Coggle requires JavaScript to display documents.
Instead of the output displaying in the terminal window, the output can be redirected into another file or another command
cat
cat food.txtFood is good.
cat food.txt
Food is good.
The less command provides advanced paging capability but is not included with all Linux distro The more command has fewer features then less, but is available in Linux distro
less
more
less words
Key = Movement Spacebar = Window ForwardB = Window BackwardEnter = Line ForwardQ = ExitH = Help
Key = Movement
Spacebar = Window Forward
B = Window Backward
Enter = Line Forward
Q = Exit
H = Help
Searching forward or backward from your current position To start a search forward from your current position, use the slash / key then type the text to match and press Enter If no matches forward from your current position can be found, then the last line of the screen will report "Pattern not found" If more than one match can be found by a search, then use the N key to move the next match and use the SHIFT + N key combo to go to a previous match
/
Pattern not found
head
tail
-n
-3
pipe
ls /etc | head
STDIN: Standard input, or STDIN, is info entered normally by the user via the keyboard STDOUT: Standard output, or STDOUT, is the normal output of commands STDERR: Standard error, or STDERR, are error messages generated by commands
< >
echo "Line 1"Line 1
echo "Line 1"
Line 1
echo "Line 1" > example.txt
example.txt
echo
cat example.txtLine 1
cat example.txt
echo "New line 1" > example.txt cat example.txtLine 1 `echo "Another line" >> example.txt cat example.txtNew line 1Another line
echo "New line 1" > example.txt
New line 1
Another line
ls /fakels: cannot access /fake: No such file or dir ls /fake 2> error.txt cat error.txtls: cannot access /fake: No such file or dir
ls /fake
ls: cannot access /fake: No such file or dir
ls /fake 2> error.txt
cat error.txt
ls /fake /etc/pppls: cannot access /fake: No such file or dir/etc/ppp:ip-down.d ip-up.d ls /fake /etc/ppp &> all.txt cat all.txtls: cannot access /fake: No such file or dir/etc/ppp: ip-down.dip-up.d
ls /fake /etc/ppp
/etc/ppp:
ip-down.d ip-up.d
ls /fake /etc/ppp &> all.txt
cat all.txt
ip-down.d
ip-up.d
ls /fake /etc/ppp > example.txt 2> errot.txt
tr
<
cat example.txt/etc/ppp:ip-down.dip-up.d `tr 'a-z' 'A-Z' < example.txt/ETC/PPPIP-DOWN.DIP-UP.D
/ETC/PPP
IP-DOWN.D
IP-UP.D
sort
bin:x:2:2:bin:/bbin:x:2:2:bin:/bin:/bin/sh
mypasswd
The -t option will allow for another field separator be specified To specify which field to sort by, us the -k option with an argument to indicate the field number The -n option is used to perform a numeric sort sort -t: -n -k3 my password
-t
-k
sort -t: -n -k3 my password
wc
wc /etc/passwd /etc/passwd-35.......56...1710.... /etc passwd34.......55...1665.... /etc/passwd-69..... 111.. 3375.... total
wc /etc/passwd /etc/passwd-
35.......56...1710.... /etc passwd
34.......55...1665.... /etc/passwd-
69..... 111.. 3375.... total
Use the -l option to show just the number of lines The -w option to show just the number of words The -c option to show just the number of bytes, or any combo of these options
-l
-w
-c
cut
By default, the cut command expects its input to be separated by the Tab character, but the -d option can specify alternative delimiters such as the colon or comma The -f option can specify which fields to display The -c option is used to extract columns of text based upon character position In the following example, the first, fifth, sixth and seventh fields from mypasswd database file are displayed cut -d: -f1,5-7 mypasswd
-d
-f
cut -d: -f1,5-7 mypasswd
grep --color bash /etc/passwdroot:x:0:0:root:/root:/bin/bashsysadmin:x:1001:1001:System Administrator,,,,:/home/sysadmin:/bin/bash
grep --color bash /etc/passwd
root:x:0:0:root:/root:/bin/bash
sysadmin:x:1001:1001:System Administrator,,,,:/home/sysadmin:/bin/bash
grep
The -d option can specify alternative delimiters such as the colon or comma By default, the cut command expects its input to be separated by the Tab character The -f option can specify which fields to display The -c option is used to extract columns of text based upon character position
By default, the cut command expects its input to be separated by the Tab character
For example, an a character would match an a
a
.
r
f
grep 'r..f' red.txtreefroof
grep 'r..f' red.txt
reef
roof
grep '....' red.txtreefreeedroof
grep '....' red.txt
reee
[ ]
grep '[0-9]' profile.txt
[abcd]
[a-d]
^
*
e*
e
grep 're*d' red.txt
o
grepr[oe]*dred.txt
red.txt
ee*
grep '^root' passwd
$
grep 'r$' alpha-first.txt
\
grep 're*' newhome.txt
grep 're\*' newhome.txt
The -E option to the grep command can understand extended regular expressions
-E
? -- Matches previous character zero or one time, so it is an optional character Use the ? character to match solo followed by zero or one u character followed by an r character: grep -E 'color?r' spelling.txt + -- Matches previous character repeated one or more times Use the + character to match one or more e character: grep -E 'e+' red.txt | -- Alternation or like a logical or operator Use the | character to match either gray or grey grep -E 'gray|grey' spelling.txt
?
Use the ? character to match solo followed by zero or one u character followed by an r character: grep -E 'color?r' spelling.txt
solo
u
grep -E 'color?r' spelling.txt
+
Use the + character to match one or more e character: grep -E 'e+' red.txt
grep -E 'e+' red.txt
|
Use the | character to match either gray or grey grep -E 'gray|grey' spelling.txt
gray
grey
grep -E 'gray|grey' spelling.txt
echo "Hello, World!"
sh test.shHello, World!
sh test.sh
Hello, World!
./test.sh-bash: ./test.sh: Permission denied
./test.sh
-bash: ./test.sh: Permission denied
Permission denied
chmod
#! /bin/shecho "Hello, World!" #! (shebang) is a prefix that marks following text executable /bin/sh specifies the absolute path to the interpreter
#! /bin/sh
#! (shebang) is a prefix that marks following text executable /bin/sh specifies the absolute path to the interpreter
#!
/bin/sh
The GNU nano editor is a simple editor well suited for editing small text files The Visual Editor, vi, or its newer version, VI improved vim, is a remarkably powerful editor
vi
vim
Variables, which hold temp info in the script Conditionals, which let you do different things based on tests you write Loops, which let you do the same thing over and over
if
`if somecommand; then` `# do this if somecommand has an exit code of 0` `fi`
If the exit code is 0 then the contents up until the closing fi will be run
0
fi
test
i.e., The -f operator to the test command checks if the file exists: test -f /dev/ttyS0 - Will test if the file exists test -d /tmp - Will test if directory exists if test -f /tmp/foo; then if [ -f /tmp/foo]; then
test -f /dev/ttyS0 - Will test if the file exists test -d /tmp - Will test if directory exists if test -f /tmp/foo; then if [ -f /tmp/foo]; then
test -f /dev/ttyS0
test -d /tmp
if test -f /tmp/foo; then if [ -f /tmp/foo]; then
elif
If the first argument passed to the script is hello, the first block is executed. If not, the script checks to see if it is goodbye and echos a different message if so. Otherwise, a third message is sent.
hello
goodbye
case
#!/bin/bash case "$1" in echo "hello yourself" ;; goodbye) echo "nice to have met you" echo "I hope to see you again" ;; *) echo "I didn't understand that" esac
the case statement starts off with a description of the expression being tested: case EXPRESSION in. Next, each set of tests are executed as a pattern match terminated by a closing parenthesis Following that are the commands to be executed if the pattern returns true, which are terminated by two semicolons The * pattern is the same as an else because it matches anything
case EXPRESSION in.
else
for
while
for loops are used when you have a finite assortment, such as a list of files, over which you want to iterate (repeat and execute code) A while loop, operates on a list of unknown size
#!/bin/bash SERVER="servera serverb serverc" for S in $SERVERS; do echo "Doing something to $S" done
The SERVERS variable stands for the list of servers (servera serverb serverc) Each time it sets the S variable to the current server name
SERVERS
S
#!/bin/bash i=0 while [ $i -lt 10 ] ; do echo $i i=$(( $i + 1)) done echo "Done counting"
The example above shows a while loop that counts from 0 to 9 A counter variable, i, is initialized to 0
`ANIMAL='penguin'` `echo "My favorite animal is a $ANIMAL"`
The variable name is ANIMAL and the equals sign assigns the string penguin To access the contents of the variable, prefix it with a dollar sign $ When the interpreter sees the dollar sign, it recognizes that it will be substituting the contents of the variable, which is called interpolation
ANIMAL
penguin
When the interpreter sees the dollar sign, it recognizes that it will be substituting the contents of the variable, which is called interpolation
read
$0
A dollar sign followed by a number N corresponds to the Nth argument passed to the script.
N
$?
1
exit
x86 (32 bit) x86_64 (64 bit)
free
free -m
Two common types: Peripheral Component Interconnect (PCI) lspci command Universal Serial Bus (USB) lsusb command
Peripheral Component Interconnect (PCI) lspci command Universal Serial Bus (USB) lsusb command
lspci command
lspci
lsusb command
lsusb
Two paritioning types: Master Boot Record (MBR) GUID Partitioning Table (GPT)
Master Boot Record (MBR) GUID Partitioning Table (GPT)
Older technology but still commonly used Tools to view and modify MBR partitions fdsik, cfdisk, fsdisk
fdsik, cfdisk, fsdisk
Newer technology and allows for larger partitions than MBR Tools to view and modify GPT partitions gdisk, cdisk, sdidk
gdisk, cdisk, sdidk
Lower power usage, less heat and vibration, and less time system booting and loading programs
Lower capacity due to higher cost and no ability to upgrade if soldered onto the motherboard
Older distributions mount drives on /mnt Newer distributions mount drives on /media or /var/run/media
Hardware devices need software, called drivers, that allows them to communicate with the OS
ps
top
pseudo filesystem
/proc
Pseudo filesystems are ones that appear to be real files on disk, but exist only in memory
/proc/cmdline - Contains info passed to kernel during boot /proc/meminfo - Contains info about kernel memory usage /proc/modules - Contain list of modules loaded into the kernel
The process then starts other system processes and assigns a PID in sequential order
pstree
The ps command can also be used with the head and grep commands to filter processes displayed: ps -e | grep firefox
ps -e | grep firefox
Mem: is the statistics for physical memory on the system -/+ buffers/cache: is the physical memory minus memory used by the kernel Swap: is virtual memory
Mem
-/+ buffers/cache
Swap
Examples of daemons include; syslogd, klogd, rsyslogd, journald
use cat or less command use journalctl command
journalctl
file
/var/log/dmesg - contains the kernel messages that were produced during system startup /var/log/messages - will contain kernel messages that are produced as the system is running
dmesg
dmesg | grep -i usb
Shareable / Not shareable Static / Variable
Top-level hierarchy: / Second-level hierarchy: /usr Third-level hierarchy: /usr/local Fourth-level hierarchy: /var
/usr
/usr/local
/var
/home
Includes /bin, /usr/bin, /usr/local/bin and other non-user specific directories
/bin
/usr/bin
/usr/local/bin
/sbin,/usr/sbin, and /usr/local/sbin
/sbin
/usr/sbin
/usr/local/sbin
Mircrosoft Windows - Applications files are installed in a single subdirectory under the C:\Program Files directory Linux - Applications may have files in multiple directories spread out throughout the Linux filesystem To view list of application files, use dpkg -L packagename (Debian) and rpm -ql packagename (Red Hat)
C:\Program Files
dpkg -L packagename
rpm -ql packagename
Commonly use file extension of.so Examples include: /lib, /lib64, /usr/lib, /usr/lib64, /usr/local/lib
/lib
/lib64
/usr/lib
/usr/lib64
/usr/local/lib
Examples include: /var/mail, /var/spool/mail, /var/spool/cups
/var/mail
/var/spool/mail
/var/spool/cups
IPv4 - Uses four 8-bit numbers. ie, 192.168.10.120 Size limits number of addresses that are available for everyone on the internet IPv6 - 128-bit address. ie, 2001:0db8:85a3:0042:1000:8a2e:0370:7334 Much larger address size result in more addresses available
192.168.10.120
Size limits number of addresses that are available for everyone on the internet
Much larger address size result in more addresses available
Wired or wireless Wireless includes additional security features DHCP or Static? DHCP will provide an IP address and subnet mask (a number used to identify what subnetwork an IP address belongs to) Static means to manually provide network information to the host Wireless uses DHCP
Wireless includes additional security features
DHCP will provide an IP address and subnet mask (a number used to identify what subnetwork an IP address belongs to) Static means to manually provide network information to the host Wireless uses DHCP
To Configure as DHCP, change BOOTPROTO value to dhcp
BOOTPROTO
/etc/sysconfig/network-scripts/ifcfg-eth0
Same file as IPv4 on CentOS To configure IPv6 on your system the following would need to be added to the file: IPV6INIT=yes IPV6ADDR=<IPv6 IP Address> IPV6_DEFAULTGW=<IPv6 IP Gateway Address>
IPV6INIT=yes IPV6ADDR=<IPv6 IP Address> IPV6_DEFAULTGW=<IPv6 IP Gateway Address>
/etc/resolv.conf
host example.com example.com has address 192.168.1.2
/etc/hosts - Contains a table of hostnames to IP addresses /etc/resolv.conf - Contains the IP addresses of the name servers the system uses to resolve names to IP addresses /etc/nsswitch.conf - Used to modify where hostname lookups occur
/etc/hosts
/etc/nsswitch.conf
ifconfig ip route ping netstat ss dig host ssh
ifconfig
The output, the IP address of the primary network device (eth0) is 192.168.1.2 and the device is currently active (UP)
eth0
192.168.1.2
ip
ip [OPTIONS] OBJECT COMMAND
route
Any network package sent to a machine in the 192.168.1 network is not sent to a gateway machine (the * indicates "no gateway") All other network packets are sent to the host with IP address of 192.168.1.1 (the router)
192.168.1
192.168.1.1
ping
64 bytes from 192.168.1.2: icmp_req=1 ttl=64 time=0.051
Destination Host Unreachable
from 192.168.1.2 icmp_seq=64 Destination Host Unreachable
netstat
netstat -r
netstat - tln
ss
dig
The DNS server has the IP address (192.168.1.2) to hostname (example.com) translation information in its database
example.com
host
host 192.168.1.2 2.1.168.192.in-addr.arpa domain name pointer example.com
ssh
ssh bob@test
if you answer yes at the prompt (asking to verify the machine's identity), the RSA key fingerprint of the remote machine will be stored on your local system When you attempt to ssh to the same machine in the future, the RSA key fingerprint provided by the remote machine is compared to the copy stored on the local machine if they don't match, you will see an error message
yes
sudo
su
Everything will run as root (background processes, executeables) May forget you are logged in as root May accidentally run non-admin tasks as root
su [options] [username]
root
su - su - root
sudo head /etc/shadow [sudo] password for sysadmin:
/etc
/etc/passwd
Each line contains information about a single usersysadmin:x:1001:1001:System Administrator,,,,:/home/sysadmin:/bin/bash Contains; Name, Password Placeholder, User ID, Primary Group ID, Comment, Home Directory, Shell (fields are separated by a colon)
The etc/shadow
Username - Name of the account (matches username in /etc/passwd) Password - Encrypted password for the account Last Change - Last time password was changed Min - Min # of days between password changes Max - Max # Warn - # of days before password expiry in the system warns the user Inactive - Grace period in which user's password can be changed Expire - # of days when user accounts will expire (From Jan 1, 1970) Reserved - Currently not used, this field is reserved for future use
/etc/shadow
Home Directory - Typically do not have Shell: Uses nologin Password: Uses *
nologin
/etc/group
mail:x:12:mail,postfix
Group Name - field contains the group name Password Holder - The x means password is not stored in this file GID - Unique group ID associated with group User List - Lists members in the group
x
Unique group ID associated with group
id
id uid=1001 (sysadmin) gid=1001 (sysadmin) groups=1001 (sysadmin), 4(adm), 27(sudo)
Lists user account info first (UID (uid=1001) and username (sysadmin`)) After username, the primary group is listed (group ID and group name) Other information includes other groups user belongs to (group IDs and group names)
uid=1001) and username (
-G
who
Username - Indicates user who is logged in and has an open session Terminal - Indicates which terminal window the user is working in. tty indicates a local login whereas pts indicates a pseudo terminal Date - Indicates when user logged in. A hostname means user logged in remotely. A colon and number means a graphical local login. No location info means userlogged in via local command line
tty
pts
w
last
/var/log/wtmp
last sysadmin console Tue Sep 18 02:31 still logged in sysadmin console Tue Sep 18 02:31 - 02:31 (00:00) wtmp begins Tue Sep 18 02:31:57 2018
getent
grep root /etc/group root:x:0: getent group root root:x:0:
groupadd
-g
groupadd -g 506 research
groupass
grep research /etc/group research:x:506: groupadd development grep development /etc/group development:x:507:
-r
For first character, use an underscore _ character or lowercase alphanumeric a-z character After first character, possible characters can be alphanumeric, dash or underscore Using more than 16 characters can be problematic Last character should be a hyphen -
a-z
groupmod
groupmod -n clerks sales groupmod -g 10003 clerks
find
-nogroup
groupdel
You need the account name, you may also want to plan the UID, the primary group, the supplementary groups, the home dir, the skel dir, and the shell to be used
For first character, use an underscore _ or lowercase alphanumeric a-z character After first character, possible characters can be alphanumeric, dash, or underscore Using more than 16 characters can be problematic Last character should not be a hyphen -
useradd
useradd -u 1000 -g users -G wheel,research -c 'Jane Doe' jane
/etc/gshadow
/var/spool/mail/jane
/home/jane
Length - Minimum length is specified in /etc/login.defs file Composition - A combination of alphabetic, numeric and symbolic characters Lifetime - Amount of time that a password can be used at maximum should be limited to minimize security threatsNote: requiring a user to change their password too often might also pose security problems
/etc/login.defs
Note: requiring a user to change their password too often might also pose security problems
User can execute passwd command Admin can execute passwd command with username as an argument Graphical tools
passwd
passwd jane Enter new UNIX password: BAD PASSWORD: it is WAY to short BAD PASSWORD: is too simple Retype new UNIX password:
usermod
-c, COMMENT Sets the value of the GECOS or comment field to COMMENT -d HOME_DIR, --home HOME_DIR Sets HOME_DIR as a new home directory for the user -e EXPIRE_DATE, `--expiredate EXPIRE_DATE Set account expiration date to EXPIRE_DATE
COMMENT
Sets the value of the GECOS or comment field to COMMENT
-d HOME_DIR
--home HOME_DIR
Sets HOME_DIR as a new home directory for the user
HOME_DIR
-e EXPIRE_DATE
Set account expiration date to EXPIRE_DATE
userdel jane
userdel -r jane
-D
useradd -D
GROUP - default primary group for a new user. This setting affects the primary group ID field of the /etc/passwd file.GROUP=100 bob:x:600:600:bob:/home/bob:/bin/bash HOME - the default base directory under which the user's new home directory will be created.This setting affects the home directory field of the /etc/passwd file.HOME=/home bob:x:600:600:bob:/home/bob:/bin/bash INACTIVE - This value represents the number of days the password expires that the account is disabled. This setting affects the inactive field of the /etc/passwd file. INACTIVE=-1 bob:x:600:600:bob:/home/bob:/bin/bashEXPIRED - By default, there is no value set for the expiration date. This setting affects the expire field of the /etc/passwd file.EXPIRE= bob:pw:15020:5:30:7:60:15050: SHELL - The default shell for a user when they log in to the system. This setting affects the shell field of the /etc/passwd fileSHELL=/bin/bash bob:x:600:600:bob:/home/bob:/bin/bash SKELETON DIR - The contents of this directory are copied into the new user's home directory. This setting affects the expire field of the /etc/passwd file SKEL=/etc/skel CREATE MAIL SPOOL - File where the incoming email is placed CREATE_MAIL_SPOOL=yes
GROUP
GROUP=100
HOME
HOME=/home
INACTIVE
EXPIRED
EXPIRE=
SHELL
SHELL=/bin/bash
SKELETON DIR
SKEL=/etc/skel
CREATE MAIL SPOOL
CREATE_MAIL_SPOOL=yes
grep -Ev `^#|^$` /etc/login.defs
Mail Directory - The dir in which the usr's mail spool file will be createdMAIL_DIR /var/mail/spool Password Max Days - The maximum number of days that a user can continue to use the same passwordPASS_MAX_DAYS 99999 Password Min Days - The shortest time that a user is required to keep a passwordPASS_MIN_DAYS 0 Password Minimum Length - The minimum number of characters that a password must containPASS_WARN_AGE 7 UID Minimum - Although it can go up to four billion, for maximum compatibility it's recommended to leave it at its default value of 60000 UID_MAX 60000 GID Minimum - Determines the first GID that will be assigned to an ordinary group GID_MIN 500 GID Maximum - The Max number of days that a user can continue to use the same password GID_MAX 60000 Home Directory - Determines whether or not a new directory will be created for the user when their account is created CREATE_HOME yes
MAIL_DIR /var/mail/spool
PASS_MAX_DAYS 99999
PASS_MIN_DAYS 0
PASS_WARN_AGE 7
UID_MAX 60000
GID_MIN 500
GID_MAX 60000
CREATE_HOME yes
touch
ls
touch /tmp/filetest1 ls -l /tmp/filetest1 -rw-rw-r--. 1 sysadmin sysadmin 0 Oct 21 10:18 /tmp/filetest1
newgrp
groups
id uid=502(sysadmin) gid=(research) groups=503(sysadmin),10001(research),10002(development) content=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.1023
chgrp
ls -l
ls -l /etc/passwd -rw-r--r--. 1 root root 4135 May 27 21:08 /etc/passwd
-rw-r--r--. 1 root root 4135 May 27 21:08 /etc/passwd
the first character of each lone indicates the type of file. possible values for file types: - regular file d directory l symbolic link b block file c character file p pipe file s socket file
- regular file d directory l symbolic link b block file c character file p pipe file s socket file
-
User Owner: -rw-r--r--. 1 root root 4135 May 27 21:08 /etc/passwdCharacters 2-4 indicate the permissions of the user that owns the file. Group Owner: -rw-r--r--. 1 root root 4135 May 27 21:08 /etc/passwdCharacters 5-7 indicates permissions for the group that owns the file Other Permissions: -rw-r--r--. 1 root root 4135 May 27 21:08 /etc/passwd
User Owner Read = r Write = w Execute = - Group Owner Read = r Write = - Other = - Other Read = r Write = - Execute= -
Read = r Write = w Execute = -
Read = r Write = - Other = -
Read = r Write = - Execute= -
Can be written to by the process. The w permission requires r permission to work
Files can be added to or removed from the directory. The w permission requires the x permission to work
A file can be executed or run as a process
User can use the cd command to get into directory and use pathname to access files in directory
cd
Allows process to read contents of the file, which means contents can be viewed and copied.
Names of directory are listed, but no other details are available
The chmod (change mode) command is used to change permissions on a directory Characters indicate which permission group (user, group, others) to apply the changes to:u = user owner, g = group owner, o = others, a = all Next, choose an indicator to indicate how to modify permissions:+ = add, - = remove, = = equals Lastly, use the following characters to specify the permission type to change*` r = read, w = write, x = execute To give the user owner read permission on a file named abc.txt, you could use the following command: chmod u=r abc.txt
u = user owner, g = group owner, o = others, a = all
+ = add, - = remove, = = equals
abc.txt
chmod u=r abc.txt
Based on the octal numbering system where each permission type is assigned a numeric value Numeric values: 4 = Read, 2 = Write, 1 = Execute By using a combination of numbers from 0 to 7, any possible combination of read, write and execute permissions can be specified for a single permission group set: 7 = rwx, 6 = rw-, 5 = r-x, 4 = r--, 3 = -wx, 2 = -w-, 1 = --x, 0 = --- to set the perms of a file named abc.txt to be rwxr-xr-- you could use the following cmd:chmod 754 abc.txt
7 = rwx, 6 = rw-, 5 = r-x, 4 = r--, 3 = -wx, 2 = -w-, 1 = --x, 0 = ---
rwxr-xr--
chmod 754 abc.txt
umask
File = rw-rw-rw- Directory = rwxrwxrwx
rw-rw-rw-
rwxrwxrwx
umask 0002
First 0 means umask is given as octal number Second 0 indicates which perm to subtract from default user owner perms Third 0 indicates which perm to subtract from default group owner's perms Last 2 indicates which perms to subtract from default other's perms.
File default = 667 Umask = -027 Result = 640
640
rw-r-----
umask 027 touch smaple ls -l sample -rw-r-----. 1 sysadmin sysadmin 0 Oct 28 20:14 sample
Represented by s in group perms: -rwxr-sr-x Consider the /usr/bin/wall command file group ownership-rwxr-sr-x 1 root root tty 10996 Jul 19 2011 /usr/bin/wall This executable file is owned by the tty group, when a user executes this command they will be able to access files that are group owned by the tty group
s
-rwxr-sr-x
/usr/bin/wall
-rwxr-sr-x 1 root root tty 10996 Jul 19 2011 /usr/bin/wall
ls -ld filename
A lowercase s (drwxrwsrwx) means that both setgid and group execute perms are ser An uppercase S (drwxreSr-x) means that only setgid and not group execute perm is set
drwxrwsrwx
drwxreSr-x
chmod g+s <file|dir>
chmod 2775 <file|dir>
chmod g-s <file|dir>
chmod 0775 <file|dir>
sysadmin
more /etc/shadow /etc/shadow: Permission denied
ls -l /usr/bin/passwd -rwsr-xr-x 1 root root 31768 Jan 28 2010 /usr/bin/passwd
-rwsr-xr-x 1 root root 31768 Jan 28 2010 /usr/bin/passwd
-rwSr-xr-x 1 root root 31768 Jan 28 2010 /usr/bin/passwd
chmod u+s file
775
chmod 4775 file
chmod u-s file
chmod 0775 file
t
drwxrwxrwt
Lowercase t means both sticky bit and execute is set Uppercase T means only sticky is set
T
chmod o+t <dir>
chmod 1775 <file|dir>
chmod o-t <dir>
chmod 0775 <dir>
/usr/share/doc/superbigsoftwarepackage/data/2013/october/tenth/valuable-information.txt
ls -i
ls -i /tmp/file.txt 215220874 /tmp/file.txt
passwd = 123mypasswd = 123
ls -li file.*
ln
ln target link_name
ln file.original file.hard.1 ls -li file.* <value moves from 1 to 2>
lrwxrwxrwx 1 root root 22 Feb 15 2011 /etc/grub.conf -> ../boot/grub/grub.conf
/etc/grub.conf
../boot/grub/grub.conf
-s
ln -s /etc/passwd mypasswd ls -l mypasswd lrwxrwxrwx 1 sysadmin sysadmin 11 Oct 31 13:17 mypasswd -> /etc/passwd
Hard Link Advantage: If there are mulitple files with the same hard link, deleting any four of these files would not result in deleting the actual file contents. With a soft link; if the original file was removed, then any files linked to it, will fail. Soft Link Advantage: Soft links are easier to see Soft links can link to any file because it uses a pathname. Hard links cannot be created that attempt to cross file systems because each file system has a unique set of inodes Soft links can link to a directory
If there are mulitple files with the same hard link, deleting any four of these files would not result in deleting the actual file contents. With a soft link; if the original file was removed, then any files linked to it, will fail.
Soft links are easier to see Soft links can link to any file because it uses a pathname. Hard links cannot be created that attempt to cross file systems because each file system has a unique set of inodes Soft links can link to a directory
a dir can be categorized as either shareable or not, meaning if the dir could be shared on a network and used by multiple machines. The dir is put into a category of having either static files (file contents won't change) or variable files (file contents can change)
User Home Directory: The /home directory will typically have a directory underneath it for each user account (i.e., /home/bob) Binary Directories: Contain programs that users and admins execute to start processes or applications Software Application Directories: Application in Linux may have their files in multiple directories spread throughout the Linux Filesystem Library Directories: Libraries are files which contain code that is shared between multiple programs. Most library file names will end in a file extension of .so, which means shared object Variable Data Directories: The /var directories and many of its subdirectories can contain data that will change frequently (i.e., /var/mail and /var/log)
The /home directory will typically have a directory underneath it for each user account (i.e., /home/bob)
/home/bob
Contain programs that users and admins execute to start processes or applications
Application in Linux may have their files in multiple directories spread throughout the Linux Filesystem
Libraries are files which contain code that is shared between multiple programs. Most library file names will end in a file extension of .so, which means shared object
.so
The /var directories and many of its subdirectories can contain data that will change frequently (i.e., /var/mail and /var/log)
/var/log