Keeping in mind, Compita is releasing a new version of their Linux+ exam for 2009.
Notes
Pre-Exam1. know RAID types (5).2. know common ports (as always (SMB:139)).
3. linux as a router / iptables / route add command.
4. know subnet masks and common short hand networks (CCNA).
5. know important files and file paths.
6. know common rpm agruments.
7. know linux partition codes, 82, 85 etc.
8. know crontrab fields
9. know glossary
10. know login/logout shell scripts
11. know lpc commands
12. know common IRQ, COM ports and FDD
READ UP
shared library and dynamic linker's cache
more information on mkinitrd
acpi
DNS, root.hints file
ttyS1
lilo & chroot
mkisofs (DONE)
syslogd & emerg
klogd
wlancfg
ssh keys and locations.
configure home dev with proper ssh
common IRQ ports
lsattr
proc folder and paths etc.
test passwd "+", "*" and bin/false from home
STUDY
samba configuration files (examples)
NOTE
XF86Config
"Read bottom answer"
Software
apache, uses LoadModules in httpd.conf (not AddModule)
apache, VirtualHost attribute in httpd.conf allows for multiple websites when in true DNS environment.
apache, set working directory from the command line
$ httpd -d /home/user/html
Hardware
ATA-133 HD uses 40 pin 80 wire.
Parity RAM memory boards have an extra chip for parity checking. Parity RAM does not correct errors.
ECC RAM checks and correct single-bit errors.
L3 cache on CPU doesn't need linux driver.
Serial devices use COM ports. COM ports 1 and 3 use IRQ 4.
ribbon cables backwards in floppy drives can cause silly issue with lights on the drive.
ECP ports allow for DMA access. ECP improve EPP.
Linux has little support for winmodems, and instead needs linmodems.
ATDT is used to set the number for a modem.
ATZ is used to reset a modem.
cardmgr daemon reads PCMCIA cards. /sbin/cardmgr
yenta_socket is a dependency module for PCMCIA cards
SCSI
To use a SCSI hard disk, Int13h needs to be enabled on the SCSI controller.
SCSI devices need seperate SCSI IDs, the controller typically uses "7" and should not be assigned to SCSI peripherals.
SCSI devices need to be terminted properly, otherwise connectivity problems can occur.
SCSI devices don't use IRQ numbers.
All SCSI devices need to be terminated correctly.
Network
DSL modems use PPPoE
add a default route
# route add default gw 10.10.10.1
configure router to reject packets
# route add -net 192.168.100.0 netmask 255.255.255.0 reject
delete route command
# route del -net 192.168.100.0 netmask 255.255.255.0
route command display network routes, or static routes if the network is not available.
route command is when the network is working
3DES is the supported encryption for VPN.
netstat command is used when the network is not working.
ifconfig
# ifconfig eth0 192.168.168.10 netmask 255.255.255.0 up# ifconfig -a# ifconfig eth0:1 192.168.168.12 up
traceroute can verify proper working order for your router.
minicom is used for testing PPP connections / modems.
ARP is used tp map Ip addresses to MAC addresses (physical ethernet).
netstat -a, displays all listening connections.
max bandwidth on 100MB full duplex is 200MB (both ways); half-duplex is 100MB
ipchains configures masquerading, forwarding and firewalling.
ipchains may need to be compiled into the kernal.
iptables offer a more fine grain control than ipchains.
nslookup, to check DNS.
/var/yp/binding is used as the binding file.
pump is a program that is used to verify DHCP request. Not in default install.
dig, Domain Information Groper, test DNS / MX records.
# dig -t mx comptia.org
1. nis - use NIS server
2. files - use hosts file
3. dns - user dns
iptables
hosts.deny blocks ip, iptables blocks services / protocols / greater control. Use both.
typically installed into /usr/sbin/iptables
prevent an ICMP packet from being forward
# iptables -A FORWARD -p icmp -j DROP
Lists iptables
# iptables -L
deletes rules
# iptables -F
ssh
ssh connection using different ciphers.
$ ssh -c 3des 192.168.168.1$ ssh -c blowfish 192.168.168.1$ ssh -c des 192.168.168.1
ssh login
$ ssh -l shane 192.168.168.1
ssh-keygen, to generate a new ssh key.
.ssh/authorized_keys - contains keys required to login using SSH on the server.
~/.ssh/id_dsa - is the private key
~/.ssh/id_dsa.pub - is the public key
sshd_config is ssh configuration file, controls if root can access et. al.
Port 22
Protocol 2
UsePrivilegeSeparation yes
KeyRegenerationInterval 3600
ServerKeyBits 768
PermitRootLogin yes
PermitEmptyPasswords no
TCPKeepAlive yes
NISNIS, consists of a client-server directory service protocol for distributing system configuration data such as user and host names between computers on a computer network.
Network Information Services, used to allow for a single /etc/passwd for a network of computers (yellow pages).
ypinit - used to build and install NIS.
ypwhich - shows a NIS client bound to a NIS server.
ypcat passwd - verifies a NIS client is reading authentication information from a NIS server.
Samba
Samba - is a freely available SMB server to *unix, used to replace NT type servers; and is used to share files between unix type systems and windows. It implements dozens of protocols, including NetBIOS, SMB, CIFS, WINS etc.
testparm - is a command to test the configuration file of samba.
start samba as a service
# /usr/sbin/smbd -D
mounting a share
# smbmount //server/sharename /mountdirectory -o username=windowsuser, password=windows pass# mount -t smbfs //server/sharename /mountdirectory -0 username=windowsuser, password=windows pass
mounting a network share
$ mount -t ntfs 192.168.0.75:/public /local
smbmount does not make the mount permanent, you will need to edit /etc/fstab
use mount to mount linux NFS.
use smbmnount to mount windows.
Check samba version / is installed
# smbd -V
IRQ
IRQ 3 - COM 2,4
IRQ 4 - COM 1,3
IRQ 0 - System timer. Reserved for the system. Cannot be changed by a user.
IRQ 1 - Keyboard. Reserved for the system. Cannot be altered even if no keyboard is present or needed.
IRQ 2 - Cascaded signals from IRQs 8-15. A device configured to use IRQ 2 will actually be using IRQ 9
IRQ 3 - COM2 (Default) and COM4 (User) serial ports
IRQ 4 - COM1 (Default) and COM3 (User) serial ports
IRQ 5 - LPT2 Parallel Port 2 or sound card
IRQ 6 - Floppy disk controller
IRQ 7 - LPT1 Parallel Port 1 or sound card (8-bit Sound Blaster and compatibles)
IRQ 14 - is commonly used by /dev/hda
Sys Admim
bg command can put a process into the background, but it does not change the priority.
restart x windows, via <ctrl><Alt><Backspace>
XFree86 uses virtual console 7 by default.
kill process and then re-nice
# kill 3544: nice -n19 COMMAND
make command will compile source code. make reads in makefile.
mailq - is a command to view undelivered message.
dd - command is used to read raw data to a file. useful for making ISO's or copying disks for forensics. Copies exact byte-data.
date command accepts 020315002002 (day, month, time, year)
ntpupdate - to update NTP time with NTP server.
max size of linux swap partition is 128MB (for old kernals). Linux supports 16 swaps, 2048 GB.
mkinitrd, creates initial ramdisk images for preloading modules.
CD/DVD's may need to be in the drive for mount /mnt/dvd to work.
kernal module loader are needed for USB.
when an interactive shell that is not a login shell is started, bash runs ~/.bashrc
syslogv
emerg, emergency priority has the highest priority
Add new paths
$ export PATH=$PATH:/usr/local/program/bin
usbcore module is the first to load for USB funcionality.
ttyS1 *(TeleTYpewriter) defaults to IRQ 3
linux needs a primary partion before a swap partition and formatting.
Performance
top command displays running processes using the most CPU.
Interactive Commands
R - resort field
F - change field
Fa - change to PID field
Fk - change to CPU% field
Fn - change to %MEM field
Fo - change to virtual memory field
ps, shows processes for a user.
$ ps -U user
ps aux displays all running processes.
$ ps aux | grep dhcpd$ ps aux | grep httpd
pstree, shows a process tree, -u shows UID
$ pstree -u
cpuinfo - is a command that displays info on the CPU / processors; Debian, see /proc/cpuinfo.
vmstat, shows memory statistics
# vmstat [-V] [-n] [delay [count]]# vmstat 10 6
procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu----
r b swpd free buff cache si so bi bo in cs us sy id wa
0 0 808964 2061184 179856 182012 0 0 1 1 1 1 1 0 98 0
/proc folder, to enable certain settings for the current boot session you can edit the /proc folder. On restart these settings will be lost.
proc meminfo, shows memory available and usage
$ cat /proc/meminfo
/proc/sys/net/ipv4/ip_forward - sets whether IP forwarding it turned on (linux as a router)
sar command; displays CPU activity, good method to baseline performance (in sysstat package Debian).
# apt-get install sysstat
User Maintenance
userdel command removes a user, but keeps their data
useradd command adds a user
usermod command updates a user.
groupadd adds a group.
edquota command sets a quota for a user (some distributions).
chage command, used to set the max number of days a user can user the same password (-M, -m, -W, -l)
# chage -M 10 shane# chage -l shane
Login shell scripts order
1. /etc/profile
2. ~/.bash_profile
3. ~/.bash_login
4. ~/.profile
logout scripts
1. ~/.bash_logout
/etc/skel - default settings for a new user account.
/etc/skel/.bashrc - default template for new users
/etc/skel/bash_profile - default template for new users
passwd +, users with "+" infront of them in the passwd file can't login.
set bash in password to /bin/false to prevent login but still access services.
locked out accounts in /etc/passwd, have either + or * (if using shadow pass)
/bin/false shell, prevents users from logging into system, but not using services.
/etc/passwd File Examples
username:password:UID:GID:Comments:Shell
jsmith:x:1001:1001:Joe Smith,Room 1007,(234)567-8910,(234)550-004,email:/home/jsmith:/bin/bash
User1:*:51:501:John Doe:/home/user1:/bin/bash
Shane:x:1002:1002:Shane Devane:/bin/false
Runlevels
inittab can specify default runlevel
id:3:initdefault
init and shutdown can both halt the server, shutdown sends a broadcast to logged in users first.
# shutdown -h now# init 0
run init q to make initd reread the configuration file without rebooting.
Red Hat runlevels (exam)
0 - halt system
1 - single user
2 - full multi user with network, but services disabled
3 - full multi user, console logins only
4 - not used
5 - full multi with X windows.
6 - reboot
Debian runlevels
0 - halt
1 - single user
2-5 - full multi user with X.
6 - reboot
inittab, can be used to configure UPS.
inittab has 4 fields, ID: runlevel: action: process
l0:0:wait:/etc/init.d/rc 0
l1:1:wait:/etc/init.d/rc 1
l2:2:wait:/etc/init.d/rc 2
l3:3:wait:/etc/init.d/rc 3
l4:4:wait:/etc/init.d/rc 4
l5:5:wait:/etc/init.d/rc 5
l6:6:wait:/etc/init.d/rc 6
common initab actions are
1. respawn - the process will be restarted whenever it terminates
2. wait - the process will start when it's runlevel is entered. and init will wait for it's termination.
Forgotten root password, change runlevel to 1 (lilo boot to single user), run passwd command.
du - shows disk usages for files / directories.
$ du -c /home
c - produces a "count" total of the files
h - human readable
s - summerize
lsmod is responsible for listing modules, information can also be found under /proc/modules
inittab, action field tells init daemon what to do with each process.
init 1 switches to single user mode without restarting.
$ init runlevel
rc.local, in Red Hat, is the last init scrupt to be run as part of the startup process.
chroot, change root, serves to create a temporary root directory for a running process. Used a lot in bootable repair linux distro's and for "jailing" a process. Once a process is chroot, the process will not be able to access any directories outside of the chroot directory. ie. the process will see only "/"
chown, change a directory to another user / group
$ chown user:group dirname -R$ chown -R$ chown -R user directory$ chown 720 filename
1. -R recursive
2. chown user:group /dir
Before installing, know System Hardware / check linux hardware compatibility list, required packages, required services and partition map.
Legacy hardware needs to have resources reserved in the CMOS to prevent plug-n-play devices from using them.
Loadable Kernal Modules
$ ls /lib/modules/
lnsmod, lists currently loaded modules.
insmod, installs modules (.o files).
modprobe, is a wrapper for insmod.
rpm
rpm, Redhat Package Manager, only one instance can run at a time etc. -F updates lower version, but not new. (?)
1. -q checks if a package is installed
2. -ivh install PACKAGENAME - installs the package
3. rpm -Uvh or -Fvh - upgrades the package
4. rpm --erase - removes a package
5. rpm -e - removes a package
install package
# rpm -install ssh
verifies a package
# rpm -V INSTALLFILE
lists all installed packages
# rpm -qa | grep <name of package>
Updates all packages
# rpm -F /mnt/cdrom/RPMS/*.rpm
check is a package is installed, and version
# rpm -q NewFonts
check which packages owns a particular file.
# rpm -qf <file name>
Printing
lprm - removes jobs from printer queue
lpr - submits file for printing.
lpc - an aministrative tool for changing printing environment, queue, removing jobs etc.
$ lpc clean all PRINTERNAME$ lpc restart all PRINTERNAME
lpq - show print queue (so does lpstat)
/etc/printcap
minfree command - prevents the print queue from being used up.
CUPS printing services / admin interface runs on port 631, used to add new printers etc.
lpstat - shows print queue etc.
$ lpstat -h printhost
enable command or disable command stops and starts printers.
/etc/hosts.lpd - controls which hosts can print (vs. hosts.allow?)
cron
whodo command shows who has scheduled jobs (only some distros)
lists user cron jobs.
$ crontab -u -l
* * * * * command to be executed
- - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)
Example
30 18 * * * rm /home/someuser/tmp/*
crontab to run at 2:05 on the first of each month.
5 2 1 * * cleanup
File Systems
ext2, allows for expanding the file system easily.
FIPS - is a partition resize tool, that can resize with losing data, including resizing windows partitions.
ReiserFS allows partitions to be journaled. Was first journal system implemented in linux.
reiser file system in fstab is "reiserfs"
if the root file system is changed to ext3 but the fstab is still ext2, system will boot as ext2
swap partition, id = 82
linux partition native id = 83
linux partition extended id = 85
swap file size, should be twice phyiscal size for lower RAM machines. ie < 1GB
minix, file system that supports filenames of 14 or 30 characters, was the original file system for Linux in the very early days.
ext3, ext2 + journaling.
creating file systems, makes ext3 file system
# mke2fs -j# mkfs -t ext3
format floppy
# mkfs /dev/fd0
make reiser file system
1. mkfs.reiserfs /dev/hda6
recording files, makes dir /tmp/tocd into ISO fs and burns CD.
mkisofs /tmp/tocd | cdrecord dev=0,0,0-
mkswap is used to create a swap file on a device or disk image file.
mkfs, make file system, used to format a disk
$ mkfs /dev/fd0
mkdosfs, makes a MS-DOS file system
$ mkdosfs /dev/fd0 mount -t msdos /dev/fd0 /mnt/floppy
swapon -a; used to active a swap partition created vis fdisk etc.
showmount commands shows mount information for a NFS server.
Linux recognises USB as SCSI
$ mount /dev/sda1 /mnt/usb
Inodes contain file type, owner, group permissions; file size, number of links and last access / modified date. It does not contain the filename.
partitions and then inodes. Inodes problems relate to file system errors not partition errors.
fstab Columns: Device, Mountpoint, filesystem, mounting options, dump frequency, fsck, order
# more /etc/fstab
/dev/cdrom /cd iso9660 ro, user, noauto 0 0
/dev/hdb1 /mnt/hdb1 ext3 defaults,noatime,notail 0 0
//servername/share /mnt/netshare smbfs username=windowsuser,password=windowspass 0 0
fstab options
noexec, exec - enabled execution of programs
nosuid, suid - enables setuid programs
ro - read-only
noauto - don't automatically mount
umount /floppy
mount /fd0 /floppy
fdisk, is used to partition a disk.
fdisk, p to view partition table
fsck - check disk - linux version of chkdsk
ext2 - was the normal filesystem, has many tools for it, including tools to expand the partitions easily.
superblock - a top level file system "block", identifies the disk as being *nix and includes information like disk speed, sectors and tracks. fsck can't fix superblocks.
e2fsck - a tool to restore the superblock of a disk from a copy located on another disk, without prompting user.
# e2fsck -y
Linux recognises IDE HD's as
1. /dev/hda - Primary Master
2. /dev/hdb - Primary Slave
3. /dev/hdc - Secondary Master
4. /dev/hdd - Secondary Slave
hard links create copies of the file.
$ ln FILENAME NEWFILENAME$ ln -s FILENAME
soft links create shortcuts to the file.
File System Hierarchy Standard
/bin - essential command line tools (and kernel)
/boot - linux startup files
/dev - device drivers
/etc - basic configuration files
/home - homes for users
/proc - settings for running kernel, a virtual file system, contains settings of current running kernal
/root - home for root
/sbin - system admin commands
/tmp - temporary files, can be deleted to free up space if needed, ideally locate on a different partition.
/usr - small programs accessible to all users, and documentation
/var - variable data, log files, printer spools
/lib - program libraries
/media - removable media
/misc - mount point for diretories mounted via automounter
/mnt - legacy mount point
/net - mount point for network directories
/opt - location for third party application files
/srv - Red Hat network services
df - command for showing disk space
Filesystem Inodes IUsed IFree IUse% Mounted on
/dev/sda1 997472 41209 956263 5% /
tmpfs 32121 2 32119 1% /lib/init/rw
udev 32121 391 31730 2% /dev
tmpfs 32121 1 32120 1% /dev/shm
lilo
grub does not have to be re-written to disk, as grub is a pointer from the MBR to disk.
using kernal=ask in the lilo conf will force machine to prompt which kernal to use.
lilo gets installed in the MBR (grub only has a pointer in the MBR).
if you only see "l" in lilo, it indicates an MBR issue.
lilo, is a two part process, "li" does the initial boot, and "lo" is the second stage bootloader.
if you only see "lil" this indicates there is an error with the map file.
you can install lilo into the /etc/disktab if you want to use the existing OS boot loader on the primary OS.
lilo config files need to be set by running /sbin/lilo.
Prompt in the lilo configuration will tell lilo to wait for user.
lilo -t to test a configuration.
Lilo Configuration
boot=/dev/hda
map=/boot/map
install=/boot/boot.b
prompt
timeout=50
message=/boot/message
lba32
default=linux
image=/boot/vmlinuz-2.4.0-0.43.6
label=linux
initrd=/boot/initrd-2.4.0-0.43.6.img
read-only
root=/dev/hda5
other=/dev/hda1
label=dos
Security
restricted bash, starting bash with "rbash" or "bash -r"
su -c switch runs command as root, same as using sudo.
hosts.equiv file defines trusted remote hosts and user accounts, that can use local services.
hosts.allow, lists executable name / network settings; tcpwrappers checks hosts.allow then hosts.deny
httpd: 192.168.168.0/24
sshd : 192.168.0.
sshd : 192.168.0. EXCEPT 192.168.0.10,192.168.0.44
hosts.deny
ALL : ALL
hosts.allow can be used to restrict IP access to lpr.
shadow password file does not encrypt the "password file".
FTP has users file to handle deny permissions
/etc/ftpusers
UMASK, is the default permissions of a file being created. Files are created using 666, using a UMASK of 22 will allow for read only for read for group and others.
User accounts set to Zero in /etc/passwd have admin permissions.
no_root_squash, is an NFS option, when used it allows remote root user to change any file on the server from their client machine - this opens potential security issues.
inetd, listens for network connection, and passes to TCP Wrapper Library, which uses /etc/hosts.allow and /etc/hosts.deny for authentication.
pwck - verify integrity of password files / information; of passwd file, irc, news, lp files etc. (need to be root to run)
tripwire, used to detect changes in file/directory sizes, access time, inode, etc. an encrpted database is used to keep track of modications.
$ tripwire --check
show bad login attempts
$ lastb
show last logins
$ last
Permissions
setting the SUID on a file, allows a normal user to execute that program, as shown with the "s" rather than a "x".
# ls /usr/bin/pa* -halp
rwsr-xr-x 1 root root 28K 2009-01-14 13:36 passwd
setting SUID on a directory, makes all files and directories created in that directory have the same owner as the SUID directory (may not be implmented anymore).
setting the SGID bit on a directory, sets files to inherit the directory's group ownership.
$ chmod g+s /home/direct
directory
drwxr-sr-x 2 przemek przemek 4.0K 2009-05-06 17:50 testing1/
new file made by root
rw-r--r-- 1 root przemek 0 2009-05-06 17:56 s
if a file in a user directory has the SUID set, this could be a sign of a hacker. SUID are normall in /sbin.
sticky bit, on older unix systems, the sticky bit meant the file was kept in swap space. Linux kernal tends to ignore sticky bit on files.
sticky bit, if the sticky bit is set on a directory, items inside the directory can only be renamed or deleted by the item owner, directory owner or the superuser (not the group owner). /tmp is normally sticky "t"; without the sticky bit on a directory, anyone able to write to the directory could also delete / rename files.
# chmod +t /dir# chmod 1777 /tmp
/tmp default permissions 1777
execute and read permissions are required for a user to read files and list (ls) the contents of the folder.
setuid executable files can be run as the file owner rather than the logged in user.
permissions of a link file are by default:
$ lrwxrwxrx
searches for files with setuid set, can aid security checking. (really meant to be /4000)
$ find / -perm 4000 >> /var/log/daily$ find / -perm /4000 >> /var/log/daily
Searches for files from the root user
$ find / -user root
Searches for files having the name passwd
$ find / -name passwd
searches files where access time is more than 10 days
$ find / -atime +10
searches all files owned by user1
$ find /home -user user1
running background commands
# find / -name help.txt &
chmod
chmod, change permissions, when changing permissions to a link, it will update the target file permissions.
Absolute Change,
$ chmod 644
SUID, access rights flags that allow users to run an executable with the permissions of the executable's owner or group
$ chmod u+s# chmod 1777 /tmp
drwxr-xr-x 2 root root 4.0K 2009-02-12 11:32 sbin
drwxr-xr-x 2 root root 4.0K 2007-03-07 22:56 selinux
drwxr-xr-x 2 root root 4.0K 2009-02-12 11:00 srv
drwxr-xr-x 11 root root 0 2009-03-03 12:56 sys
drwxrwxrwt 12 root root 4.0K 2009-03-16 07:35 tmp
drwxr-xr-x 11 root root 4.0K 2009-02-12 11:15 usr
drwxr-xr-x 15 root root 4.0K 2009-02-12 11:30 var
lrwxrwxrwx 1 root root 25 2009-02-12 11:03 vmlinuz -> boot/vmlinuz-2.6.18-6-686
# chmod +t file
rw-r--r-T 1 shane shane 0 2009-04-29 18:01 x
chmod u+wx, adds write and execute permissions to a file without removing other permissions. Used to add additional permissions rather than overwrite existing ones.
symbolic arguments in chmod are; "g+s", "+t" etc.
g - group
u - user
o - others
r - read
w - write
x - execute
t - sticky bit
Commands
diff will compare two files
dd, dataset definition, command used for copying and converting of raw data. Can be used to create ISO images of a CD-ROM onto disk etc.
Kernal Commands
1. nosmp - forces Linux to use a single CPU in a multi-CPU environment.
lsattr command used to list the file attributes, chattr command changes file attributes.
lsattr /etc/serviceschattr + attribute /etc/services
chattr - change file attributes on a linux file system; changes immutable flag.
# chattr +i file
xmodmap - used to edit and display keyboard map table
cat - used to display the contents of a file; used to append / create a file.
process mail every 5 minutes
Sendmail -qp5m
mail someone@localhost -s 'subject' < /etc/services
ls -l | mail someone@localhost -s 'command output into mail'
list hiddem files and in subdirectories.
$ ls -aR
tail displays the last few lines of a file, -f appends news lines to the console screen as they are added. This might show errors relating to a server crash.
# tail -f /var/log/messages
head display the first 10 lines of a file.
less vs tail. less allows for scrolling and searching.
finger, shows information on a user, and is typically started via xinitd.
touch updates the file stamp on a file or creates a blank file.
who, shows who is currently logged in
whoami, prints your username.
wall, used to send everyone a message in terminal.
Information
whatis command shows short descriptions for commands, run makewhatis to update the whatis database.
Texinfo is a documentation system for software
$ info ls
updatedb - command to update the "locate" database; a file name database.
whereis - a command that searches only known directories / certain paths for files. Doesn't use a database.
man, searches for a particular string in manpages
$ man -k passwd
man [section] page
# man 5 passwd
man commands
1. /keyword - highlight text
apropos - search short descriptions from man pages, allows searching for incomplete commands (whatis won't).
$ apropos ifcon$ whatis ifcon
whatis - returns first line of man pages
if a (tex)info page doesn't exist the manpage will be displayed instead. You will need to download the info doc for that software etc.
man pages are original unix manual pages for commands.
(tex)info pages tend to contain more information than man pages.
man pages can be a better quick source of information than texinfo.
vi commands
1. "/" - finds the next occurance eg. /shane
25G - go to line 25
:q! - quit without saving
:1,30s/test/TEST/g - replace test with TEST in the first 1-30 lines of the file.
:w - write
:w! - force write?
tar
tar, backups web site, c = compress, x = extract
$ tar -cvf www.tar /home/httpd
tar, compress and archive current directory
$ tar zcvf filename.tgz *$ tar cvjf filename file1 file2 file3
tar, lists files in an archive and tests.
$ tar tvf
bunzip2 - can extract bzip2 files directly.
gunzip - can extract gz files directly.
tar, extract using bzip2
$ tar xjf
c = create
f = use archive file or device archive
z = filter the archive through gzip
j = filter archive through bzip2
v = verbose
tar can automatically compress and decompress by filtering it through gzip or bzip2
z = filter the archive through gzip
j = filter archive through bzip2
Environmental Variables
use $HOME to display the HOME path.
sets environmental variables
$ export $HISTSIZE=1000
HOME - home directory
LOGNAME -
LANG
PWD - working directory
HISTSIZE - store the last x commands.
HISTFILE
HISTFILESIZE
PS1 - prompt string 1; allow a user to change default bash shell. via ~/.bash_profile
SHELL - displays current shell (/bin/bash)
Daemons
named - Domain Name System, responds to DNS clients.
dhcpd - DHCP daemon
bind - DNS Server
saned - image scanner daemon
initd - process that starts all other processes
inetd - daemon that manages internet connectivity, ie. telnet etc.
xinetd - Extended internet daemon, replaces inetd.
cupsd - common unix printing system daemon.
lpd - daemon of LPRng (Berkeley) Line Printing (better for enterprise / management?)
Important Files and Directories
/etc/acpi/events/power - configures computer power button
/etc/aliases - sendmail configuration file for email address alisases. run newaliases after updating.
/etc/conf.modules - config file for depmod
/etc/ftpusers - lists users that may not login
/etc/group - user group permissions, used to assign users to groups.
/etc/hosts.equiv - defines trusted remote hosts and user accounts, that can use local services.
/etc/init.d - startup scripts
/etc/inittab - boot init daemon configuration, specify startup run levels, contains settings for virtual console.
/etc/localtime - defaut timezone
/etc/mtab - stored information on mounted file systems
/etc/named.conf - RedHat, DNS Bind configuration, contains DNS forward zones etc.
/etc/nsswitch.conf - "System Database and Name Service Switch Configuration File", order of name lookup.
/etc/pam.d/su - controls authenticatikon of su login
/etc/printcap - contains list of printers to be controlled via lpc.
/etc/resolv.conf - DNS client file where DNS server address is.
/etc/shadow - stores encrypted passwords. natively uses DES encryption, can use MD5.
/etc/shutdown.allow - permissions for non root users to shutdown machine
/etc/skel - default settings for a new user account.
/etc/skel/.bashrc - default template for new users
/etc/skel/bash_profile - default template for new users
/etc/sysctl.conf - sets startup options, ipv4forwarding etc.
/etc/syslog.conf - configuration for the syslog service
/etc/xinet.d/telnet - enables telnet
/usr/doc/ - default location for application documentation.
/usr/doc/HOWTO - documents on commands etc.
/usr/share/doc - additional documentation
/usr/src - kernal source
/var/log/boot(.log) - boot log of services, contains all messages displays at boot time.
/var/log/httpd/error_log - apache error log file, info about forbidden pages etc.
/var/log/message - system / "application" log. This log file can show server crash errors, contains error messages, view if machine can't boot / rebooted etc. Also maintains records of commands used.
/var/named/root.hints - lists internet root name servers.
/var/spool - print spool directory
/proc/filesystem - lists file systems currently mounted / can be mounted.
/proc/ide/hda/settings - information on IDE
/proc/meminfo - information on memory
/proc/cpuinfo - information on cpu
/proc/modules - lsmod
/proc/scsi/device_info - information on scsi
~/.bash_logout - executes commands when the user logs out.
~/.bash_profile - user profile information, allow user change shell and MANPATH page locations etc.
/lib/modules/a.b.c/kernel/drivers - modules for device drivers
Glossary
ACPI, Advanced Control and Power Interface, controls power button functionality.
AES, is a reversible encryption.
agetty, Alternative Linux Terminal, can display remote login etc.
ATAPI, AT Attachment with Packet Interface, standard interface for hard disks (ATA)
BNC Connector, Bayonet Neill-Concelman connector.
CIFS, enhanced SMB protocol.
CMOS, chip is the configurable part of BIOS. BIOS read from CMOS. Complementary metal oxide semiconductor
DES, Data Encryption Standard, uses a 64-bit block cipher, considered insecure (not 3DES / TDES).
DMA Channel, Direct Memory Access Channel, used to cache data from a device. Typically ISA sound cards etc.
EMI, Electromagnetic Interference, can happen if power cables and network cables are too close.
FRU, Field Replaceable Unit, ie. CPU, RAM.A component that can be repaired or replaced without sending the unit back to the manufacturer.
IEEE-1394, firewire port (hot pluggable)
IRQ, Interrupt request, is used to refer to the act of interrupting the bus lines.
kerberos, is a secure authentication method (as opposed to an encryption method)
LBA, Logical block addressing, scheme used for specifying the location of blocks of dat.
MCA, Micro Channel Bus, really old system bus from IBM, may cause issues with Linux.
MD5, hash algorithim with 128-bit hash value.
modular support, a device driver that can get loaded into the kernal (as opposed to being compiled into it), related to linux kernal and loadable modules.
NIS, network information service (YP- yellow pages), client-server directory service protocol, for distributed user configuration, maintains and distributes a central directory of users and groups
PAM, Pluggable authentication modules, mechanism to integrate multiple low-level authentication schemes into a high-level API
portmap, service needed for RPC calls. used by NIS, NFS etc. maps program numbers to servers.
RAS,
SHA / SHA-1, hash algorithim 160-bit "digest value".
SMP, symentric multi processing (dual CPU etc.)
Squid, proxy and internet cache service, can monitor websites accessed by users etc.
Thinnet, 10BASE2, variant of Ethernet that uses coaxial cable (looks like FC), and uses a BNC connector.
xinitd, eXtended InterNET Daemon, more secure version of initd (used in OSX)
Int13h, interrupt 0x13, The original BIOS real-mode INT 0x13 interface supports drives of sizes up to about 504MB, related to SCSI.
Minimal Kernel, Minimal book kernel, a kernal that is "self-contained"; may or may not use ext2.
ATA, a storage interface (SATA). Most PCs / BIOS can handle 4 ATA devices (Primary, Slave, Secondary, Slave).
References
http://en.wikipedia.org/wiki/init - default runlevels for main distro's
http://en.wikipedia.org/wiki/hans_reiser - very funny.
www.suso.org/docs/shell/ssh.sdf - nice tutorial on ssh
http://linuxgazette.net/105/pitcher.html - hard and soft links
