2 : $var2
var1=flop
var2=bleh
echo $0 :: var1 : $var1 , var2 : $var2

Sed - Stream EDitor

  1. the sed command uses regular expressions to modify stdin and sends the changes to stdout
  2. usage : sed [options] script.txt [inputfile]
  3. some of the commands that can be used in the script portion
    • = - display the current line number
    • a\text - append text to file
    • i\text - insert text to file
    • r file - append text from filename into the file
    • c\text - replace the selected range with the text
    • s/2012/2013/ - replace the first occurrence of 2012 on first occurrence on each line
    • s/2012/2013/g - replace every occurrence on each line
  4. examples
    • sed 's/Nick\|nick/Gary/g' < salaryprojections.txt

    • ^ this would replace any 'Nick' or 'nick' with 'Gary' at all points in the file

    • standard replace format: sed 's/^/ /' file.txt > file.new.txt

      Examining Processes

  5. ps command
    • The internal Unix command for process control is ps
    • By default, ps reports back what is happening inside of the current terminal/tty;
    • shows PID, TTY, TIME, and CMD
      • PID is the Process ID number for a running program
      • TTY is the Teletypewriter device which the process runs from; reports stdout and stderr to this by default
      • TIME is the cumulative processor time used by the program on Linux
    • ps supports traditional Unix options and GNU flags, which can be somewhat confusing
    • Options for ps
      • Display all processes running ps -A/-e both cause all processes on the system to be listed and output is identical
      • Display processes belonging to a specific user: ps -u user
      • Display extra fields as a “full format” ps -f can be combined with other options
        • UID User ID shows the username of the user running the command
        • PPID parent process ID, the process ID of the process that spawned the process
        • C processor utilization as % of usage over the lifetime of the process
        • STIME start time of the process as per system time (only in 24h clock format if current day; otherwise uses MMDD format)
      • Display long format ps -l
        • F Flags field
          • 0 = no special flags for this process
          • 1 = forked process, but did not call exec
          • 4 = executable was executed with superuser privileges
        • S State codes
          • D Uninterruptible sleep (usually IO)
          • R Running or runnable (on run queue)
          • S interruptible Sleep (waiting for an event to complete)
          • T Stopped, either by a job control signal or because it is being traced.
          • X dead (should never be seen)
          • Z Defunct (“zombie”) process, terminated but not reaped by its parent.
        • UID uses system number rather than human readable name
        • PRI Priority is used by the kernel, rather than in userspace, to determine the next in queue for processing
        • NI Niceness of a process describes how accommodating a process is to sharing time on the system.
          • This number ranges from +19 to -20, with 0 as the default.
          • In the scheduling system, niceness is used to determine how much processing to give to each process when it asks for it.
        • ADDR the memory address of the process
        • SZ the size of the image in pages
          • how much virtual memory is in use by the process.
          • Includes text, data, and stack space
          • page size is a kernel variable and can be read by getconf PAGE_SIZE
        • WCHAN address of where a function is sleeping (only kernel functions)
        • RSS amount of physical memory in use
    • User-oriented format ps -u displays information in a more readable manner
      • %CPU percent of processor time used by process divided by real time
      • %MEM actual percentage of non-reserved physical RAM
      • VSIZE virtual memory size used
    • Virtual memory format ps -v displays information including number of:
      • MAJFL major page faults of the process, indicating times it has used swap space
      • TRS physical memory devoted to stack
      • DRS physical memory devoted to non-executable code
    • Recieve a process hierarchy ps -AH see parent-child relationships visually
    • Choose your own adventure mode ps -o uid,pid,ppid,command
      • this command used to determine certain columns
    • Piping ps can be piped as per normal to other programs:
      • Ex; ps -u darseife \| grep bash
      • pgrep is a common utility that behaves similarly to the previous command
  6. top
    • top is used to view processes as they execute in real time
      • -d used to choose update frequency in seconds
      • -p pid to monitor specifically
      • -n run for N iterations
      • -r command to renice a process within top
      • -s to change the update rate within top
    • htop can also be used as a next generation to top
  7. nice and renice
    • The nice command is used to run a command with an adjusted niceness
      • generally can’t give negative values to programs without superuser access
      • nice -n 12 ./script.sh will add 12 to the default priority (0)
    • renice is used to adjust niceness of running processes.
      • renice 0 -p 2772 3562 renices the processes 2772 and 3562 to 0
      • renice 1 -u darseife renices the processes of user darsiefe to 1
  8. Killing processes
    1. kill
      • stopping a process currently running -kill -s signal PID
        • PID PID by default, kill sends a signal to a number of process IDs
        • signal 1 is SIGHUP terminates interactive programs and causes daemons to reread config files
        • signal 9 is SIGKILL stops all processes without performing a graceful exit or shutdown
        • signal 15 is SIGTERM asks the process to terminate and to close out open files, run its shutdown script, etc.
      • kill will only kill processes owned by the user, unless run with superuser access
    2. killall
      • kill multiple things
      • killall vi kills all running instances of vi for the user; when run as a superuser, this will kill any running instance of vi
      • killall -s 9 vi kills all running instances of vi for the user by sending the SIGKILL signal to it; when run as a superuser, this will kill any running instance of vi.
      • killall -i vi uses interactive mode to ask which processes to kill
      • if you are running killall as root, try to use -i to prevent loss of other people’s work
  9. Additional process control
    • If you are running a program inside of a terminal, [Ctrl + Z] will pause and go to background
      • To restart the process, run the command fg in the same terminal
      • With multiple processes paused, fg 1 or fg 2 will bring back process 1 or 2
    • Processes can be started in the background with & at the end of the line; unlike paused processes, these will continue to run.

Linux Time and Scheduling

  1. Overview
    • Computer systems in general rely on a pair of clocks to operate
    • Two clocks
      • Hardware clock - initialized in BIOS/UEFI and kept updated via battery while computer is off
      • Software clock - initialized at boot from BIOS/UEFI time, and is used to track time while running
    • Typically, the clock of the computer is set using coordinated universal time (UTC)
      • adjusted for use based on timezones and localization settings like DST before entering userspace
    • Both the hardware clock and the software clock are not terribly reliable and tends to drift over time
    • This can be a problem on x86_64 systems in general because many network services rely on accurate timekeeping
    • This is made worse when having hundreds or thousands of servers requesting time from a single source could be bad
  2. Unix Time Commands
    • date outputs the current software clock time
    • date -u outputs the UTC time
    • date 102715022019 sets the time to exactly Oct 27, 15:02, 2019 in local time
    • hwclock used to retrieve the value of the hardware clock; must be done as root
    • setting the hardware clock
      • hwclock --set--date 102715022019 is a manual set
      • hwclock -hctosys set the hardware clock to the system clock
      • hwclock --synctohc synchronizes system clock to hardware
    • these are called by daemons and init on startup and shutdown
    • both the system time and the hardware clock still suck and need a replacement
  3. NTP Network Time Protocol
    • NTP relies on a tree of servers (each level is called a stratum) from a hardware atomic clock server
    • The further down the tree you are the less accurate the time is.
    • One NTP server requesting time from a center will exchange packet via timestamp and the delay between communications is estimated
    • It is best to pick NTP servers with a short delay
    • Typically, a cluster of computer is requested from a local time server, which in turn is the only computer requesting times outside of the network
  4. timesyncd
    • Traditionally, ntpd is the daemon that has provided client time synchronization
    • Newer versions of Ubuntu use a service called timesyncd
      • uses a slightly different protocol than NTP, called SNTP (simplified network time protocol)
      • configuration information is at /etc/systemd/timesyncd.conf
      • timedatectl is a way to view the current SNTP settings
    • also more information related to this accessible with sudo systemctl status systemd-timesyncd
  5. Running jobs in the future: cron
    • cron like timesyncd or ntpd, cron is a daemon that runs continuously and looks for events to cause it to spring into action
    • Most daemons are network services, but cron responds to temporal events
    • A cron daemon wakes up once per minute, and examines its config files in:
      • /var/spool/cron/
      • /etc/cron.d/
      • /etc/crontab
    • Executes command specified:
      • System jobs - run as root, and perform system maintenance tasks (rotate logs, clean out /tmp, remove old files, update system)
      • User jobs - run jobs in the future for users
    • /etc/crontab
      • System cronjobs are controlled by this file
      • Normally, begins with environment variable configuration, then several lines like:
        • On a typical system 02 4 * * * root run-parts /etc/cron.daily
        • On Ubuntu Desktop 25 6 * * * root test -x /usr/sbin/anacron || cd / && run-parts --report /etc/cron.daily
      • Fields for cron, in order
        1. the minute of the hour
        2. the hour of the day
        3. day of the month
        4. month of the year
        5. day of the week
      • different scripts for items are run from:
        • /etc/cron.daily
        • /etc/cron.weekly
        • /etc/cron.monthly
  6. anacron a specific implementation of cron
    • anacron is not intended to be a replacement for cron, it is a supplement
    • cron works great on systems that are always on
    • anacron is smart in that it can tell if things are run
      • if things are missed, it plays catchup
      • light-night log rotation, for example, might never run
      • anacron is intended to address this
        • when run it checks to see when it last executed each program
        • if a period greater than the programs interval has passed, the program gets run by anacron
      • config file /etc/anacrontab
        • format: 1 5 cron.daily run-parts --report /etc/cron.daily
          • first column: delay in minutes
          • second column: frequency in days
  7. crontab edit cronjobs for users
    • cron jobs for the system are under /etc/ but user ones are kept in /var
    • crontab -e edit your user cronfile
    • root can edit other users with crontab -u username -e
    • /etc/cron.allow and /etc/cron.deny exist for whitelisting or blacklisting users from using cron
      • an empty /etc/cron.deny allows ALL USERS if present
      • an empty /etc/cron.allow blocks ALL USERS if present
    • if neither of these exist, then only root may use cron
  8. at a handy simple task timer
    • cron and anacron can be overkill for simple tasks that need to be done once
    • example:
      • at 5am Oct 31
      • at> /home/darren/run-backup.sh
      • at> echo "job done"
      • at> mail -s "backup job finished" root
      • at> ctrl+d to finish
    • at now +1 hour will run 1 hour from now relative to current system time
    • other examples:
      1. at midnight
      2. at noon
      3. at teatime
    • aterm to remove an upcoming command
    • atq used to list pending commands

Log Files

  1. Intro
    • Linux machines log files that record key details about system operation and are typically stored in /var/log
    • Logging on Linux system is generally performed by the syslog daemon, syslogd
      • However, some daemons and programs perform logging independently of syslog
    • Logging on Linux can be done locally to the computer, but in a networked environment, logs may be sent to a central logging server and by email
    • Logging is a security action and is typically a part of the system worth hardening because it is exploitable by an attacker to hide their break-in
    • Logs should be rotated, aka moved out of the system, to prevent /var/log from being filled completely
  2. syslog
    • The basic idea of a system logger is to provide a unified means of a handling log files
    • The daemon runs in the background and and accepts data delivered from servers and other programs
    • Once the log daemon receives a message, it is classified and directed to an appropriate file
    • syslogd might be managing several services at the same time and providing different rule-based logging based on priority of the messages received
    • syslogd relies on the config file /etc/syslog.conf
      • Ubuntu uses /etc/rsyslog.conf for rocket-fast syslog
      • the configuration file supports a ruleset, located at /etc/rsyslog.d/ or /etc/syslog.d/ respectively
      • standard logging is done by daemon, with the format facility.priority action
        • example: mail.* /var/log/mail.log
      • facility parameter is the name of the type of program the daemon that generates messages to be logged
        1. auth/priv security messages
        2. cron from the cron daemon
        3. daemon catch-all for various systems servers
        4. kern kernel messages
        5. lpr printer and CUPS messages
        6. mail mail subsystems
        7. news oldschool newsgroups
        8. syslog internally generated messages
        9. uucp unix-to-unix copy daemon
        10. local[0-7] predefined facilities for custom configurations
      • priority parameters include:
        • deb debugging messages
        • info normal operations
        • notice abnormalities that do not effect functionality
        • warn tells that an error will occur is action is not taken
        • err standard error for the daemon, non-urgent failure of the daemon causing an error message
        • crit critical error causing a secondary system to fail urgently
        • alert critical error causing a primary system to fail urgently
        • emerg Panic message - system unusable
      • the action parameter is a file or location on the network that will accept the message
        • could be a file in /var/log
        • could also be a tty: /dev/tty8
        • could also be a computer on the network: @logger.ndus.edu
    • When a program sends a message to the system logger, it includes the priority: the message is only logged if it is of a certain level or higher
      • Exceptions:
        • * all codes
        • = (mail.=crit) applies to this priority only
      • You can also specify multiple facilities with the same priority by using a comma
      • Multiple facilities separated by commas followed by a priority all follow the same priority
      • A semicolon is used to specify a number of logging priorities kern.info;kern.err everything between info and error
  3. logger - logging something else
    • The logger command allows a user to log something else other than established facilities
    • logger shutting down for system maintenance
      • will log to /var/log/syslog as Nov 6 15:50:00 darseife-virtualbox darseife: shutting down for system maintenance
    • -i records the PID of the logger process when run (useful when run from script)
    • -s print the log message to standard error in addition to logging
    • -f /foo logs to /foo instead of the system log
    • -p specify both a facility and a priority for the system log message; -p local3.info

Firewalling

  1. TCP Wrappers
    • TCP wrappers depend on two config files to work properly; these are /etc/hosts.allow and /etc/hosts.deny
    • the most common config for these is default deny
      • ALL:ALL in /etc/hosts.deny
      • ALL:127.0 [::1] in /etc/hosts.allow
      • specific services from a specific host enabled as the form sshd:192.168.X.Y in /etc/hosts.allow
      • all services from a domain as ALL:.minotstateu.edu in /etc/hosts.allow
    • Also used is specific allow
      • nothing is listed in /etc/hosts.allow
      • specifically removed IP addresses in the form ALL:165.234.X.Y in /etc/hosts.deny
    • Secondary service-level blocking can be used to apply rules to services in the form /etc/sshd.hosts
  2. iptables
    • iptables is the kernel level netfilter firewall
    • iptables -L lists the current ruleset
    • iptables -A is used to APPEND new rules to a chain (takes a chain name)
    • iptables -I inserts a rule (takes a chain name and a position)
      • example iptables -A INPUT -ptcp -dport ssh -j ACCEPT
    • rule options
      • -p the protocol used
      • -d the destination port, can accept a range of port
      • -j the action to take, includes ACCEPT, DENY, DROP
      • -s specify a source address, can be either 192.168.0.1 or 192.168.0.0/24
      • -m require the rule to match a specific property
        • ex iptables -m conntrack allows filter rule to match based on connection state
      • --ctstate define a list of connection states for the rule to match on
        1. NEW - new connections
        2. RELATED - new but related to a previous on
        3. ESTABLISHED - a preexisting connection already in progress
        4. INVALID - any malformed traffic or unidentified traffic
      • -j tells iptable what to do with the packet given the rule
        • ACCEPT - routes as normal as per IP header
        • DROP - kills the packet without giving reply
        • REJECT - sends an explicit error message
  3. Uncomplicated Firewall (ufw)
    • ufw enable to turn on ufw
    • ufw disable to turn off ufw
    • ufw status view current rules for ufw
    • ufw status verbose reports logging level + access levels for each rule
    • ufw allow 80/tcp sets a rule to allow tcp packets on port 80
    • ufw deny 22/udp sets a rule to reject udp packets on port 22
    • ufw deny ssh sets a rule to reject all ssh protocol packets
    • ufw allow 6000-6007/tcp sets a rule with a range to allow tcp packets from 6000-6007
    • ufw allow from 15.15.15.1 to any sets a rule allowing all traffic from 15.15.15.1
    • ufw status numbered returns a numbered list of rules in the set
    • ufw delete 2 removes rule number 2 in a list
    • ufw logging {on/off} turns the logging on or off; usually caught by syslogd/rsyslog; logging is set to low by default
    • ufw logging {low/medium/high/full sets logging verbosity of ufw;
      • note that logging is rate limited at medium and not rate limited at high

Boot/Initialization

  1. Slackware - SysV Init
    • System 5 style rc script via init
    • PID 1 = init which is the process that starts all other processes when the system boots
    • init is responsible for processing /etc/inittab to see how to start the system and at what runlevel
    • Things init does
      • Runs the script /etc/rc.d/rc.s to determine to prepare the system before loading to the desired runlevel
      • Enables virtual memory for the system and mounts filesystems in /etc/fstab
      • Loads kernel modules
      • Near the end of the script rc.s, init will run scripts related to the runlevel the system is entering -for example, rc3.d is run at runlevel 3
  2. SystemD
    • Ubuntu, CentOS, RedHat, and others have moved from SysV init process to the SystemD initialization process
    • Rather than running many shell scripts during init, the systemD process uses one monolithic program to control startup of services
    • The way the services are started are controlled by a configuration file
    • systemd uses units and targets rather than scripts and runlevels
      • there are 11 different types of units:
        • mount unit defines a mountpoint on the system named with the mount path with slashes replaced as dashes
        • swapspace
        • device a device in the linux device tree
        • socket fifo pipe to an internet port with an associated service
        • service a service or application on the system
      • targets are used to stop and start the service and group units together
      • systemd identifies units by name and type
        • example ssh could have an ssh.service and an ssh.socket
    • systemctl - can list current units loaded on the system
    • config files - /lib/systemd/system
    • modify how a unit functions - /etc/systemd/system