1. Linux+ Notes - Graham Helton 1
Linux+ Notes - Graham Helton
Date:
Orchestrating the Environment
Notes
Understanding the orchestration concepts
Static environment
Also called container environment
Contains predetermined app environment that does not change
through time
Provisioning the data center
Agent monitoring tools
Tools that require software to be installed in the app to monitor
Takes information and moves it to a monitoring server
Agentless monitoring
@Feb 19, 2020
2. Linux+ Notes - Graham Helton 2
Tools use preexisting and/or embedded software in the container to
conduct its monitoring activity
Desired state
Predetermined setting that declares how many containers should be
deployed and running at one time
Self-healing
Some utilities will launch new production containers to keep the
desired state
Looking at container orchestration engines
Kubernetes
Designed by google
Opensouce orchestration system
Scalable, fault tolerant and easy to learn
Docker
Docker swarm orchestration system
Swarm is typically faster then kubernetes when deploying new
containers
Mesos
distributed systems kernel
provides a conotainer oorchestration system framework only when
paired with marathon
Date:
Inspecting cloud and virtualization services
Notes
@Feb 18, 2020
3. Linux+ Notes - Graham Helton 3
Focusing on VM Tools
Looking at libvirt
A popular virtualization management software collection libvert
library
an API library
A daemon, libvirtd
command line utilities such as virt-install
virsh
Use virsh command to interact with hypervisor and
create,remove,stop and start VMs
Virtual machine manager is a python program for creating and managing
virtual machine
Understanding bootstrapping
bootstrapping
installing a new system using a configuration file or image of an earlier
install
Anaconda
Create a kickstart file to configure the system
store the kickstart file on the network or detachable device
place the installation source where it is accessible
create a boot medium that will initiate the kickstart process
kick off the kickstart installation
Kickstart file
file that contains all the installation choices you desire for a new
system
anaconda file
Red hat based distros only
4. Linux+ Notes - Graham Helton 4
this file is created and stored in the /root directory and named
anaconda-ks.cfg
Ubuntu based distros use a product called preseed
Exploring storage issues
Thick provisioning
Virtual disk size is selected and the physical files created on the
physical disk is pre-allocated.
Selecting 50gb for you VM size will instantly use up 50gb on your
harddrive for VM space
Thin provisioning
VM only consumes the amount of disk space actually used for the
virtual drive
BLOB
large unstructured data such as imagines, video, big data, etc
Date:
Understanding cloud and virtualization concepts
Notes
What is cloud computing
IaaS
Infrastructure as a service
low level server resources to host applications such as
physical components including storage, cpu, ram etc
PaaS
@Feb 18, 2020
5. Linux+ Notes - Graham Helton 5
Cloud computing vendor provides the physical server environment as
well as the operating system
SaaS
cloud computing vendor provides the whole environment such as mail
server, web server, software etc
Understanding virtualization
Hypervisors
Run multiple environments on one physical server such as web,
application servers, and database servers
Each server is on the same machine but do not interact with each
other
Type I Hypervisor
Commonly called bare metal hypervisor
Runs directly on server hardware with no middleman
Examples
KVM
Linux Kernel-based virtual machine
uses standard linux kernel with a special hypervisor module
XEN
Open source standard for hardware virtualization
Supports all types of CPUs
Type II Hypervisors
Run on top of an existing operating system
OVF
Open source virtual machine configuration
Open Virtualization Format OVF
6. Linux+ Notes - Graham Helton 6
Exploring containers
Containers
Gather all needed file to run an application such as libraries,runtime
files, database file etc
Each program runs within container
You can run the container in any environment and expect the
application to work as it did in development
Container software
LXC
Open source standard for creating containers
lighter than a full VM but heavier than a normal application
Docker
Open source
extremely lightweight
employees a daemon to listen for requests from containers
Date:
Controlling versions with Git
Notes
Understanding version control
Version control system
provides a common central place to store and merge project file so
that you can access the latest project version
Distributed version control systems
@Feb 18, 2020
7. Linux+ Notes - Graham Helton 7
allows developers to work offline
Git
Distributed VCS
Git terms
Working directory
Where program file are created modified and reviewed
Staging area
also called the index
git creates or updates information in the index file
Local repository
Contains each project file's history
This data is also called a snapshot
Remote repository
Typically a cloud based location but could be another
server on your network
Pros of Git
Performance
History
Accuracy
Decentralization
Setting up your Git Environment
Git is not installed by default, you need to create your own Git
environment
Steps to setting up a Git environment
Create a working directory mkdir myGitEnvironment
Initialize the .git/ directory git init
8. Linux+ Notes - Graham Helton 8
Set up local repository options git config —global user.name
"youremail"
Establish your remote repository (usually github) git remote add origin
[url]
Committing with Git
Create or modify the program file
Add the file to the staging area
commit the files to the local repository (use -m to add commit notes)
Push the files to the remote repository
Merging versions
Branches
area within a local repository for a particular project
Date:
Automating Jobs
Notes
Running scripts without a console
How do you run a shell script in the back
Append & to end of command
Use nohup to run script without tying it to the terminal
Sends output to nohup.txt
Sending signals
CTRL - Z sends SIGTSTP
@Feb 17, 2020
9. Linux+ Notes - Graham Helton 9
Stopping a process leaves the program still in memory and can be
returned to later
Job control
To restart a stopped job use BG jobnumber
jobs will list all active jobs
Running like clockwork
AT command
Allows you to specify a time for when a specific script will be ran
ATD runs in the background and checks for jobs to run
at [-f filename] time
Reconizes standard hour and minute such as 1015 pm
job queue shows holds jobs submitted by the at command for
processing
atq: Will list the currently pending jobs
ATRM [jobID Removes specific job from queue
Will only run once
Cron Table
Format of crontab: min hour DayOfMonth Month DayOfWeek
command
day of week can be 06 0 being sunday) or mon,tue, etc
allows for range of values(such as 15 or wildcard (*)
To run a command everyday at 10 15 am
15 10 * * * command
Must use 24hr format
use crontab -e to add items to crontab
use crontab -l to list current crontabs
10. Linux+ Notes - Graham Helton 10
Date:
Deploying Bash scripts
Notes
The basics of shell scripting
STDIN
0 file descriptor
points to standard input for the shell (normally the keyboard)
STDOUT
1 file descriptor
points to the standard output for the shell (normally the monitor)
STDERR
2 file descriptor
By default points to STDOUT The monitor)
redirecting STDERR
use 2 instead of >
Exit status of a command that has successfully completed is 0
Date:
Troubleshooting application and hardware issues
Notes
@Feb 17, 2020
@Feb 16, 2020
11. Linux+ Notes - Graham Helton 11
Dealing with storage problems
Degraded storage
refers to the storage mediums gradual decay due to improper use
Missing volumes
usually caused by failed device
use pvscan to find
Storage integrity
Bad block
small chunk of a disk drive that will not respond due to corruption
use fsck or badblocks command
Performance issues
dstat
provides data for troubleshooting storage device problems
dmstats
allows you to manage statistics for a particular device
Uncovering Application permission issues
Steps for determining permission issues
Determine which account runs the application and the account's name
Discover the specific program action that raised the error
Find out which files were being read and written during this action
record any applications it was trying to launch
Document any services the program was attempting to employ
determine what file permissions the owner has
Check group membership permissions
Check to see if program has sufficient permissions (as well as any
programs it starts)
12. Linux+ Notes - Graham Helton 12
Check access control lists
Analyzing application dependencies
apt-get clean
cleans up the database and any temp download files
yum clean all
cleans up the database and any temp download files
zypper clean -a
cleans up the database and any temp download files
Looking at SELinux context violations
Check audit log files by using sealert
Exploring firewall blockages
Unblocking ports
if your application relies on another system service check rules related
to that service's ports
Troubleshooting additional hardware
lspci
lsusb
lsdev
dmidecode
DMI
Desktop management interface
Displays hardware information in human readable format
lshw
provides information on system hardware
-short: displays condensed version
What denotes a memory issue?
13. Linux+ Notes - Graham Helton 13
slow system performance
hang during memory intensive applications
kernel panics
random corruption of files
Date:
Dealing with Linux devices
Notes
Communicating with Linux devices
Kernel must recognize device for it to work
If module for device isn't loaded the device will not work
GPIO
General purpose input/output
Used on raspberry pie
great for supporting communication to external devices
device files
Files the linux kernel creates in the /dev directory to interface with
hardware devices
Character device files
Transfer data one character at a time
Often used for serial devices such as terminals and USB
Block device files
Transfers large blocks of data. Used for high speed data transfer
devices such as hard drives and network cards
@Feb 15, 2020
14. Linux+ Notes - Graham Helton 14
Device mapper
Maps physical block devices to virtual block devices
/proc
Important for troubleshooting
IRQ
Interruption request
allow hardware to indicate when they have data to send to
the cpu
I/O Ports
Locations in memory where cpu can send and receive data
from a hardware device
Can be monitored in /proc/ioports
DMA
Direct memory access
Send data from hardware device to memory
/sys
provides information about hardware devices that any user can
access
Working with devices
Finding devices
lsdev
displays information about hardware devices
lsblk
displays information about block devices on the system
dmesg
shows records of kernel level events as they occur
15. Linux+ Notes - Graham Helton 15
good for troubleshooting when something isnt working properly
lspci
allows you to view currently installed PCI cards
lsusb
shows information about USB devices
Supporting monitors
XFree86
Extremely hard to configure
does not auto detect new devices
X11.org
User friendly
auto detects new devices
Using hot pluggable devices
Cold pluggable devices
Can only be connected to the system when the system is powered
down
Detecting Dynamic devices
udev device manager
automatically started at boot by init
listens to kernel notification messages and checks the against rule
in /etc/udev/rules.d
udevadm
allows you to interact with the udev program
16. Linux+ Notes - Graham Helton 16
Date:
Investigating User Issues
Notes
Troubleshooting Access
lastlog
searches therough /var/log/lastlog for users who have logged into the
system
last
searches the /var/log/wtmp for users that have logged in and out
lastb
Shows last unsuccessful login attempts
remote connections
add -vvv to ssh
displays a lot of verbose information
Date:
Optimizing performance
Notes
Looking at processes
Process is a running program
init process
runs scripts that start all other processes running on the system
PPID
@Feb 12, 2020
@Feb 11, 2020
17. Linux+ Notes - Graham Helton 17
Parent process ID
Sleeping
processes that are swapped into virtual memory
Monitoring processes in real time
Top
Displays process information in real time
Managing processes
Nice and renice
change the priority level assigned to an application process
nice -n value command
can be any value between 20 to 19, the lower the number the higher
the priority
renice priority -p pid
kill
default asks program to shut down, does not always work
kill -s KILL will instantly kill process (use with caution, can cause
corruption)
pkill
Allows you to kill process by name instead of process ID
Date:
Analyzing system properties and remediation
Notes
Troubleshooting the network
@Feb 10, 2020
18. Linux+ Notes - Graham Helton 18
Ports vs Sockets
Ports: number used by protocols to identify which service or
application is transmitting data
Network Socket: Single endpoint of a network connection's two
endpoints. That single endpoint is on the local system and bout to a
particular port. Thus uses a combination of an IP and port number
Localhost
Allows programs to test networking services without needing external
networking
Unix Sockets
Sockets between processes on your local system
Perform inter process communications(IPC)
Better performance than localhost
Viewing network performance
Check for high latency/saturation
Command Description
iperf,iperf3 Perform network throughput tests
iftop -i
adapter
Display network bandwidth usage for an adapter
mtr displays approx. travel tiems and packet loss percentages
19. Linux+ Notes - Graham Helton 19
Command Description
nc netcat, performs network througput tests
netstat -s displays summary statistics that are broken down by protocol
ping,ping6 perform simple icmp packet throughput tests
ss -s displays summary statistics broken down by socket type
tracepath
display travel times between each router and discover MTU along
the way
traceroute
display travel times between each router from the source to
destination
Date:
Embracing best security practices
Notes
User Security
Kerberos
Developed to support single sign on
Authentication server
users log into the AS to initiate the authentication process
Key distribution center
Authentication server passes the login request to the KDC which
issues the user a ticket granting ticket TGT
Ticket granting service
When user attempts to log into a server the server contacts the
Ticket granting service to determine if the user's ticket is valid
Lightweight directory access protocol LDAP
@Feb 9, 2020
20. Linux+ Notes - Graham Helton 20
Hierarchical tree database structure stores info about users and
resources
Microsoft's active directory builds upon kerberos for user
authentication and LDAP for resource authorization
Remote authentication Dial in User Service Radius)
Old but still used because its fairly simple to setup
Allows authentication server to authenticate user account as well as
other info about user such as ip,phone number, and access privileges.
Terminal access controller access control system TACACS
System Security
Use partitions multiple partitions to separate sensitive data
Prevent unauthroized access to grub
grub-mkpasswd-pbkdf2
Disable ctrl-alt-delete in /etc/inittab
Blacklist or whitelist users from using cronjobs in
/etc/at.allow
/etc/at.deny
/etc/con.allow
/etc/cron.deny
Network security
Deny hosts
/etc/hosts.deny
blacklist of hosts you dont want connecting to you system
Disable unused services
21. Linux+ Notes - Graham Helton 21
Change default ports
Date:
Overseeing Linux Firewalls
Notes
Providing Access control
Access control list
Identifies which packets are allowed in and out
This is known as packet filtering
Once a packet is identified the ACL determine what happens to the packet
Accept
Reject
Sends message back to the application sending the packet
Drop
Does not send any message back to application
Does not provide any information to outside attacker
Log
List of ports and their services in /etc/services
Ports 11023 are privileged ports, only a super user can run a service on.
Stateless firewalls
Older
Faster because less processing is done on packets
susceptible to attacks spread among multiple packets
@Feb 9, 2020
22. Linux+ Notes - Graham Helton 22
rules are static (requires restart for new rules)
Stateful
Treats packets as a team
Tracks active network connections
Not vulnerable to attacks that spread themselves among multiple
packets
Keep network info in memory
more vulnerable to DDoS because of tracking of connections
Firewall Technologies
Netfilter
Embedded in Linux Kernel
Allows other packages to implement firewall technologies
network sniffer that is planted in the Linux Kernel and offers up
packet filtering services
Firewalld
Provides packet filtering for IPv4 and IPv6
Zones
Network traffic is grouped into a predefined rule set called a zone
Identifies traffic from other systems
Each network connection can only be a member of one zone at a
time
must place custom zones in /etc/firewalld/zones
Services
predefined configuration set for a particular system services such
as DNS
Runtime environment
configuration actively employed by the firewall service
23. Linux+ Notes - Graham Helton 23
iptables
Iptabes-save saves current iptables rules as they are not persistent
Firewall service using a series of process called chains to handle
network packets that enter the system
Chains
determine the path each packet takes as it tners the system to
reach the appropriate application
Chains in packet processing
Prerouting
handles packets before the routing decision process
Input
Handles packets destined for the local system
Forward
handles packets being forwarded to a remote system
Post routing
handles packets being sent to remote systems after the
forward filter
Output
handles packets output from the local system
Each chain contains tables the define rules for handling packets
Filter
applies rules to allow or block packets from exiting the
chain
mangle
applies rules to change features of the packets before they
exit the chain
nat
24. Linux+ Notes - Graham Helton 24
applies rules to change the addresses of the packets
before they exit the chain
raw
applies a NOTRACK setting on packets that are not to be
tracked
security
Applies mandatory access control rules /tbu
Each chain has a policy value that determines how a packet is
handled by default for the chain
Accept: Passes the packet along to the next chain
Drop: Dont pass the packet along to the next chain
UFW (uncomplicated firewall)
Default firewall service on ubuntu distributions
Common arguments
UFW common arguments
Argument Description
allow
identifiers
sets the rule identied by Identifiers to allow packets
deny
identifiers
sets the rule identifed by Identifiers to deny (drop)
packets
reject
identifiers
sets the rule identied by identiers to reject packets
delete
rule|num
deletes the rule identified by RULE or NUM
insert NUM
RULE
inserts rule at index NUM
logging LEVEL
Sets the logging level where LEVEL is
on,off,low,medium,high, or full
Untitled
25. Linux+ Notes - Graham Helton 25
IPset
Allows you to create sets of IPs such as 1.1.1.0/24 and allows you to
manage all users in those sets from firewall ACLs
Date:
Implementing Logging Services
Notes
syslog
Standard logging protocol
timestamp:type:secerity and details
Severity values
Syslog severity
code keyword
Description
0 emerg Event that causes the system to become unstable
1 alert Event that requires immediate attention
2 crit critical but doesnt require immediate attention
3 err error that allows the system or application to continue
4 warning
non-normal warning condition in the system or
application
5 notice a normal but significant condition message
6 info Information message from the system
7 debug debugging messages for devs
rsyslog
@Feb 9, 2020
26. Linux+ Notes - Graham Helton 26
Rocketfast
Configuration
Reads from /etc/systemd/journald.conf configuration file
/run/log/journal is deleted on system reboot, create /var/log/journal to
permanently store event messages
ForwardToSyslog determines if systemd-journald should forward any
messages to a separate syslog program such as rsyslogd
journalctl [options] [matches]
-a: displays all data fields
-e: jumps to the end of the journal
-l: Displays all printable data fields
-n [number]: shows the most recent number journal entries
-r: Reverses the order of the journal entries
Date:
Access and identification methods
Notes
Getting to know PAM !!!
PAM
pluggable authentication modules
provide centralized authentication services for linux
compiled with pam library lobpam.so
configuration files located in /etc/pam.d/
@Feb 9, 2020
27. Linux+ Notes - Graham Helton 27
PKI Concepts
Public key infrastructure helps to protect key integrity
Private keys
Symmetric keys use a single key
Public/private
encrypt using two keys
Digital signature
encrypted message with users private key sent with cipher text
Using SSH
Employs asymmetric encryption
ssh options username@hostname
Using SSH securely
Use a different port besides 22
Disable root logins via SSH
Manage TCP wrappers
Date:
Applying ownership and permissions
Notes
Changing file or directory ownership
chown
root user can change owner assigned to file or directory
chgrp
@Feb 7, 2020
28. Linux+ Notes - Graham Helton 28
Changes the group assigned to file or directory
Octal mode permissions
Octal value Permission Meaning
0 —- No permissions
1 —x Execute only
2 -w- write only
3 -wx write and execute
4 r— read only
chmod 664 file.txt sets the owner and group permissions to read and
write but the permissions of all others to 4
Set User ID SUID
tells the linux kernal to run the program with the permissions of
the file owner and not the user running the file
Usually used for server applications that must run as root
Indicated by an S in the execute permission field
chmod u+s myserverapp
chmod 4750 myserverapp 4 at start adds s to file permissions)
Set Group ID GUID
Works differently for files and directories
Uses 2 in front of UGO in octal mode
Chmod g+s /sales
chmod 2660 /sales
files
Tells linux to run the program file with the files group
permissions
Indicated by s in the group execute position
29. Linux+ Notes - Graham Helton 29
Directory
When GUID bit is set in directory any file users create in the
directory is assigned the group of the directory not the user
Sticky bit
denoted by t in execute position for others: rwxrw-r-t
chmod o+t /sales
chmod 1777 /sales
Managing default permissions
user mask
defines the default permissions linux assigns to the file or
directorys
Octal value the represents the bits to be removed from octal
mode
666 for files
777 for directories
umask
user mask value is set with this command
First octal value represents the mask for the SUID GUID and
Sticky
Next three octal values mask the owner group and other
permission settings
Access control lists
use setfacl and getfacl commands
setfacl -m g:sales:rw test
App armor
30. Linux+ Notes - Graham Helton 30
Used on debian based linux
Controls files and network ports
Access based on policies (called profiles)
Understanding linux user types
ulimit
places a limit on how many computational resources a user can use
Date:
Chapter 14 Tending Kernel Modules
Notes
Module required to support a kernel are stored in /lib/modules/
kernel module files have a .ko extension
/etc/modprobe.d contain config files generated by the system
/run/modprobe.d/ stores configuration files generated at runtime
dmesg
displays the current kernel ring buffer
lsmod
shows brief module information
modinfo
provides detailed module data
When a module fails it sometimes triggers a kernel message
insmod
inserts a single module into linux kernel but not any dependencies
@Feb 5, 2020
31. Linux+ Notes - Graham Helton 31
At boot time linux might take a snapshot of your kernel ring buffer and store
the data in /var/log/dmesg
modprobe
easier to use than insmod
loads module and all of its dependencies
uses the modules.dep file to determine any dependencies
depmod
scans through system looking for hardware that was not detected
used for troubleshooting
rmmod
removes a module but not any dependencies
modprobe -r
removes a module and its dependencies
Date:
Chapter 13 Governing software
Notes
Working with source code
Downloading source code
wget
retrieves files from servers using ftp,http, etc
cURL
retrieves files from servers just like wget but allows for more
protocols
@Feb 5, 2020
32. Linux+ Notes - Graham Helton 32
Bundling source code packages
Tar is often used to bundle project files
Compiling source code
Source code needs to be compiled before running on the system
most common tool is gcc (supports most programming languages)
gcc -o hello hello.c outputs
using a make file
run the configure utility to build the application for your
environment
run the make utility by itself to build necessary library files
run the make install as root to install application
ldd displays required library files for a file to run
Packaging applications
Packages consist of all the files required to run a single application
package managers track application files, library dependencies, and
application versions
Debian package tools
Bundles application files into single .deb package files
uses command line tool called dpkg
-i: installs package
P removes installed package
-r: removes but keeps configuration files
-l: shows all installed packages
Red Hat package tools
command line tool called RPM
-e: uninstalls package
33. Linux+ Notes - Graham Helton 33
-i: installs package
-u: installs or upgrade package
Repositories
Contains software packages known to work correctly
Date:
Chapter 12 Protecting files
Notes
Backup Types
System image
Copy of the operating system binaries, configuration files, and
anything else you need to boot
Full
A copy of all the data. Takes a long time and requires lots of storage
Incremental
Only makes a backup of data that has been modified since the last
backup (any backup type)
It is crucial to make a full backup regularly to reduce recovery time
Differential
Differential makes copy of all the data that has been modified since
the last full backup
Good balance between incremental and full backup.
Takes less time to restore than incremental and has lower disk space
@Feb 5, 2020
34. Linux+ Notes - Graham Helton 34
Snapshot
Uses pointer references for data backups
You can go to any point in time to do a full restore
simulate full backups without taking up the same space or requiring
the same processing power
Snapshot clone
Good for disaster recovery
Good for high IO environments
Has no impact on performance
Compression methods
gzip
6070% compression rate
gzip filename to zip
gunzip filename to unzip
bzip2
Higher compression rate than gzip but takes longer
Can use multiple layers of compression
bzip filename zips
bunzip2 filename Unzips
xz
Higher compression rate than gzup and bzip2
xz filename to zip
unxz filename to unzip
zip
Same as windows zip files
places files inside and replaces original
35. Linux+ Notes - Graham Helton 35
zip or unzip
Archive and restore utilities
cpio
copy in and out
Used to create an archive
Often used for system image and full backups
tar
commonly used for creating backups
tar -zcvf outputname inputfiles
-z: compresses using gzip
-c: creates a tarball
-v: displays each file name as its processed
-f: designates file name
-t: display a .tar's contents
-x: extracts data
- z: decompresses gzip
dd
Create low level copies of an entire hard drive or partition
dd if=devicebeingcopied of=deviceholdingcopy status=progress
dd if=/dev/zero/ of=disktobewiped status=progress 0's out disk
rsync
very fast copying of files locally or remotely
-e: uses openshh
-z: compresses files during data transfer
-a: used to make an archive
Offsite/Off System backups
36. Linux+ Notes - Graham Helton 36
scp
uses openSSH
best for small files
C compress files
-r: copies files from the directory's contents and any subdirectory
sftp
more interactive than scp
uses openSSH
SFTP commands once connected
bye: exits
get: downloads to local system
put: sends files from local system
ls: displays remote systems working directory
backup integrity
use md5sum
Date:
Chapter 11 Handling storage
Notes
drive connections
/dev
When you connect a device to a linux system a file is created in the
/dev folder
this is a raw device
@Feb 4, 2020
37. Linux+ Notes - Graham Helton 37
Sata connections are called SDx (where x is letter representing the
drive)
udev
runs in background
detects new hardware such as USB drives
assigns new storage a place in /dev
Partitioning tools
fdisk
Most common command line partitioning tool
Allows you to create, view, delete, and modify partitions on any MBR
drive
sudo fdisk /dev/sda
p: displays the current partition scheme on the drive
gdisk
For working with drives using GPT indexing method
parted
allows you to modify existing partitions
gparted
graphical tool for editing partitions
Understanding file systems
File system: a map of data stored on a device
The Virtual Directory
Contains file paths from all the storage devices installed
contains a single base directory called root
Mount points
38. Linux+ Notes - Graham Helton 38
a folder placeholder within the virtual directory that points to a
specific physical device
FHS
defines core folder names and locations that should be present on
every linux system
Absolute path
full path within virtual directory
always starts from root folder ( / )
relative path
denotes the location of a file relative to your current location within
the virtual directory
when path doesn't start with / linux assumes you're referring to your
current directory
Formatting file systems
btrfs
A new high performance file system that supports massive file sizes
16exbibytes)
eCryptfs
Enterprise cryptographic file system
Only the operating system that created the file system can read data
from it
ext3
descendant of the original linux file system
supports 2 tb file size
supports journaling
ext4
Current version of linux file system
39. Linux+ Notes - Graham Helton 39
supports files up to 16 tb
reiserFS
created before ext3 and ext4 and is no longer supported
swap
create virtual memory using a physical drive
System can swap data out of normal memory into swap space
essentially enables more memory on your machine
not used for persistent data storage
Journaling
Method of tracking data not yet written to the drive in a log file
If system fails before data can be written to drive the journal (log)
data can be recovered and stored on next system boot
Non-Linux file systems
Linux can read data stored on devices formatted for other file systems
Supports the following file systems but it is not recommended to use
these for linux systems
CIFS
HFS
ISO9660
NFS
NTFS
SMB
UDF
VFAT
XFS
ZFS
40. Linux+ Notes - Graham Helton 40
mkfs
used for creating file systems
-t: specify file system type
Mounting file systems
Must be formatted with a file system
mount
used for mounting drives temporarily (will reset on device restart)
-t: specify the file system type
umount: unmount specified device
/etc/fstab
Used for permanent storage devices
Managing file systems
df
displays disk usage by partition
du
displays disk usage by directory
good for seeing what users or applications are using the most space
iostat
displays a real time chart of disk stats
lsblk
display current partition size and mount points
fsck
Used to repair corrupt partitions
/proc and /sys
special file systems kernel uses for recording system statistics
Storage alternatives
41. Linux+ Notes - Graham Helton 41
Device mapper multipathing
allows you to configure multiple paths between the linux system
and network storage devices
dm-multipath
kernel module that provides multipath support
Logical volume mapper—-
allows you to create virtual drive devices
mdadm
used to configure software RAID
Date:
Chapter 10 Administering users and groups
Notes
Adding accounts
useradd
-c: Add comment (usually the users full name)
-d: users home directory
-e: expire date
-g: users group
-m: creates users home account
getent
Allows you to view records in /etc/passwd and /etc/shadow
passwd
used to change passwords
@Feb 3, 2020
42. Linux+ Notes - Graham Helton 42
-d: deletes password
-e: sets a users password as expired
-i: sets the number of days after a password is expired and has not
been changes that the users account will be deactivated
usermod
modify user settings
L locks account
-c: modify the comment field
-d: set a new user home
-g: change the users group
/etc/login.defs
configuration file
control password length, expiration,home directory etc
User identification number UID
Number used to identify user accounts
root always has UID of 0
System accounts
Accounts that provide services (daemons)
/etc/skel
If a home directory is created for a user these files are to be copied to
the users account home directory when the account is created.
/etc/passwd
Account information
/sbin/nologin is used for system services accounts
Managing groups
43. Linux+ Notes - Graham Helton 43
Part of linux's discretionary access control
Access to a file is based on group membership permissions
Group identification number GID
if no group is designated then a new group is created with the
username of the new user and assigned a new GID
getent passwd
shows users gid in 4th field
groupadd -g 1042 TestGroup
creates new group with group id of 1042 and names it testgroup
usermod -aG testgroup username
-a: preserves any precious account group memberships
G adds user to group
Setting up the environment
When first logging in bash checks environment files (sometimes called
startup files)
.bashrc file is ran
Global entreis
Modify the working environment and shell sessions for all users using
starting a Bash shell
Querying Users
whoami
display what user account you are currently using
Who
provides more data than whoami
allows you to see info about your won account and every user on the
system
id
44. Linux+ Notes - Graham Helton 44
provides a short summary of uid gid and groups
last
displays a list of when all users logged in
Managing disk space
enable file system quota support under /etc/fstab
unmount and remount file system
quotacheck -cug /home/user1/quotafstest
Date:
Chapter 8 Comparing GUIs
Notes
Desktop environments
GNOME
@Feb 2, 2020
45. Linux+ Notes - Graham Helton 45
Launched in late 1990s
File Manager
GNOME FILES (sometimes just called files)
KDE Kool Desktop Environment)
Started in 1998
Now known as KDE plasma
File manager
Dolphin
Cinnamon
Used on linux mint
File manager
Nemo
MATE
File manager Caja
Unity
46. Linux+ Notes - Graham Helton 46
Old no longer developed desktop environment
Set out to have a single UI for desktop and mobile
File manager
Nautilus
Accessibility
Sound Keys
Beeps whenever the capslock or numlock is pressed
Bounce Keys
Helps compensate for single keys pressed multiple times
GUI server
Display server
Program that uses a communication protocol to transmit the user
interaction to the operating system
Communication protocol is called the display server protocol and can
only operate over a network
Compositor
Arranges display elements within a window to create a screen
image to be passed back to client
Wayland
Replacement for X11
Simple, secure and easier to develop and maintain compared to
x11
Compositor
Weston
X11
X windows system
Currently being replaced by wayland
47. Linux+ Notes - Graham Helton 47
xdpyinfo
provided information about the X server including different
screen types available
xwininfo
window information
Remote Desktops
Use client/server model
Common remote desktop software
VNC
Virtual network computing
Remote frame buffer protocol
Port 5900+n
Allows for persistent and static desktops
Xrdp
Supports RDP
Only provides server side of RDP
NX
Closed source remote desktop
Spice
Simple protocol for independent computing environments
Good for providing connections with KVM virtual machines
Forwarding
SSH port forwarding/SSH tunneling
Allows you to redirect a connection from one port to port 22
allowing for ssh security similar to a vpn
To enable SSH forwarding use L switch
48. Linux+ Notes - Graham Helton 48
ssh L local-port:127.0.0.1:remote-port Nf user@destination-host
N Lets oopen ssh know that no remote terminal process is
desired
F after SSH is authenticated move ssh to background
X11 forwarding
ssh X user@remote-host
Date:
Chapter 7 Configuring Network Features
Notes
Network manager
Provides a graphical interface for defining network connections
Command line tools
Nmtui
provides simple text based menu tools
nmcli
provides a text only command line tool
Route: Displays the current default router
Dhcpcd: Allows you to enable dhcp
host
tests hostname
queries the DNS server to determine the ip address assigned to the
specified hostname
Also works for resolving IP to hostname
@Jan 31, 2020
49. Linux+ Notes - Graham Helton 49
DIG
Displays all of the DNS data records associated with a specific host
or network
Netstat
lists open network connections on the system
-t: only tcp connections
-u: only udp connections
-l: only shows listening ports
-s: shows statistics for different packet types
SS
link which system processes are using which network sockets
Interface bonding
Allows you to aggregate multiple interfaces into new virtual network
device
Bonding types
Load balancing
Network traffic is shared between two or more interfaces
aggregation
Two or more network interfaces are combined to create on larger
network pipe
active/passive
One network interface is live while the other is used as a backup
for fault tolerance
Legacy tools
Ethtool: Displays Ethernet settings for a network interface (allows you to
look inside NIC
50. Linux+ Notes - Graham Helton 50
ifconfig: Displays or sets the IP address and netmask value for a network
interface
ip: Displays or sets the IP address netmask, and router values. Robust,
often used to define network settings.
ip address add (xxx.xxx.xxx.xxx) dev enp0s3
Set default router for network interface: ip route add default via
192.168.1.254 dev enp0s3
Iwconfig: Sets the ssid and encryption
Local loopback interface
Special virtual network interface, any local program can use it to
communicate with other programs as if they were across a network