Certification general study notes
certification exams will ask questions in less than obvious ways, you must understand the concepts
----------------
General Linux info:
1) LINUX consists of FILES and PROCESSES
2) LINUX is case sensitive
3) LINUX is not going to tell you that you screwed up or that you're an idiot, you'll figure it out on your own.
4) LINUX is silent (see #3) in most cases - therefore TEST commands BEFORE doing them on things you care about.
5) LINUX is terse, compact and efficient. Commands are going to be missing vowels or letters, get over it.
6) LINUX will continue to support LEGACY commands, but will often let you know they are deprecated.
7) The vi editor will always be there for you, it is called "v" "i".
8) a GUI interface is What You See is ALL you Get (Brian Kernighan) - it is limited and limited in power.
9) Because of #2 there are as many as 52 options with letters alone for commands, learn to use man or --help
--------------------------
The Linux filesystem tree is based on / which is called root.
Under root (or slash) are several directories.
--------------------------------------------------------------------
bin - binaries/commands - often linked to /usr/bin - legacy support
boot - location of Kernels, image files, boot up configurations and startup details
dev - device files - device drivers, special files both block and character, disks, terminals, keyboards, etc.
etc - et cetera... a place for ALL the system configuration files including Apache, Postfix, repositories, etc.
home - user's home directories
lib lib64 - libraries for system, often application libraries will be installed under /usr/lib or /opt/lib
lost+found - a special directory to maintain the file systems - do not use
media - used to mount CDROM, USB or other temporary devices
mnt - can be used to mount devices, legacy use, automount of USB may use /media or /run
opt - optional s/w, may contain add on s/w or local software - YMMV
proc - files representing processes, including PIDs and system tasks
root - root user's home directory
run - files representing processes or values of system states
sbin - binaries/commands (for root or system level use)
selinux - security linux related - not always present
srv - various server/service related functions e.g. ftp, www, etc.
sys - a variety of files representing system processes or values
tmp - temporary directory
usr - system commands, files and libraries, typical: /usr/bin, /usr/lib, /usr/sbin, etc.
var - log files, spools for mail and cron
-----------------------------------------------------
The common directories are categorized as follows:
-----------------------------------------------------
COMMANDS will often be found in:
/bin
/sbin
/usr/bin
/usr/sbin
they may also be found in: /opt or /opt/bin
------------
LIBRARIES and Modules for the system and applications:
/lib
/usr/lib
and sometimes /opt/lib
------------
KERNEL and Bootup files found in:
/boot (some config details of course in /etc)
------------
SYSTEM LOG FILES AND SPOOLS for printing and cron are found in:
/var
------------
Because Linux consists of FILES and PROCESSES, several directories create place holder files with zero
bytes that can be viewed using "cat" to see system processes and details, these directories are:
/media
/proc
/run
/srv
/sys
----------------
----------------
Shell related: global configurations are kept in /etc; user specific in ~/ (home)
----------------
in the /etc directory there will be global configuration files for the shell for all users,
e.g. /etc/bashrc or /etc/profile
in addition there will be templates for new users often found in /etc/skel
in a user's home directory there will often be a .profile and/or a .bashrc
a home directory is often referred to with ~/ (tilde)
a user that is permitted to login will have their customizations in their home directory,
any non-login shell related configurations would be located under /etc along with
other configuration files for the system.
HOWEVEVER, when user logs in, first the system /etc/bash related configuration will
be invoked, and THEN any local user configurations will be invoked... so /etc/bashrc and ~/.bashrc are used.
basic user account details are found in /etc/passwd - a six field : delimited file,
the actual encrypted string for the password is found in /etc/shadow - the file contains passwd aging details.
group information is found in /etc/group
limits on passwd aging, UID and GID values may be found in /etc/login.defs
useradd and adduser both add users - see man pages
commands such as usermod, groupadd and other related commands update files via scripts, but changes can be made manually.
----------------
Help related: man, --help, info , man -k , and apropos
----------------
the default help in Linux is the "man" pages, in newer releases of Linux with advanced
GNU tools there are also the "--help" option. In addition, some distributions will have "info".
one can also use "apropos" or man -k is configured. There are no help commands.
----------------
the vi editor:
remember basic navigation...
h, j, k, l
LEFT, DOWN, UP, RIGHT
puts you in command mode,
hitting letters to insert or append include: i,I, a, A, o, O and may also include the "insert" key - YMMV
to save, type :w to save and quit, hit the escape key, then colon (:), then w and q
or :wq
to quit out without saving you need to do a q bang or: :q!
one does not spell out commands in the ex editor (that's the editor found when you hit :)
There are other ways of using commands, not commonly used - see man vi
-----------------------
FILE PERMISSIONS:
-rwxrwxrwx
-421421421
-uuugggooo
where r=read (4), w=write (2), and x=execute(1)
where u = user (or owner), g = group, and o = other (or world)
to change permission specify the desired OCTAL value, for instance, if I want to
be able to read and edit a file, and have those in my group read a file, but not others then I would:
chmod 640
To make that file executable for me and my group only:
chmod 750
http://johnmeister.com/linux/Notes/chmod-n-other-cmds.html
-------------------------
FILE OWNERSHIP:
chown username file to also change group, then chown username:groupname file
or chgrp groupname file
to do an entire directory: chown -R username:groupname directory (or wildcards within a directory)
-------------------------
scripting notes:
first line is a shell directive, tells the shell to execute commands from this file based on a shell or env, e.g.
#!/bin/bash
would execute all commands in that file as under a bash shell (normal).
when testing conditions one compares values using boolean expressions or numeric values.
If you seek to have a negative condition you'd use a "bang" ! to negate
you can establish a case where you test, if certain conditions exist then certain actions take place.
you can evaluate various conditions of variables using "for", e.g. for the files in a list, then,
do this while, or until...
when in a do loop you can test for and do something:
while - a particular condition exists
or until - a particular condition exists or doesn't exist
(say a numeric value is reached or a file is created)
if you want to pause a script until someone enters data or hits return, use "read"
To make a script execute one may:~/filename
1) execute the script with normal permissions by typing: sh ./filename
2) chmod 744 filename, then execute by typing
3) first chmod and then include ~/ in path env, then type: filename
4) to test if path and execute bits are set, test by: which filename -if found, it'll work
-------------------------
/etc/hosts - records local IP addresses - 127.0.0.1 is necessary for the loopback
/etc/resolv.conf has the name search path and nameserver info, it is often controlled by /etc/sysconfig/network files
/etc/nsswitch.conf points to centralized services or files
-------------------------
The following are the basics of networking, assuming a private, non-routable network of 192.168.1.0
The router address would be 192.168.1.1
The network subnet mask is 255.255.255.0
The broadcast ping address is 192.168.1.255
------------------------------------------------
The local system MUST have an internal loopback address of 127.0.0.1 and it MUST be in /etc/hosts
The local system's IP address will be assigned to the network interface: 192.168.1.22
------------------------------------------------
The network commands are: ifconfig, ping, route, hostname, traceroute, nslookup
------------------------------------------------
# done as root user or using sudo:
# configure device name, IP, netmask, broadcast
ifconfig lan0 192.168.1.22 netmask 255.255.255.0 broadcast 192.168.1.255
# configure default route
# add default gateway
route add default gw 192.168.1.1
# IF the system configuration files are correct one can use ifup and ifdown on an interface.
------------------------------------------------
/etc/sudoers allows users to either execute specific commands as root, or become root without the root passwd.
to add or edit: visudo is the preferred tool
------------------------------------------------
filesystems and drives are managed using fdisk is the drive is less than 2TB,
if greater than 2TB one will use parted or gdisk - GPT fdisk (gdisk) version 0.8.7
------------------------------------------------
-> chkconfig --help
usage:
chkconfig -A|--allservices (together with -l: show all services)
chkconfig -t|--terse [names] (shows the links)
chkconfig -e|--edit [names] (configure services)
chkconfig -s|--set [name state]... (configure services)
chkconfig -l|--list [--deps] [names] (shows the links)
chkconfig -c|--check name [state] (check state)
chkconfig -a|--add [names] (runs insserv)
chkconfig -d|--del [names] (runs insserv -r)
chkconfig -h|--help (print usage)
chkconfig -f|--force ... (call insserv with -f)
chkconfig [name] same as chkconfig -t
chkconfig name state... same as chkconfig -s name state
chkconfig --root= ... use as the root file system
------------------------------------------------
-> systemctl --help
systemctl [OPTIONS...] {COMMAND} ...
Query or send control commands to the systemd manager.
-h --help Show this help
--version Show package version
-t --type=TYPE List only units of a particular type
--state=STATE List only units with particular LOAD or SUB or ACTIVE state
-p --property=NAME Show only properties by this name
-a --all Show all loaded units/properties, including dead/empty
ones. To list all units installed on the system, use
the 'list-unit-files' command instead.
--reverse Show reverse dependencies with 'list-dependencies'
-l --full Don't ellipsize unit names on output
--fail When queueing a new job, fail if conflicting jobs are
pending
--irreversible When queueing a new job, make sure it cannot be implicitly
cancelled
--ignore-dependencies
When queueing a new job, ignore all its dependencies
--show-types When showing sockets, explicitly show their type
-i --ignore-inhibitors
When shutting down or sleeping, ignore inhibitors
--kill-who=WHO Who to send signal to
-s --signal=SIGNAL Which signal to send
-H --host=[USER@]HOST
Show information for remote host
-P --privileged Acquire privileges before execution
-q --quiet Suppress output
--no-block Do not wait until operation finished
--no-wall Don't send wall message before halt/power-off/reboot
--no-reload When enabling/disabling unit files, don't reload daemon
configuration
--no-legend Do not print a legend (column headers and hints)
--no-pager Do not pipe output into a pager
--no-ask-password
Do not ask for system passwords
--system Connect to system manager
--user Connect to user service manager
--global Enable/disable unit files globally
--runtime Enable unit files only temporarily until next reboot
-f --force When enabling unit files, override existing symlinks
When shutting down, execute action immediately
--root=PATH Enable unit files in the specified root directory
-n --lines=INTEGER Numer of journal entries to show
-o --output=STRING Change journal output mode (short, short-monotonic,
verbose, export, json, json-pretty, json-sse, cat)
Unit Commands:
list-units List loaded units
list-sockets List loaded sockets ordered by address
start [NAME...] Start (activate) one or more units
stop [NAME...] Stop (deactivate) one or more units
reload [NAME...] Reload one or more units
restart [NAME...] Start or restart one or more units
try-restart [NAME...] Restart one or more units if active
reload-or-restart [NAME...] Reload one or more units if possible,
otherwise start or restart
reload-or-try-restart [NAME...] Reload one or more units if possible,
otherwise restart if active
isolate [NAME] Start one unit and stop all others
kill [NAME...] Send signal to processes of a unit
is-active [NAME...] Check whether units are active
is-failed [NAME...] Check whether units are failed
status [NAME...|PID...] Show runtime status of one or more units
show [NAME...|JOB...] Show properties of one or more
units/jobs or the manager
set-property [NAME] [ASSIGNMENT...]
Sets one or more properties of a unit
help [NAME...|PID...] Show manual for one or more units
reset-failed [NAME...] Reset failed state for all, one, or more
units
list-dependencies [NAME] Recursively show units which are required
or wanted by this unit or by which this
unit is required or wanted
Unit File Commands:
list-unit-files List installed unit files
enable [NAME...] Enable one or more unit files
disable [NAME...] Disable one or more unit files
reenable [NAME...] Reenable one or more unit files
preset [NAME...] Enable/disable one or more unit files
based on preset configuration
is-enabled [NAME...] Check whether unit files are enabled
mask [NAME...] Mask one or more units
unmask [NAME...] Unmask one or more units
link [PATH...] Link one or more units files into
the search path
get-default Get the name of the default target
set-default NAME Set the default target
Job Commands:
list-jobs List jobs
cancel [JOB...] Cancel all, one, or more jobs
Snapshot Commands:
snapshot [NAME] Create a snapshot
delete [NAME...] Remove one or more snapshots
Environment Commands:
show-environment Dump environment
set-environment [NAME=VALUE...] Set one or more environment variables
unset-environment [NAME...] Unset one or more environment variables
Manager Lifecycle Commands:
daemon-reload Reload systemd manager configuration
daemon-reexec Reexecute systemd manager
System Commands:
default Enter system default mode
rescue Enter system rescue mode
emergency Enter system emergency mode
halt Shut down and halt the system
poweroff Shut down and power-off the system
reboot Shut down and reboot the system
kexec Shut down and reboot the system with kexec
exit Request user instance exit
switch-root [ROOT] [INIT] Change to a different root file system
suspend Suspend the system
hibernate Hibernate the system
hybrid-sleep Hibernate and suspend the system
-----------------------------------
setting up a filesystem (using LVM as well)
http://johnmeister.com/linux/FileSystems/setup-LVM.html
process:
- fdisk -l (see: http://johnmeister.com/linux/FileSystems/newdisk-setup.html )
pvcreate /dev/sd?5
pvdisplay
vgcreate vg199 /dev/sd[c-k]5
vgdisplay
lvcreate -L 303400 vg199
lvdisplay
- mkfs -t ext3 /dev/mapper/vg199-lvol0
- vi /etc/fstab
- add: /dev/vg199/lvol0 /VG199 ext3 defaults 0 0
- mkdir /VG199
- mount -a
- df -h
-----------------------------------
Basic Linux Tasks
-------------------------------------------------------------------------
Users - adduser/useradd/userdel - etc:passwd, shadow, group, skel, motd
file permissions and ownership - chmod, chown
wrapper scripts, date suffix: http://johnmeister.com/linux/Notes/date-suffix.html
create an initrd image - mkinitrd
partitions - fdisk, gdisk, parted, /etc/fstab, mount, umount, mnt, media
xfs - journaled file system created by SGI for IRIX
ext3, ext4 - journaled filesystems
mknod option name type major minor (major/minor related to the bus)
lspci - PCI busses and peripherals
lsusb - usb components
find files - find, locate, whereis, which
updatedb - locate files using whereis
regular expressions - grep, sed, awk
http://johnmeister.com/linux/Notes/sed-examples.html
packages - rpm, yum, apt-get, aptitude, zypper, tar
network - ifconfig, ip addr, ping, nslookup, traceroute, dig, /etc: hosts, resolv.conf, nsswitch.conf, sysconfig/
Redirection:
-----------------------------------------------------
> stdout to a file
>> append stdout to end of file
2> stderr to a file, or 2>/dev/null
2>> append stderr to destination file
&> all output to a file
is 1st value LT 2nd value? =
1st value LT or = to 2nd? sudo cat /etc/sudoers | grep -v ^# | grep -v ^$
Defaults always_set_home
Defaults env_reset
Defaults env_keep = "LANG LC_ADDRESS LC_CTYPE LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER LC_TELEPHONE LC_TIME LC_ALL LANGUAGE LINGUAS XDG_SESSION_COOKIE"
Defaults !insults
Defaults targetpw # ask for the password of the target user i.e. root
ALL ALL=(ALL) ALL # WARNING! Only use this together with 'Defaults targetpw'!
root ALL=(ALL) ALL
luser ALL=(ALL) NOPASSWD: ALL
-----------------------------------------------------
for - items in list - do - done
-----------------------------------------------------
#!/bin/bash
# script with test and loop
TOOL="dmesg bootloader ldd ldconfig dpkg dpkg-reconfigure apt-get apt-cache aptitude rpm rpm2cpio yum yumdownloader bash echo env exec export pwd set unset man uname history cat cut expand fmt head od join nl paste pr sed sort split tail tr unexpand uniq wc cp find mkdir mv ls rm rmdir touch tar cpio dd file gzip gunzip bzip2 tee xargs bg fg jobs kill nohup ps top free uptime killall nice ps renice top grep egrep fgrep sed regex vi fdisk mkfs mkswap du df fsck e2fsck mke2fs debugfs dumpe2fs tune2fs mount umount quota edquota repquota quotaon chmod umask chown chgrp find locate updatedb whereis which type" ; export TOOL
# TOOL="cd mkdir ls" ; export TOOL # used to test loop
#
for x in $TOOL
do
# which $x
# if [^$] if [! x] <--- test?
# echo "builtin command or not found"
# fi
man $x | col -b > man.$x.txt
done
ls -al
-----------------------------------------------------
while - while condition exists - do - done
http://johnmeister.com/linux/Scripts/while-loop.sh.html
http://johnmeister.com/linux/Scripts/do-while-count-loop.txt
-----------------------------------------------------
until - until condition is satisifed - do - done
-----------------------------------------------------
pidof - displays pid of named process
pgrep - displays pid of matching process
ps command
-----------------------------------------------------
PRI - priority - higher numbers, lower priority
NI - nice - higher numbers, less CPU time (lowering nice increases time - CAREFUL, system must be higher)
SIZE - virtual image size
RSS - physical memory in KB
WCHAN - kernel function where the process resides
STAT - status: R - running, T - terminated (stopped), D - dead (asleep & uninterruptible),
S - sleeping, Z - Zombie, N - +nice value
TT - tty associated with proc
PAGEIN - number of major page faults
TRS - resident text size
SWAP - KB swap used
SHARE - shared memory
-----------------------------------------------------
nohup - will keep process going if user is disconnected (think modem) - output to nohup.out
bg - background, fg - foreground, jobs, kill
at - schedule job at the command line to run at a set time
cron - schedule job(s) to occur at specific times, repeatedly...
--> crontab -l
# DO NOT EDIT THIS FILE - edit the master and reinstall.
# (/tmp/crontab.EZv91Z installed on Sun May 10 22:07:58 2015)
# (Cronie version 4.2)
# MIN HOUR DAY MONTH DAYOFWEEK COMMAND
58 23 * * * /home/luser/bin/mkallavi
# 5 6-20 * * * /home/luser/bin/get-map
# */2 7-10 * * * /home/luser/bin/get-map
# */2 14-18 * * * /home/luser/bin/get-map
-----------------------------------------------------
YMMV:
/etc/sysconfig - used for configuration files of startup
- network items like dns and dhcp should be configured in this directory
YMMV: log files:
/var/log/messages - SuSE
/var/log/syslog - not used on SuSE
-----------------------------------------------------
--> sudo cat /etc/rsyslog.conf | grep -v ^# | grep -v ^$
$ModLoad immark.so
$MarkMessagePeriod 3600
$ModLoad imuxsock.so
$RepeatedMsgReduction on
$ModLoad imklog.so
$klogConsoleLogLevel 1
$IncludeConfig /var/run/rsyslog/additional-log-sockets.conf
$IncludeConfig /etc/rsyslog.d/*.conf
if ( \
/* kernel up to warning except of firewall */ \
($syslogfacility-text == 'kern') and \
($syslogseverity <= 4 /* warning */ ) and not \
($msg contains 'IN=' and $msg contains 'OUT=') \
) or ( \
/* up to errors except of facility authpriv */ \
($syslogseverity <= 3 /* errors */ ) and not \
($syslogfacility-text == 'authpriv') \
) \
then /dev/tty10
& |/dev/xconsole
*.emerg :omusrmsg:*
if ($syslogfacility-text == 'kern') and \
($msg contains 'IN=' and $msg contains 'OUT=') \
then -/var/log/firewall
& stop
if ($programname == 'acpid' or $syslogtag == '[acpid]:') and \
($syslogseverity <= 5 /* notice */) \
then -/var/log/acpid
& stop
if ($programname == 'NetworkManager') or \
($programname startswith 'nm-') \
then -/var/log/NetworkManager
& stop
mail.* -/var/log/mail
mail.info -/var/log/mail.info
mail.warning -/var/log/mail.warn
mail.err /var/log/mail.err
news.crit -/var/log/news/news.crit
news.err -/var/log/news/news.err
news.notice -/var/log/news/news.notice
*.=warning;*.=err -/var/log/warn
*.crit /var/log/warn
*.*;mail.none;news.none -/var/log/messages
local0.*;local1.* -/var/log/localmessages
local2.*;local3.* -/var/log/localmessages
local4.*;local5.* -/var/log/localmessages
local6.*;local7.* -/var/log/localmessages
------------------------------------------------------------------
Non-Routable - Private IP ranges:
https://tools.ietf.org/html/rfc1918
RFC 1918 Address Allocation for Private Internets February 1996
3. Private Address Space
The Internet Assigned Numbers Authority (IANA) has reserved the
following three blocks of the IP address space for private internets:
10.0.0.0 - 10.255.255.255 (10/8 prefix)
172.16.0.0 - 172.31.255.255 (172.16/12 prefix)
192.168.0.0 - 192.168.255.255 (192.168/16 prefix)
We will refer to the first block as "24-bit block", the second as
"20-bit block", and to the third as "16-bit" block. Note that (in
pre-CIDR notation) the first block is nothing but a single class A
network number, while the second block is a set of 16 contiguous
class B network numbers, and third block is a set of 256 contiguous
class C network numbers.
------------------------------------------------------------------
|
