greg jorgensenMy notes for Linux:
The page includes my miscellaneous notes for using and understanding linux a bit better.
- My notes for Linux:
- Replacements for standard tools
- The basics:
- File Commands
- Process Management
- File Permissions
- Searching
- System info commands:
- Network commands: (basic)
- Filesystem
- Yum
- Linux system booting stages
- Systemd
- Systemctl
- Essential tools
- Grep
- Regex
- Archive using tar
- IP Tables
- Tables
- Chains
- Traversal order:
- Rules
Replacements for standard tools
- ripgrep, ag, ack (grep)
- exa, lsd (ls)
- mosh (ssh)
- bat (cat)
- delta (a pager for git)
- fd (find)
- drill, dog (dig)
- duf (df)
- dust, ncdu (du)
- pgcli (psql)
- btm, btop, glances, gtop, zenith (top)
- tldr (man, sort of)
- sd (sed)
- difftastic (diff)
- mtr (traceroute)
- plocate (locate)
The basics:
File Commands
ls
| directory listing |
ls -al | formatted listing with hidden files |
• cd dir | change directory to dir |
• cd
| change to home |
• pwd
| show current directory |
• mkdir dir
| create a directory (called dir) |
• rm file | delete file (named file) |
rm -r dir | delete directory dir |
rm -f file | force remove file |
rm -rf dir | force remove directory dir * |
cp file1 file2 | copy file1 to file2 |
cp -r dir1 dir2 | copy dir1 to dir2; create dir2 if it doesn't exist |
mv file1 file2 | rename or move file1 to file2 if file2 is an existing directory, moves file1 into directory file2 |
ln -s file link | create symbolic link to file |
touch file | create or update file |
cat > file | places standard input into file |
more file | output the contents of file |
head file | output the first 10 lines of file |
tail file | output the last 10 lines of file |
tail -f file | output the contents of file as it grows, starting with the last 10 line |
Process Management
- ps – display your currently active processes
- top – display all running processes
- kill pid – kill process id pid
- killall proc – kill all processes named proc *
- bg – lists stopped or background jobs; resume a
- stopped job in the background
- fg – brings the most recent job to foreground
- fg n – brings job n to the foreground
File Permissions
chmod octal file – change the permissions of file to octal, which can be found separately for user, group, and world by adding:
4 – read (r)
2 – write (w)
1 – execute (x)
Examples: chmod 777 – read, write, execute for all
chmod 755 – rwx for owner, rx for group and world
Searching
System info commands:
date | show the current date and time |
uptim | show current uptime |
w | display who is online |
finger user | display information about user |
uname -a | show kernel information |
df | show disk usage |
du | show directory space usage |
free | show memory and swap usage |
cat /proc/cpuinfo | cpu information |
cat /proc/meminf | memory information |
Network commands: (basic)
- ifconfig – ipconfig
- ping host – ping host and output results
- whois domain – get whois information for domain
- dig domain – get DNS information for domain
- dig -x host – reverse lookup host
- wget file – download file
- wget -c file – continue a stopped download
/etc/sysconfig/network-scripts/ifcfg-name – Network interface configurations files for that specific interface name, usually eth0
- Ifup eth0
- Ifdown eth0
Filesystem
| Directory | Description |
|---|---|
Root, the highest level in the hierarchy | |
Contains binaries for use by all users. Also contains executable files, Linux commands that are used in single user mode, and common commands that are used by all the users, like cat, cp, cd, ls, etc | |
directory stores data that is used before the kernel begins executing user-mode programs | |
System Devices | |
System configuration files (when making changes to the system you will probably make the changes in here) | |
Keep each users files’ separate, also default landing spot when a user connectors via ssh or ftp | |
System libraries | |
Removable media mounting point | |
Often used for third-party packages to set-up their own folder structure | |
System information /sys shows the same information but in a difference format | |
Running processing on the system | |
Temporary files – cleared when the system restarts | |
Contains log files and other things that change over time |
Yum
CentOS/ Redhat uses the package manager YUM (Yellowdog Updater, Modified)
Wget is a computer program that retrieves content from web servers - “sudo yum install wget”
“sudo yum check-update”
shows all available updates for software on your system
“sudo yum remove”
removes unwanted software
“sudo yum provides software”
if install software does not work yum will search for packages that include software.
“sudo yum update package”
Linux system booting stages
The firmware stage, the boot loader stage, the kernel stage, and lastly, the initialisation stage.
Systemd
A system can be booted into different Targets.
There are Targets for different purposes, such as rescuing the system after a crash.
In Linux, system services are called a deamon. That is why you will see some linux service names ending in d such as httpd or dhcpd.
Systemctl
“systemctl start application.service”
systemctl knows to look for .service files so the .service postface is not necessary.
“systemctl stop application” also, “restart”, “reload”, or “reload-or-restart”
if you are unsure whether the service can be reloaded.
“Systemctl status application”
this provides you with the state, cgroup hierarchy and first few log lines.
“Systemctl is-active application”
is-enabled – this will tell you whether the service is enabled or disabled
is-failed – this will return ACTIVE if it is running properly or failed if an error occurred. Unknown or inactive also possible.
Systemctl list-unit-files. Units are representations of resources that systemd knows about.
Systemctl list-dependencies sshd.service. This will list a unit’s dependency tree. For this example it is sshd.service.
systemctl mask application.service – this will mark an application as completely unstartable and if tried to start a message will say it is masked. Replace mask to unmask to do the opposite.
Essential tools
Pipe command: A pipe sends the STANDARD OUT command to the STANDARD IN of another.
By default, the standard output and standard error outputs to the screen.
STDERR is for errors
“>” Overwrites a file or creates it if it doesn’t exist.
“>>” this will create a file if it doesn’t existRedirect
STDERR to a file you need to write “ls 2> output.err”
To redirect all output we use “&>”
“tee” sends the output to a file as well as the screen – ls | tee lsout.txt
Grep
Grep (options) ‘search criteria’ file.txt
Options:
- i = ignore case
- v invert search (opposite of search criteria)
- c count match results
- o only characters that match (not the entire line)
- r read files recursively (searches through all files in a directory)
- E use extend regular expression
Find /root *.txt | grep secretfile
Regex
Website used to test and learn Regex:
Archive using tar
Useful for backups.
An archiver is different to a windows zipping tool as they preserve metadata such as ownership, permissions and access control lists as well as the file data itself.
TAR is an archiver tool in Linux. TAR doesn't compress files itself but uses other compression tools for this.
IP Tables
Tables
5 tables in total but 3 main tables. The main tables are filter, NAT and mangle.
Filter: The first table is called the Filter table. This is the default table so if none are specified then the rules will apply to the Filter table. This table makes decisions whether to let a packet continue to its destination.
NAT table provides network address translation rules. This table will contain rules about how to modify and how to modify the packet src or dest address where direct access is not possible.,
Mangle table - this table is used to alter the IP headers of the packet.
Raw table is used for connection tracking
Security table is used to set internal SELinux security context marks on packets which will affect how systems can handle these packets.
Chains
Chains are points in a packet where you can apply rules. There are 5 chains in IP tables.
Prerouting - takes place before taking any routing decisions
input - when packet enters the network stack
forward - when the packet is routed through the system
output - when the packet is leaving your system
postrouting - after the routing decision (opposite of prerouting)
Traversal order:
Incoming packets destined for the local system:
Prerouting > Input
Incoming packets destined to another host:
Prerouting > Forward > Postrouting
Locally generated packets:
Output > Postrouting
All chains are not available for all tables each chains give you options to take action on a packet at that individual stage of the packet.
Rules
Rules are commands used to manipulate network traffic.
As each CHAIN is traversed the packet will be checked against each rule within the chain in order.
If the packet does not match the next rule is examined.
If it does match then the next rule is specified by the value of "target"
Example rule to block an IP address:
iptables -A INPUT -s 192.168.149.205 -j DROP
If it does match then the next rule is specified by the value of "target".
The target component is the action that is triggered when the packet meets the criteria of the rule. The two types of target are termination and non-terminating targets. Termination will end the packet’s traversal in that particular chain. Examples are accept, drop, queue, reject, return etc.
A matching component are the different conditions available to match the defined rule. Rules can be matched by protocol, dest or src IP, dest or src port, interface, headers. These can be combined to create complex rules.
Example rule to block an IP address:
iptables -A INPUT -s 192.168.149.205 -j DROP
Misc Notes:
fdisk -l - used for the view, create, delete, change, resize, copy and move partitions on a hard drive using the dialog-driven interface.
parted /dev/sda - manage hard disk partitions
lscpu - displays information about the CPU architecture
cat /proc/cpuinfo -contains information about the processor
Full qualified path name FQPN
/ is root
home dir of root is /root
~ = home dir
.. = parent dir
. = present dir
echo = print a command or variable or file
env = environment variable
Cat /etc/profile | grep HISTSIZE /etc is for every user
stopping and starting processes locating files finding processes taking the most memory or CPU sorting and finding larger files
grep is finding in the contents of a file, not for finding a file.
find is what you want.
find -type specify d for directory, or f for file
-name specify the name, allows wildcards
The only other argument I recall I think is exec to execute a command per file, ie
find -type f -name "*.jpg" exec rm {}
Find all files, that are {something}.jpg, and do rm {file}