Summarization – RH124

Here are the summery that I have been followed in the RH124 course provided by the RedHat in order to complete the RHCSA exam. Here is the content that is being written in the page;

1. Manage Files from the CLI
2. Help in RHEL
3. Work with Text Files
4. Manager Local Users and Groups
5. Control Access to Files
6. Monitor and Manage Linux Processes
7. Control Services and Daemons
8. SSH
9. Analyze Logs
10. Networking
11. Archive and Transfer Files
12. Install and Updates

Missed –> File Structure of Linux System.

1. Manage Files from the CLI

List Files in Linux: Before that

List Files: ls -l
pwd

— create files
touch
cp
vi

— create directories
dir

–file maintenance commands
cp
rm
mv
mkdir
rmdir rm -r
(inside folders also will be removed from the -r and if used -Rf files will be removed forcefully)

chgrp
chown

— examples
touch test-writing
echo “Test writing starts from here” > test-writing
cat test-writing

chown shanuka:shanuka foldername
chgrp shanuka foldername

softlinks and hardlinks
inode – pointer or number of a file on the hard disk
soft link – link will be removed if file is removed or renamed
hard link – deleting renaming or moving the original file will not affect the hard link

ln
ln -s

pwd (print working directory)

touch filename

50TOt3B.bLPQi]o

this is how to create the softlink —>
ln -s /home/Shanuka/filename

when creating a link it starting with l in the file permissions
lrwxrwxrwx

ls -li
(i means inode) inode is the number that Linux system used to remember the filenams

ls -ltri /path/filename

in the softlink the inode number is different in the shortcut and the original file

hard link —->
only works within the same partition
error message says “invalid cross-device link” when trying to create with another partition

ln /path/filename

not showing the point to the shortcut like softlinks, and not showing l letter in the file permissions also,
file is not removing when we deleted it from the original location

—- Input and output redirects —-
there are 3 redirects in Linux
standard input, file descriptor as 0 – stdin
standard output, file descriptor as 1 – stdout
standard error, file descriptor as 2 – stderr

all things in the Linux systems are considered as a file – directory/file/keyboard and mouse input/anything -(check this statement)

stdout
we can save the terminal output using the “>” symbol
when it happens not showing the output in the terminal

ls -l > savedfile1
pwd > savedfile2

to append –
ls -la >> savedfile1

ls -la
shows all the files including the hidden files when “-a” is used
hidden files are starting the filename in . fullstop

stdin

to open a files in a specific applications we could use this feature

cat < file
file is showing from the cat

stderr
ls -l /root 2> errorfile
telnet localhost 2> errorfile

when mentioning 2 which the file stderr file descriptor it will only saved the error logs

—- Pipes | —-
pipe is used by the shell to connect the output of one command directly to the input of another command

ls -ltr | more
ll (similar to the ls -l command)

ll | tail -1
show the last line/file of the list

—- Help Commands —-
3 types of help commands

whatis command
command –help
man command

—- Linux File Editor —-

vi – visual editor
ed – standard line editor
ex – extended line editor
emacs – a full screen editor
pico – beginner’s editor
vim – advanced version of vim

In vi :
i – insert
r – replace (only replace one character)
d – delete (will delete the entire line)
u – undo
x – only delete one character
o – give new line and go the insert mode
d d – when typing d twice in the command it will delete the entire line
/searchword – searchword replace with what you want to search

to save:
Shift + Z Z
ESC, :wq

grep wordtosearch filename
grep name personalinfofile

—- User Account Management —-

commands —->
useradd
groupadd
userdel
groupdel
usermod

files —->
/etc/passwd
/etc/group
/etc/shadow

example:

useradd -g groupname -s /bin/bash -c “user description” -m -d /home/userhome username
groupname, userhome and username can be replaced with whatever name you want.

id username
shows userid, groupid
verification – to verify you can go to /home/ and list the files to check from which names the files were created -this location shows the user’s home directory

cat /etc/group

userdel username
deletes the user

userdel -r username
deletes the home directory also

usermod -G usergroup username
changes the user group to another group

chgrp -R groupname

—— /etc/login.def file —–

chage

• the command is specifically used to set parameters for the password, not for the user modifications

chage -m 5 -M 90 -W 10 -I 99999 -E 99999 shanu
mindays
Maxdays
Warning
Inactive
Expire

—– Switch Users and sudo access —-

su – username
sudo

• sudo use when the user has not access to the root

visudo

• configuration file which lets you to give command permissions to users
• file is /etc/sudoers

usermod -aG wheel username

• to give permissions to users we could add the user to the wheel group which is mentioned in the/etc/sudoers file.

when logging to other user accounts from root, it did not prompted any passwords to authenticated

—– File Permissions —–

Linux multi user system

there are 3 types of persmissons
r – read
w – write
x – execute (running a program)

each permission (rwx) can be controlled at three levels
u – user (yourself)
g – group (can be people in the same project)
o – other (everyone on the system)

file or directory permissions can be displayed using ls -l command

chmod

• command to change permission

U G O
rwxrwxrwx

chmod g-w filename
= removes write permission from the file (g means group)

chmod a-r filename

• removes read permission from all (a means all)

chmod u-w filename

• removes file permission from user (u means user)

chmod u+w filename

• granting write permissions to user

chmod g+rw finemae

• granting read write permissions to group

We require to give executable permissions to view the contents inside the directory using the cd command

— File Ownership —

there are 2 owners of a file or directory

• user and group

command to change file ownership

• chown
• chgrp

Recursive ownership change option
-R

chown root filename

• Change owner to root of a file
• chgrp root filename
• Change group ownership to root of a file

—— Monitor and Manage Linux Processes ——

Application/Service
Script – something written in a file and then packaged it to a way that it will execute
Process – application processes
Daemon – continuously running in background until interrupted
threads – (service -> process -> threads) could be many threads
job – run a service or process at a scheduled time

— Monitor and Manage processes —

df
du
uptime
top
free
lsof
tcpdump
netstat
ps
kill
vmstat
iostat
iftop

df -h

• disk space usage

df -T

• shows the device type like ext4, xfs etc.

du -h

• disk usage/estimate file space usage

du – h | sort -nr | more

• the more tag used to view output as page wise, we can continue using the spacebar
• sorts to the numeric, reverse order
  -h means human readable

uptime

• shows the system uptime

top
htop

free

• shows amount of memory – used and free

free -m

• shown in megabytes

lsof

• list open files

tcpdump

• dumps network traffic

tcpdump -i interfacename

• change the interface name to such as eth0, by getting the interface name from the ip a command

netstat

• print network connections, routing tables and network statistics

netstat -rnv

• prints the routing table with the gateway information

netstat -a

• shows all the connected connections

netstat -tulpn

• shows the current listening ports

netstat -au

• shows all udp connections

netstat -at

• show al tcp connections

ps

• shows the current processes

ps -ef

• shows all processes running in the system

ps -ef | grep processname

• change the processname to a process that you want to get details about

kill

• kill processes

kill -9

• if process is did not getting killed we can mention -9 to kill all the associate processes

vmstat (virtual memory statistics)
iostat (CPU and device I/O statistics)
iftop (display bandwidth usage on an interface)

——- Control Services and Daemons ——

daemons – processes that are running continuously
services are controlled by systemctl
systemctl is a systemd utility responsible for controlling the systemd system and service manager
systemd is a collection of system management daemons, utilities, and libraries which servers as a replacement of System V init daemon
systemd is the parent process of most of the daemons
command to control system services = systemctl

systemctl –version

ps -ef | grep system

• to check systemd is running

systemctl –all

• check all running services

systemctl status | start | stop | restart application.service

• check and start a service

systemctl reload application.service

• reload configuration of a service

systemctl enable | disable application.service

• to enable or disable a service at boot time

systemctl mask | unmask application.service

• to enable or disable a service completely (at boot or manually)

rpm -qa

• list all installed packages in the rpm based Linux system

rpm -qa | wc -l

• get the total of the installed packages

IN DEBIAN —>
apt list –installed

—— Configure and Secure SSH ——-

Secure SSH —->

1. – Configure IDLE timeout interval

First copy the original config file.

edit /etc/ssh/sshd_config
ClientAliveInterval 600
ClientAliveCountMax 0

systemctl restart sshd

press g in the vi text editor to go down in the page

2. – Disable root login

edit /etc/ssh/sshd_config
PermitRootLogin no

systemctl restart sshd

3. – Disable empty passwords

edit /etc/ssh/sshd_config
PermitEmptyPasswors no

systemctl restart sshd

4. – Limit Usres’ SSH Access

edit /etc/ssh/sshd_config
AllowUsers user1 user2

systemctl restart sshd

5. – Use a different port

edit /etc/ssh/sshd_config
Port 22

systemctl restart sshd

6. – SSH Keys – Access Remote Server without Password

Use Cases –
repetitive logins
automation through scripts

Keys are generated at user level

client machine —->

• step 01. generate the key
  ssh-keygen

-step 02. copy the key to the server
ssh-copy-id root@192.168.1.20

• step 03. login from client to server
  ssh root@192.168.1.20
  ssh -l root 192.168.1.20

hostname

• shows the hostname of the Linux system

—– Log Monitoring —–

log directory –> /var/log
boot
chronyd = NTP
cron
maillog
secure
messages
httpd

if you getting any errors when booting up the system, you can find error logs here:
/var/log/boot.log

every time machine getting restarted the file is replaced with the new one

dmesg
cat dmesg

• shows the hardware changes

shows logging and logout information of he all users
/var/log/secure

tail -f /var/log/secure
-f is used to follow what is going with the log file

if any issue found in the machine first thing is to do is to check message log
cat /var/log/messages

the following command will ignore the case sensitivity of the message file
cat /var/log/messages | grep -i error

—— Analyze and store logs —–

Maintaining Accurate Time

• chronyd is NTP service used for time synchronization in the newer Linux systems.

date

• shows the current date and time

timedatectl

• shows the ntp settings also with the current date and time

timedatectl list-timezones

• shows the all timezones

timedatectl set-timezone America/New_York

• set timezone to new York, America

timedatectl set-time HH:MM:SS
timedatectl set-time ‘2021-08-18 20:12:50’

timedatectl set-ntp true

• sync with the ntp server

—- chronyd —–

for time synchronization

rpm -qa | grep chrony

• check package availability

don’t run two ntp services at the same time

• check the ntpd service is running

chronyc

• to run the command

type help in chronyc to get help, it is a interactive command
type sources to get details of the chronyc file

—– Manage Linux Networking —–
nmtui – network manager text ui
nmcli – network manager cli
nm-connection-editor (GUI)
GNOME Settings

ifconfig
ip a

NetworkManager
— is the network manager which manages the network

nmcli

• shows the network interfaces with the ip details

nmcli connection

• shows the adapters

nmcli connection –help
— shows arguments and helps inside the connection

How to set a static IP using nmcli —->

nmcli device

• get details of the network interface

nmcli connection modify ens160 ipv4.address 192.168.1.10/24

nmcli connection modify ens160 ipv4.gateway 192.168.1.1

nmcli connection modify ens160 ipv4.method manual

nmcli connection modify ens160 ipc4.dns 8.8.8.8

nmcli connection down ens160 && nmcli connection up ens160

ip address show ens160

ADD Secondary Static IP using nmcli —->

nmcli device status

nmcli connection show –active

ifconfig

nmcli connection modify ens160 +ipv4.addresses 192.169.10.200

nmcli connection reload

systemctl reboot

—- nmtui —

—- Network files and basic commands —-

files:
/etc/sysconfig/network-scripts
/etc/hosts
/etc/hostname
/etc/resolv.conf

this file is used if you want your system to go to first files, or DNS first.
/etc/nsswitch.conf

commands:
ping
ifconfig or ip
ifup or ifdown
netstat
traceroute
tcpdump
nslookup or dig
ethtool

—- Achieve and transfer files —-

— compress and un-compress files —

tar

• put files into a one container, not compress much as gzip

gzip

• compresses file

gzip -d or gunzip

• uncompressing file

—- achieving —-
tar cvf filename.tar .

• . means everything in the current working directory

tar cvf filename.tar /home/

—- unachieved —-
tar xvf filename.tar

— compressing —-
gzip filename.tar

— uncompress —
gzip -d filename.tar

rm -rf /

• haha dont do that

—- Install FTP server —-

rpm -qa | grep ftp
yum install vsftpd
vi /etc/vsftpd/vsftpd.conf -make a copy first

anonymous_enable=NO
ascii_upload_enable=YES
ascii_download_enable=YES
ftpd_banner=Welcome to FTP service.
use_localtime=YES

—– Install FTP client —–

yum install ftp
su – username
touch filename

— SCP – Secure Copy Protocol —

login as yourself
touch jack
scp jack username@ipaddress/path/you/want/to/copy
enter username and password

—– Install and Software Update —–

yum/dnf or rpm

• dnf command is depreciated

yum update / upgrade

• yum is used in cent-os and apt-get used in other links

/etc/yum.repos.d

• repository location

rpm

• redhat package manager
• used where there is no internet
• only allows to install the packages where yum is help to donwnload the package and install

yum install ntp

• install ntp package
• first check whether the system has already installed the package

rpm -qa | grep ntp

rpm -ihv /tmp/package.rpm

• to install the package locally

rpm -e rpm-package-name

• to remove installed packages

yum remove bind

• ro remove installed packages

—- System upgrade and patch management —–

yum update

• update to the minor versions of Linux

yum update -y

• don’t ask yes

upgrade

• delete old packages and install with newer packages

which ksh

• shows the command installed path

rpm -qf /command/path/extracted/by/which-command

• to verify command own to which package

—- Create local repo from dvd —-

what is local repo?

createrepo

• create repos

mkdir localrepo
df -h (get the cd location)
cd /run/media/user/cd-name

du -sh .

• shows the space on the current folder

df -h

• shows the capacity info in the disks

cp – rv /cd/path/* /to/local/repo-folder

• copy everything from the cd to the folder

rm -rf /ect/yum.repos.d/ (delete current packages)

vi local.repo
[centos]
name=centos7
baseurl=file:///repo-folder/location
enabled=1
gpgcheck=0

createrepo /repo-folder/location

yum clean all

yum repo list all

—- Access Linux file systems —-

ls
cd
pwd
df
du
fdisk
absolute and relative path
tilde ~
. and ..

fdisk -l

• shows more information

absolute path id the direct path which is cd /home/pictures/myfile

and the relative path is going by using the command cd cd cd

cd ~

• directly going to the home directory

—- Analyze servers and get support —

top
free
df
du
fdisk

• check logs /var/log/ directory
• you can get support from the redhat technical support
• to get support run sosreport or “sos report”
• redhat has made web-based application named cockpit to manage and analyze servers

—- cockpit —-

• server administration tool sponsored by RedHat

Install, configure and manage cockpit
-systemctl start cockpit.service