Tech talks: What is Linux?

What is Linux?

Linux® is an open source operating system (OS). An operating system is the software that directly manages a system’s hardware and resources, like CPU, memory, and storage. The OS sits between applications and hardware and makes the connections between all of your software and the physical resources that do the work.

Think about an OS like a car engine. An engine can run on its own, but it becomes a functional car when it’s connected with a transmission, axles, and wheels. Without the engine running properly, the rest of the car won’t work.

The Linux kernel is the main component of a Linux operating system (OS) and is the core interface between a computer’s hardware and its processes. It communicates between the 2, managing resources as efficiently as possible.

The kernel is so named because—like a seed inside a hard shell—it exists within the OS and controls all the major functions of the hardware, whether it’s a phone, laptop, server, or any other kind of computer.

Linux kernel was created as a hobby by Linus Torvalds in 1991

WHAT MAKES LINUX GREAT?

There are many different answers to the question "What makes Linux great?", however, three of them are:

❖ Linux is open source software ⇒ The open source model means that improvements are easier to make, enabling faster innovation.

❖ Linux provides easy access to a powerful and scriptable command-line interface (CLI) ⇒ It enables easier automation, deployment, and provisioning, and simplifies

both local and remote system administration.

❖ Linux is a modular operating system that allows you to easily replace or remove components ⇒ Components of the system can be upgraded and updated as needed

WHAT IS OPEN SOURCE SOFTWARE?

➔ Open source software is software with source code that anyone can use, study, modify, and share.

➔ Source code is open to the public

➔ Source code is the set of human-readable instructions that are used to make a program.

➔ Some software has source code that only the person, team, or organization that created it can see, or change, or distribute. This software is sometimes called "proprietary" or "closed source" software.

➔ Open source software is different. When the copyright holder provides software under an open source license, they grant the user the right to run the program and also to view, modify, compile, and redistribute the source royalty-free to others.

Open source has many benefits for the user:

➢ Control: See what the code does and change it to improve it.

➢ Training: Learn from real-world code and develop more useful applications.

➢ Security: Inspect sensitive code, fix with or without the original developers' help.

➢ Stability: Code can survive the loss of the original developer or distributor.

TYPES OF OPEN SOURCE LICENSES

There is more than one way to provide open source software.

However, to be open source, licenses must allow users to freely use, view, change, compile, and distribute the code.

There are two broad classes of open source license that are particularly important:

➔ Copyleft licenses that are designed to encourage keeping code open source. Common

copyleft licenses include the GNU General Public License (GPL) and the Lesser GNU Public License (LGPL).

➔ Permissive licenses that are designed to maximize code reusability. Users can use the

source for any purpose as long as the copyright and license statements are preserved.

Several commonly used permissive open source licenses include the MIT/X11 license, the Simplified BSD license, and the Apache Software License 2.0.

WHO IS RED HAT?

★ Red Hat is the world's leading provider of open source software solutions.

★ Red Hat's mission is to be the catalyst in communities of customers, contributors, and partners creating better technology the open source way.

Red Hat is most well-known for their participation in the Linux community and the Red Hat

Enterprise Linux distribution.

★ Redhat offers a community product called Fedora. Fedora is a Linux distribution developed by the community-supported Fedora Project which is sponsored primarily by Red Hat, a subsidiary of IBM

★ Redhat offers an Enterprise product called RHEL (Redhat Enterprise Linux)

★ CentOS Stream is a Linux® development platform where open source community members can contribute to Red Hat® Enterprise Linux in tandem with Red Hat developers.

WHAT IS A LINUX DISTRIBUTION?

➔ A Linux distribution is an installable operating system constructed from a Linux kernel and

supporting user programs and libraries.

➔ A distribution provides an easy way for users to install and manage a working Linux system.

➔ In 1991, a young computer science student named Linus Torvalds developed a Unix-like kernel he named Linux, licensed as open source software under the GPL.

➔ The kernel is the core component of the operating system, which manages hardware, memory, and the scheduling of running programs.

➔ Some common Linux Distributions ⇒ Slackware, Ubuntu, SuSe Linux, Fedora, Kali Linux, Debian, CentOS Stream, Amazon Linux, Redhat Enterprise Linux.

Accessing the Command Line

➢ A command line is a text-based interface which can be used to input instructions to a computer system.

➢ The Linux command line is provided by a program called the shell.

➢ What is a shell? A shell is a utility program which acts as an interface between the user and the kernel. User processes would be running here.

Shell also works as an interpreter which translates human language to machine language and vice versa.

➢ The default shell for users in Red Hat Enterprise Linux is the GNU Bourne-Again Shell (bash).

➢ Bash is an improved version of one of the most successful shells used on UNIX-like systems, the Bourne Shell (sh).

Shell Basics

Commands entered at the shell prompt have three basic parts:

● Command to run

● Options to adjust the behavior of the command

● Arguments, which are typically targets of the command

Quiz

1. Which term describes the interpreter that executes commands typed as strings?

a. Command

b. Console

c. Shell

d. Terminal

2. Which term describes the visual cue that indicates an interactive shell is waiting for the

user to type a command?

a. Argument

b. Command

c. Option

d. Prompt

3. Which term describes the part of the command line that adjusts the behavior of a

command?

a. Argument

b. Command

c. Option

d. Prompt

4. Which term describes the name of a program to run?

a. Argument

b. Command

c. Option

d. Prompt

5. Which term describes the part of the command line that specifies the target that the

command should operate on?

a. Argument

b. Command

c. Option

d. Prompt

6. Which term describes the hardware display and keyboard used to interact with a

system?

a. Physical Console

b. Virtual Console

c. Shell

d. Terminal

7. Which term describes one of multiple logical consoles that can each support an

independent login session?

a. Physical Console

b. Virtual Console

c. Shell

d. Terminal

8. Which term describes an interface that provides a display for output and a keyboard

for input to a shell session?

a. Console

b. Virtual Console

c. Shell

d. Terminal

Architecture of Linux

Kernel ==> It is the core/heart of any OS. It can interact with the system H/W directly.

What is the kernel file name? Where does the kernel file reside?

vmlinuz is the name and it resides with the /boot directory

How to see the kernel version? uname -r

Kernel interacts with system H/W using System Calls (are some special 'C' functions)

Shell ==> is a utility program which acts as an interface between the user and the kernel. User processes would be running here.

Shell also works as an interpreter which translates human language to machine language and vice versa.

The default shell in Unix ==> Bourne Shell (sh)

The default shell in Linux ==> Bourne Again Shell (bash)

Unix variants ==> SCO Unix / IBM AIX / HP-UX / Oracle Solaris

Windows vs. Linux

------------------------

1. Windows is proprietary and Linux is Open Source

2. Windows is NOT case sensitive but Linux is 100% case sensitive

3. In Windows the superuser is Administrator but in Unix and Linux, it is root

4. We do use backslash(\) while defining path of a file, but in Linux it is front slash(/)

5. Normal User/Administrator ==> C:\> , in Linux for root ==> # and for normal users ==> $

6. Linux has a single-rooted directory structure but windows has a multi-rooted directory structure

Linux Distribution / Linux Distro ==> Kernel + GNU Utils + Shell

Examples of Linux Distributions ==> Slackware / Oracle Linux / Suse Linux / Ubuntu / Kali

Redhat ==> Redhat Linux [ FREE ] --> 4 / 5 / 6 / 7 / 8 / 9

Enterprise Distribution ==> RHEL [ Redhat Enterprise Linux ] --> RHEL8

Community Distribution ==> Fedora / CentOS / CentOS Stream

Linux Commands

1. Create a user and assign a password

useradd student

passwd student

Check the user is created or not ⇒ id student

To delete a user ⇒

userdel robert

userdel -r robert

2. To switch to a particular user ==> su [ Switch User ]

su student [ It will only switch the UID but not the home directory ]

su - student [ Will change the UID and the Home directory ]

Note: By default, root user will have home directory as /root and non-root users will have home directory within /home

3. To list the files/directories ==> ls

ls -l [ long listing ]

ls -a [ to display hidden files ]

4. To display the current working directory ==> pwd

5. To change to a directory ==> cd <dir_name>

To go to the home directory => cd OR cd ~

6. Symbolic representations ==>

. ==> Current Directory

.. ==> Parent Directory

../.. ==> Parent to Parent directory

- ==> Previous directory

7. cal ==> to display the calendar

cal 2021

cal 12 2021

8. To redirect the output of a command to a file => ls -l /boot > boot.txt

cal 2021 > cal_2021

9. mkdir => To create a directory

mkdir database

cd database [ cd ⇒ change directory ]

mkdir oracle

mkdir mssql

mkdir {oracle,mssql}

mkdir -p database/{oracle,mssql} ⇒ To create the directory structure

10. Create files ⇒

Path ⇒ Absolute Path and Relative Path

/home/student/database/oracle/file1 ⇒ Absolute Path

database/oracle/file1 ⇒ Relative Path

touch ⇒ to create empty file

touch file1 file2 file3 OR touch file{1..3} touch file{1..3}.mp3 touch file{1..3}.{mp3,txt}

cat > file1

hello

<ctrl> + d

cat file1 ⇒ To display the content of the file

>> => Append

cat file1 >> file2 ==> Content of file1 would be appended to file2

11. Copy ⇒ cp <source_path> <dest_path>

cp -r <source_dir> <dest_dir> [ -r stands for recursive ]

Move ==> mv <source_path> <dest_path>

12. To rename a file/directory ⇒ mv

13. To remove a file ⇒ rm

14. To remove an empty directory ⇒ rmdir

15. To remove a directory along with its contents ⇒ rm -r <dir_name>

Assignment :: Executing basic commands:

1. To display the current working directory, the command is:

pwd

The output is as follows.

/home/trg1

2. Display the path and name of your HOME directory.

3. Display the login name using which you have logged into the system

4. Display the hidden files of your current directory.

5. List the names of all the files in your home directory.

6. Using the long listing format to display the files in your directory.

7. List the files beginning with chap followed by any number or any lower case alphabet.

(Example, it should display all files whose names are like chap1, chap2, chap3 …….,

chapa,ahapb,chapc,……..)

8. Give appropriate command to create a directory called C_prog under your home

directory. (Note: Check the directory using ls)

9. Create the following directories under your home directory. (Note: Check using ls)

newdir

newdirectory

10. List the names of all the files, including the contents of the sub directories under your

home directory.

11. Remove the directory called newdirectory from your working directory.

12. Create a directory called temp under your home directory.

13. Remove the directory called newdir under your home directory and verify the above

with the help of the directory listing command.

14. Create another directory directorynew under the temp directory.

15. Change the directory to your home directory.

16. From your home directory, change the directory to directorynew using relative and

absolute path.

17. Remove the directory called c_prog, which is in your home directory.

18. Change to the directory /etc and display the files present in it.

List the names of all the files that begin with a dot in the /usr/bin directory.

20. Create a file first.unix with the following contents.

Hi! Good Morning everybody.

Welcome to the First exercise on UNIX.

Hope you enjoy doing the assignments.

21. Copy the file first.unix in your home directory to first.unics.

(Note: checked using ls, first.unix file also should exist along with first.unics)

22. List the contents of first.unix and first.unics with a single command.

23. Create a new directory under the temp directory.

24. From your home directory, copy all the files to the directory created under the temp

sub directory.

25. Move the file first.unix to the directory temp as second.unix

26. Remove the file called first.unics from the home directory.

27. Change your directory to temp and issue the command rm *. What do you observe?

28. Move all files whose names end with a, c and o to the HOME directory.

29. Copy all files that end with a ‘UNIX’ to the temp directory.

30. Issuing a single command, remove all the files from the directory temp and the

directory itself.

31. Try commands cp and mv with invalid number of arguments and note the results.

32. Use the cat command to create a file friends, with the following data:

Madhu 6966456 09/07/68

Jamil 2345215 08/09/67

Ajay 5546785 01/04/66

Mano 7820022 09/07/68

David 8281292 09/09/60

Simmi 7864563 12/12/70

Navin 2224311 30/05/68

The fields should be separated by a tab.

33. Display contents of the file friends.

34. Copy contents of friends to newfriend without using the cp command.

35. Display contents of the file friends and newfriends in a single command.

36. Find all users currently working on the system and store the output in a file named as

users.

37. Append contents of friends file to the file, users.

38. Display current system date and time and record your observations. How is the time

displayed?

39. Display a calendar for the month and year of your birth.

40. Try following commands and record your observations.

date “+ %”

date “+%m”

date “+%D”

date “+%/%Training Activity”

date “+%Training Activity”

date “+%r”

====================================================================

Introduction to GNOME Desktop Environment

➔ The desktop environment is the graphical user interface on a Linux system.

➔ The default desktop environment in Red Hat Enterprise Linux 8 is provided by GNOME 3.

➔ It provides an integrated desktop for users and a unified development platform on top of a graphical framework provided by either Wayland (by default) or the legacy X Window System.

➔ GNOME Shell provides the core user interface functions for the GNOME desktop environment.

Some More Commands

head ⇒ displays the first 10 lines of a file

head /etc/passwd ⇒ displays first 10 lines

head -n 5 /etc/passwd ⇒ displays first 5 lines

head -5 /etc/passwd ⇒ displays first 5 lines

tail ⇒ displays the last 10 lines of a file

tail /etc/passwd ⇒ displays last 10 lines

tail -n 5 /etc/passwd ⇒ displays last 5 lines

tail -5 /etc/passwd ⇒ displays last 5 lines

wc ⇒ Word count

wc /etc/passwd ⇒ displays no. of lines, words and characters in passwd file

wc -l /etc/passwd ⇒ displays no. of lines in passwd file

wc -w /etc/passwd ⇒ displays no. of words in passwd file

wc -c /etc/passwd ⇒ displays no. of characters in passwd file

wc -lc /etc/passwd ⇒ displays no. of lines and characters in passwd file

Linux File System Hierarchy

➔ All files on a Linux system are stored on file systems, which are organized into a single inverted tree of directories, known as a file-system hierarchy.

➔ This tree is inverted because the root of the tree is said to be at the top of the hierarchy, and the branches of directories and subdirectories stretch below the root.

➔ Linux directory hierarchy has a single rooted inverted tree like structure.

➔ The / directory is the root directory at the top of the file-system hierarchy.

Quiz

1. Which command is used to return to the current user's home directory, assuming the

current working directory is /tmp and their home directory is /home/user?

a. cd

b. cd ..

c. cd .

d. cd *

e. cd /home

2. Which command displays the absolute path name of the current location?

a. cd

b. pwd

c. ls ~

d. ls -d

3. Which command will always return you to the working directory used prior to the

current working directory?

a. cd -

b. cd -p

c. cd ~

d. cd ..

4. Which command will always change the working directory up two levels from the

current location?

a. cd ~

b. cd ../

c. cd ../..

d. cd -u2

5. Which command lists files in the current location, using a long format, and including

hidden files?

a. llong ~

b. ls -a

c. ls -l

d. ls -al

6. Which command will always change the working directory to /bin?

a. cd bin

b. cd /bin

c. cd ~bin

d. cd -bin

7. Which command will always change the working directory to the parent of the current

location?

a. cd ~

b. cd ..

c. cd ../..

d. cd -u1

8. Which command will change the working directory to /tmp if the current working

directory is /home/student?

a. cd tmp

b. cd ..

c. cd ../../tmp

d. cd ~tmp

Managing Links Between File

➔ There are 2 types of links available in linux - Hard Link and Soft Link or Symbolic Link

● It is possible to create multiple names that point to the same file.

● There are two ways to do this: by creating a hard link to the file, or by creating a soft link (sometimes called a symbolic link) to the file.

Hard Link ⇒

➔ Every file starts with a single hard link, from its initial name to the data on the file system.

➔ When you create a new hard link to a file, you create another name that points to that same data.

➔ Hard links can only be created with regular files. We can not use ln command to create a hard link to a directory or special file.

➔ Hard links can not be created across filesystems.

➔ In the hard link, files will have the same i-node number.

Soft Link ⇒

➔ The ln -s command creates a soft link, which is also called a "symbolic link."

➔ Soft links can be created across filesystems.

➔ In the soft link, files will have different i-node numbers.

SUMMARY

In this chapter, you learned:

• Files on a Linux system are organized into a single inverted tree of directories, known as a

filesystem hierarchy.

• Absolute paths start with a / and specify the location of a file in the file-system hierarchy.

• Relative paths do not start with a / and specify the location of a file relative to the current

working directory.

• Five key commands are used to manage files: mkdir, rmdir, cp, mv, and rm.

• Hard links and soft links are different ways to have multiple file names point to the same data.

• The Bash shell provides pattern matching, expansion, and substitution features to help you

efficiently run commands.

Assignment :

Use the date command to display the current time and date.
Display the current time in 12-hour clock time (for example, 11:42:11 AM).

Hint: The format of the string that displays that output is %r.

What kind of file is /home/student/zcat? Is it readable by humans?
Use the wc command and Bash shortcuts to display the size of zcat.
Display the first 10 lines of zcat.
Display the last 10 lines of the zcat file.
Repeat the previous command exactly with three or fewer keystrokes.
Repeat the previous command, but use the -n 20 option to display the last 20 lines in the file.
Use command-line editing to accomplish this with a minimal number of keystrokes.
Use the shell history to run the date +%r command again.
Create a hard link named /home/student/backups/source.backup for the existing

file, /home/student/files/source.file. [ Create any file & directory as per the requirement ]

Verify the link count for the original /home/student/files/source.file and the new linked file, /home/student/backups/source.backup. The link count should be 2 for both files.
Create a soft link named /home/student/tempdir that points to the /tmp directory.
Use the ls -l command to verify the newly created soft link.

Managing Local Users and Groups

➔ A user account is used to provide security boundary for a specific user.

➔ 3 main types of user accounts - superuser [ Privileged user ], system users and regular

users [non-privileged users]

➔ The name of superuser is root and the it has UID 0 and GID 0

➔ Users do NOT interactively login using system user accounts.

➔ id command can be used to display user information

➔ Every user is assigned a unique UID by the OS

➔ User password are stored in a file called /etc/shadow

➔ To create a user, we use the command useradd <username>

➔ By default, the system uses the /etc/passwd file to store user information.

Each line in /etc/passwd file contains information about one user and it contains 7 fields

separated by ':'

username:password(x):UID:GID:GECOS Field:Home Directory:Login Shell

Note : The default shell program for a user, which runs on login (/bin/bash). For a regular user,

this is normally the program that provides the user's command-line prompt. A system user

might use /sbin/nologin if interactive logins are not allowed for that user.

➢ Group ==> A group is a collection of users that need to share access to files and other system resources.

➢ Group passwords are stored in a file called /etc/gshadow

➢ Each group will have a unique GID. root user has a default GID 0

➢ Group information is stored in /etc/group file

➢ To create a group ⇒ groupadd <group_name>

➢ Each line in /etc/group file contains information about one group

groupname:group_password(x):group_id:list_of_group_members

● UID Ranges :

UID 0 is reserved for root user

UID 1-200 is a range of "system users" assigned statically to system processes by Redhat

UID 201-999 is a range of "system users" used by system processes that do not own files in

the filesystem.

UID 1000+ is the range of "regular users"

★ User and group specific default values are stored in /etc/login.defs

★ Primary Group and Secondary Group

a. Whenever we create a user in Linux, a group is also created automatically in the same

name of that user.

b. One user can have only one Primary Group but can have multiple Secondary

Group(s)

● Commands ::

useradd <username> ⇒ creates a user

useradd -c “Linux Admin” -s /bin/sh bob

mkdir /project

useradd -d /project/robert -m robert

userdel <username> ==> deletes a user account but home directory still exists

userdel -r <username> ==> deletes a user account along with the home directory

usermod -c "DevOps Engineer" -s /bin/bash sarah

Create a user called john with a user ID ⇒ 10001

useradd -u 10001 john

How to Lock a User account?

usermod -L(Lock) <username>

usermod -U(Unlock) <username>

When we lock a user account, the /etc/shadow file is updated.

Create a group with a specific group ID==> groupadd -g 10001 hr

Secondary Group assignment ==> usermod -G <group_name> <user_name>

[ -G is for secondary group ]

Primary Group assignment ==> usermod -g <group_name> <user_name>

[ -g is for primary group ]

Guided Lab :

1. Create a group called sysadmin

groupadd sysadmin

2. Create 2 users called john and jane. Set the password to redhat for both users.

useradd john

useradd jane

passwd john

passwd jane

3. john user should have real name as "Cloud Architect" and a default shell as /bin/bash

usermod -c "Cloud Architect" john

4. jane user should have real name as "Automation Engineer" and a default shell as /bin/sh

usermod -c "Automation Engineer" jane

5. sysadmin should be the secondary group for john and jane

usermod -G sysadmin john

usermod -G sysadmin jane

Collaborative Directory Permission ::

Create a directory called /database

Change the Group owner of /database directory to sysadmin

Sysadmin group members should have full access and others should have no access on

/database directory

6. Create a user called cloud-user with a UID 5001. This user should have no interactive shell

access in the system.

useradd -u 5001 cloud-user

usermod -s /sbin/nologin cloud-user

7. Create a group called cloudadmins with a GID 10001

groupadd -g 10001 cloudadmins

8. Store the first 5 lines from the file /etc/passwd into a file called /root/mypass.

head -n 5 /etc/passwd > /root/mypass

9. Lock and unlock the user account cloud-user and notice the changes in /etc/shadow file.

usermod -L cloud-user

usermod -U cloud-user

10. Remove the jane user along with his home directory.

userdel -r jane

Linux Filesystem Permissions

➢ File permissions control access to files.

➢ Files have three user categories to which permissions apply. The file is owned by a user, normally

the one who created the file. The file is also owned by a single group, usually the primary group

of the user who created the file, but this can be changed.

➢ Different permissions can be set for the owning user, the owning group, and for all other users on the system that are not the user or a member of the owning group.

➢ User permissions override group permissions, which override other permissions.

➢ User Types ⇒ Owner(u), Group Owner(g), Others(o)

➢ File Types ⇒

There are 7 Fundamental file types in Linux.

- (Hyphen) ⇒ Ordinary File [ Text file / Audio file / Video file / Binary file / Program file ]

d ⇒ Directory

l ⇒ Sysmbolic Link or Symlink

b ⇒ Block Device file

c ⇒ Character Device file

p ⇒ Named Pipe

s ⇒ Socket file

⇒ file command is used to display the file type

read ⇒ 4 write ⇒ 2 execute ⇒ 1

<file_type><permission_for_owner><permission_for_group_owner><permission_for_others>

rw-rw-r-- ⇒ 664

rwxr--r-- ⇒ 744

Quiz ⇒ Interpreting Linux File System Permission

Which regular file is owned by operator1 and readable by all users?

a. lfile1

b. lfile2

c. rfile1

d. rfile2

Which file can be modified by the contractor1 user?

a. lfile1

b. lfile2

c. rfile1

d. Rfile2

Which file cannot be read by the operator2 user?

a. lfile1

b. lfile2

c. rfile1

d. rfile2

Which file has a group ownership of consultant1?

a. lfile1

b. lfile2

c. rfile1

d. Rfile2

Which files can be deleted by the operator1 user?

a. rfile1

b. rfile2

c. All of the above.

d. None of the above.

Which files can be deleted by the operator2 user?

a. lfile1

b. lfile2

c. All of the above.

d. None of the above

Changing File and Directory Permissions

Grant Permission ⇒ +

Revoke Permission ⇒ -

Assign Permission ⇒ =

chmod command is used to grant / revoke / assign permissions

Use Cases

Grant Read and Write permission for Owner on file1

chmod u+rw file1 OR chmod 600 file1

Grant Read and Execute permission for Group on file1

chmod g+rx file1 OR chmod 650 file1

Grant Read permission to others on file1

chmod o+r file1 OR chmod 654 file1

Instead of giving multiple chmod commands, we could have used a single command

chmod u+rw,g+rx,o+r file1 OR chmod 654 file1

To withdraw Execute permission from all users

chmod ugo-rwx file1 OR chmod a-rwx file

To assign a specific permission

chmod u=w file1 ⇒ will assign only Write permission and remove any existing permission from the owner.

Changing File and Directory User or Group Ownership

We can change the Owner of a file/directory.

chown ⇒ Owner // Group Owner // Owner+Group Owner

chgrp ⇒ Only Group Owner can be changed

mkdir /data

ls -ld /data

chown john /data ⇒ John becomes the owner

chown :dba /data ⇒ dba becomes the group owner keeping Owner intact

chown abid:hr /data ⇒ adid becomes owner and hr becomes group owner

chgrp dba /data ⇒ Will change the group only

The -R (Recursive) option

Can be used with chown // chgrp // chmod command

The -X option

This option is used to grant Execute permission only for Directory

Guided Lab

Create a collaborative directory called /backup

mkdir /backup

Create a group called backupadmin

groupadd backupadmin

Create 2 users called john and jane.

useradd john

useradd jane

Password of all users should be redhat

passwd john

passwd jane

backupadmin is the secondary / supplementary group group for john and jane

usermod -G backupadmin john

usermod -G backupadmin jane

Change the group owner of /backup directory to backupadmin

chgrp backupadmin /backup

Backupadmin group members should have full access on /backup directory

chmod 775 /backup

Other users should have no access to it.

chmod 770 /backup

Managing Default File Permissions

1. When we create a new file or directory, it is assigned initial permissions.

2. There are 2 things that affect these initial permissions - whether we are creating a file or

directory and umask

3. umask is used to set up default permissions.

4. If you create a new directory, the operating system starts by assigning it octal permissions 0777

(drwxrwxrwx). If you create a new regular file, the operating system assigns it octal permissions

0666 (-rw-rw-rw-).

5. You always have to explicitly add execute permission to a regular file.

6. However, the shell session will also set a umask to further restrict the permissions that are initially

set.

7. The umask command without arguments will display the current value of the shell's umask:

8. The system's default umask values for Bash shell users are defined in the /etc/profile and

/etc/bashrc files. Users can override the system defaults in the .bash_profile and .bashrc

files in their home directories.

Normal user's default umask ==> 002

root user's default umask ==> 022

IF THERE IS NO UMASK SET

-----------------------------------------

File Directory

666 777

[ 666 - 002 ] = 664 [ 777 - 002 ] = 775

[ 666 - 022 ] = 644 [ 777 - 022 ] = 755

The initial permission for the directory should be 750. What umask value needs to be set?

umask = 027

[ 666 - 027 ] = 640 [ 777 - 027 ] = 750

Special Permissions

Set UserID (suid) ⇒ Represented by s, numerically 4 ⇒ Implemented on Owner(u)
Set GroupID (sgid) ⇒ Represented by s, numerically 2 ⇒ Implemented on Group(g)
Sticky Bit ⇒ Represented by t, numerically 1 ⇒ Implemented on Others(o)

-rwsr-xr-x. 1 root root 33544 Dec 14 2019 /usr/bin/passwd

Task

====

How many user types are there?

1. What are the 7 fundamental types?

2. Perform the following tasks

a. Create a collaborative directory called /backup

mkdir /backup

b. Create a group called backupadmin & change the group owner of /backup directory to backupadmin

groupadd backupadmin

chgrp backupadmin /backup

ls -ld /backup

c. Create 2 users called john and jane.

useradd john;useradd jane

d. Password of all users should be redhat

e. backupadmin is the supplementary group group for john and jane

usermod -G backupadmin john

usermod -G backupadmin jane

f. backupadmin group members should have full access on /backup directory

chmod 775 /backup

ls -ld /backup

g. Other users should have no access to it.

chmod 770 /backup

h. Ensure that any file/directory created within /backup will have the group owner set to backupadmin automatically.

chmod 2770 /backup

ls -ld /backup

i. Also ensure that only the owner can delete his/her file(s) within the /backup folder.

chmod 3770 /backup

ls -ld /backup

Task

====

1. Login as root user and perform the following tasks :

2. Create a directory called /home/techdocs.

Create a group called techdocs and add 2 users - tech1 and tech2 into it.

techdocs should be the secondary/supplementary group for tech1 and tech2.

3. Change the group ownership of the /home/techdocs directory to the techdocs group.

4. Verify that users in the techdocs group can create and edit files in the /home/techdocs

directory.

5. Set permissions on the /home/techdocs directory. On the /home/techdocs directory,

configure setgid (2), read/write/execute permissions (7) for the owner/user and group, and

no permissions (0) for other users.

6. Verify that the permissions are set properly.

7. Confirm that users in the techdocs group can now create and edit files in the /home/

techdocs directory. Users not in the techdocs group cannot edit or create files in the

/home/techdocs directory. Users tech1 and tech2 are in the techdocs group. User

guest is not in that group.

8. Normal users should have a umask setting that prevents others from viewing or modifying new files and directories.

======================================================================

Startup Scripts

=============

User Specific System Wide

~/.bash_profile /etc/profile

~/.bashrc /etc/bashrc

Other script files available in user’s home directory

~/.bash_history ⇒ This file contains all the commands that we have executed

~/.bash_logout ⇒ This file gets executed once we logout from the system

history ⇒ To display the commands which we have typed

history -c ⇒ To clear history commands from memory

history -d <NO> ⇒ To delete a particular command from the history command output

!<NO> ⇒ To recall a command from history command output

Task

====

Configure startup scripts to perform the following tasks -

a. A global welcome message should be displayed to all users

b. A global alias should be created called cls for the clear command

c. When a tech1 user logs in, it should display the current month calendar, present working directory and current user name. An alias called l should be created for ls -l command.

d. When tech1 user logs out, it should take a backup of /etc/passwd file to /tmp directory as /tmp/passwd.tech1.bak. Before starting the backup process, it should display a message “Backup in progress.. Have patience” and the message should stay for 2 seconds.

e. An hr policy file named hr.pdf should be copied to each user’s home directory.

f. Purge the contents of .bash_history file of tech1 user.

g. Set Up an umask 007 permanently for the tech1 user.

Archiving and Transferring Files

What is Archiving? Combining multiple files into a single file is called archiving.

Archiving and Compressing files are useful when creating backups and transferring data over the network.

tar is an archiving tool. Tar stands Tape Archive.

After creating a tar archive, we can compress the file using gzip, bzip2 or xz compression

Some Common tar options

-c ⇒ Create

-x ⇒ Extract

-t ⇒ List

-f ⇒ file

-p ⇒ Preserve permissions

Command example for creating a tar file

touch file1 file2 file3

tar -cf archive.tar file1 file2 file3 ⇒ To create a tar file called archive.tar

mkdir test

cp archive.tar test

cd test

ls -l

tar -tf archive.tar ⇒ To list the content of archive.tar file

tar -xf archive.tar ⇒ To extract the content of archive.tar file

Compression options

-z, --gzip ⇒ For gzip compression [ .tar.gz ]

-j, --bzip2 ⇒ For bzip2 compression [ .tar.bz2 ]

-J, --xz ⇒ For xz compression [ .tar.xz ]

To create a gzip compressed archive named /root/etcbackup.tar.gz

tar -czf /root/etcbackup.tar.gz /etc

To create a bzip2 compressed archive named /root/etcbackup.tar.gz

tar -cjf /root/etcbackup.tar.bz2 /etc

To create a xz compressed archive named /root/etcbackup.tar.gz

tar -cJf /root/etcbackup.tar.xz /etc

How to list the content of a compressed archive?

tar -tf /root/etcbackup.tar.gz

Extracting a Compressed Archive

mkdir /tmp/etcbackup

cd /tmp/etcbackup

tar -xzf /root/etcbackup.tar.gz

tar -xjf /root/etcbackup.tar.bz2

tar -xJf /root/etcbackup.tar.xz

Transferring files between systems securely

scp ⇒ Secure Copy

sftp ⇒ Secure FTP

scp /etc/hosts <username>@RemoteServerIP:/<dir_name>

scp -r /var/log <username>@RemoteServerIP:/<dir_name>

To interactively upload or download files to or from an SSH server, we can use sftp program

Synchronizing Files between systems Securely

Backup Types :

Full Backup
Differential Backup
Incremental Backup

What is the command to take incremental backup?

rsync ⇒ a fast, versatile, remote (and local) file-copying tool. It copies only the delta changes.

rsync command options

-r ⇒ Recursive

-p ⇒ preserve permissions

-a ⇒ Archive Mode

Task 1 : Create a backup archive called etc.tar for the /etc filesystem and keep the tar file in the /backup directory.

Task 2: Create 3 Compressed archives for /etc filesystem ⇒ etc.tar.gz // etc.tar.bz2 // etc.tar.xz

Task 3: Create password protected encrypted file called passwd.zip for /etc/passwd file

Copy the zip file to /opt directory and unzip and decrypt it

Task 4: Upload a file /etc/hosts to a remote server using sftp. Also download a file from the remote server into your local system.

Task 5 : Synchronize log files as follows -

Create a directory called /tmp/severlogs in Remote Backup Server
Change the permission so that /tmp/severlogs directory becomes world readable & world-writeable. Also ensure that only owner can delete file(s) within /tmp/serverlogs directory.
Synchronize the /var/log directory contents within /serverlogs directory
Create a new log within /var/log/message file using the following command -

logger “Log files synchronized”

After this command, if we run the rsync -av command again, it should copy only the file /var/log/messages

Controlling Services and Daemons

Daemons are services which get started automatically and they continue to run till the system shuts down or are stopped manually by the user. It is a convention for names of many daemon programs to end in the letter d.

Services can be started on demand or automatically at system start-up.

What is the difference between service and daemon?

Managing Services

---------------------------

Upto RHEL6 ⇒ service and chkconfig

To start a service ⇒ service httpd start

To stop a service ⇒ service httpd stop

To display the status of a service ⇒ service status httpd

To put a service in system startup ⇒ chkconfig httpd on

In RHEL7 / RHEL8 ⇒ systemctl

systemctl start httpd ⇒ will start the httpd service

systemctl enable httpd ⇒ will put the httpd service in system startup

systemctl enable --now httpd

systemctl status httpd

systemctl restart httpd

systemctl reload httpd

systemctl is-enabled httpd

systemctl is-active httpd

What is the difference between restart and reload?

In RHEL7/RHEL8, the first process that starts is called ⇒ systemd [ PID ⇒ 1 ]

The systemd daemon manages startup for Linux, including service startup and service

management in general.

Unit configuration files are stored in ⇒ /usr/lib/systemd/system

Task :

Install httpd package ⇒ yum install httpd -y
Start and Enable httpd service ⇒ systemctl enable --now httpd
Check the status of the service ⇒ systemctl status httpd
Note the Unit type and unit configuration file for httpd ⇒ systemctl status httpd
Modify the description within the Unit Config File to “The Apache HTTPD server by AEM Technologies”
Activate the changes by running the command ⇒ systemctl daemon-reload
Monitor the change in description ⇒ systemctl status httpd

Configuring and Securing SSH [ Secure Shell ]

======================================

Access systems remotely ⇒

Remote Desktop Protocol(RDP) ⇒ WIndows System
telnet ⇒ Port 23 ⇒ is a non-secure protocol⇒ clear text data ⇒ unencrypted
ssh ⇒ Port 22 ⇒ Secure Shell ⇒ Secured protocol as it supports encryption

SSH server Profile

Package Name : openssh-server

Daemon : sshd

Port : 22

Config. File : /etc/ssh/sshd_config

➔ Root login is enabled by default in ssh but disabed by default in telnet

➔ The Telnet server package (telnet-server) is not installed by default. The service (xinetd) is also not started by default.

➔ SSH server package (openssh-server) is installed by default and the service (sshd) also gets started by default.

How to disable root login in ssh server?

vim /etc/ssh/sshd_config

PermitRootLogin yes

write no in place of yes

Restart the sshd service

Authentication :: Password Based & Password Less [ Key Based Authentication ]

How to configure Password-less SSH authentication?

Steps :

Generate a key pair - Private key + Public Key

ssh-keygen ⇒ will generate 2 files

.ssh/id_rsa [ Private Key ]

.ssh/id_rsa.pub [ Public Key ]

Transfer the Public key to the remote system

ssh-copy-id root@RemoteSystemIP ⇒ Public Key will be copied within the authorized_keys file

under .ssh folder in the remote system

ssh root@RemoteSystemIP

How to protect the Private Key from unauthorized access?

By providing a passphrase

How can allow/deny specific users access to SSH servers?

vim /etc/ssh/sshd_config

AllowUsers user1

DenyUsers user5

SSH Known_hosts Key Management

.ssh/know_hosts

Scheduling Future Tasks

➔ Sometimes you might need to run a command, or set of commands, at a set point in the future.

➔ Examples include people who want to schedule an email to their boss, or a system administrator

working on a firewall configuration who puts a “safety” job in place to reset the firewall settings in

ten minutes' time, unless they deactivate the job beforehand.

➔ These scheduled commands are often called tasks or jobs, and the term deferred indicates that

these tasks or jobs are going to run in the future.

➔ Single time execution of a task can be achieved by at. The responsible daemon is atd.

➔ Repetitive execution of a task can be achieved by cron. The responsible daemon is crond.

➔ Users (including root) can queue up jobs for the atd daemon using the at command.

➔ The atd daemon provides 26 queues, a to z

Scheduling Deferred User Tasks

Install at package ⇒ yum install at

Start and Enable atd daemon ⇒ systemctl enable --now atd

To schedule an at job ⇒ at TIMESPEC [ /usr/share/doc/at/timespec ]

now ⇒ To execute the job immediately

now +5min ⇒ To execute the job after 5 minutes

now + 4days ⇒ To execute the job after 4 days

teatime tomorrow ⇒ To execute a job tomorrow at 16:00

5pm september 15 2022 ⇒ To execute a job on 15th September at 17:00

at now

at>cal

<ctrl+d>

⇒ Job output will be sent to the mai of the user who scheduled the job

For mailing to happen ⇒

Install mailx and postfix packages ⇒ yum install mailx postfix

Start and Enable postfix server ⇒ systemctl enable --now postfix

To check mail ⇒ mail

atq ⇒ to list the jobs in at queue

atrm <job_id> ⇒ To delete a job from the at queue

To schedule an at job with the g queue ⇒ at -q g teatime

To view the command(s) in the pending job ⇒ at -c <job_id>

To restrict a user(s) from scheduling at job ⇒

vim /etc/at.deny

<user-name>

/etc/at.deny ⇒ if the file exists and if it is empty, then all users are allowed to schedule at job

/etc/at.allow ⇒ if the file exists and if it is empty, then all users are denied to schedule at job

The same will also be applicable for cron ⇒

/etc/cron.allow

/etc/cron.deny

Scheduling Recurring User Jobs

➔ Jobs scheduled to run repeatedly are called recurring jobs.

➔ The crond daemon reads multiple configuration files: one per user (edited with the crontab command), and a set of system-wide files.

Fields in the crontab file appear in the following order:

• Minutes

• Hours

• Day of month

• Month

• Day of week

• Command

man 5 crontab

field allowed values

----- --------------

minute 0-59

hour 0-23

day of month 1-31

month 1-12 (or names, see below)

day of week 0-7 (0 or 7 is Sunday, or use names)

Tasks : Schedule cron jobs as per the following specification -

➔ Shutdown the server at 10:30 PM

➔ Display a message on every 5th September at 9:30 AM ⇒ Happy Teacher’s Day

➔ The following command should be executed at exactly 9 AM on February 2nd, every year

/usr/local/bin/yearly_backup

➔ Send an email containing the text Hello to the owner of the job every 5 minutes between 9 AM and 5 PM on every Friday in September.

➔ Send an email containing the text Hello to the owner of the job between 9:30 AM and 10:30 PM on every Friday in September.

➔ Send an email containing the text Hello to the owner of the job between 9:50 AM and 10:30 PM on every Friday in September.

➔ The following command should be executed every weekday at 2 minutes before midnight

/usr/local/bin/daily_report

➔ Mail the Disk Free Report to admin every weekday at 9 AM

df -Th | mail -s “ Disk Free Report” admin

➔ Redirect the date command output to a file /tmp/date.txt at every 2 minutes between 8 AM an 8 PM on weekdays only.

Package Management

==================

1. To install packages on the server, it needs to be registered and subscribed to redhat.

2. We can also configure a Local Repository Server for testing purposes / POC.

3. What is the purpose of a repo file? This file contains information about the remote repository server.

4. What is the location of the repo file? /etc/yum.repos.d

5. Explain the contents of a repo file

vim rhel8.repo

[rhel8]

name=My RHEL8 server repository

baseurl=http://classroom.example.com/rhel8/dvd

enabled=1

gpgcheck=0

How to Enable a Yum Repository?

yum repolist ⇒ displays the enabled repos

yum repolist all ⇒ displayed enabled & disabled repos

yum config-manager command can be used to enable/disable repos

yum config-manager --enable <repo_name>

6. Package Management tools ⇒

Ubuntu ⇒ apt

RHEL ⇒ rpm // yum // dnf

7. Basic difference between rpm and yum ⇒

rpm does not provide Dependency Resolution

yum provides dependency resolution

8. Package Management Commands :

yum list ⇒ to display the installed & available packages

yum list installed

yum list available

yum list http*

rpm -qa ⇒ To list all installed packages

rpm -qa | grep httpd

rpm -q httpd

To display information about a package

yum info httpd

rpm -qi httpd

How to display the owning package for a file/command?

yum whatprovides /etc/passwd

rpm -qf /etc/passwd

rpm -qf /usr/bin/passwd

List the files in package

rpm -ql setup

Install a package

yum install httpd

rpm -ivh httpd-.....rpm

Remove a package

yum remove httpd

rpm -e httpd

Update the entire system

yum update

Update a specific package

yum update package_name

To list the package groups

yum group list

To install a package group

yum group install “RPM Development Tools”

To remove a package group

yum group remove “RPM Development Tools”

How to view the yum transaction history?

All install and remove transactions are logged in /var/log/dnf.rpm.log

yum history ⇒ it displays a summary of install and remove transactions

yum history info <transaction_id>

How to reverse a yum transaction?

yum history undo <transaction_no>

What is EPEL?

Reference : https://www.redhat.com/en/blog/whats-epel-and-how-do-i-use-it#:~:text=Extra%20Packages%20for%20Enterprise%20Linux,others)%20from%20the%20Fedora%20sources.

Extra Packages for Enterprise Linux (EPEL) is a special interest group (SIG) from the Fedora Project that provides a set of additional packages for RHEL (and CentOS, and others) from the Fedora sources.

What's included with EPEL?

EPEL is a selection of packages from Fedora, but only packages that are not in RHEL or its layered products to avoid conflicts.

How to configure EPEL?

yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

Now you can check to see which packages are available from EPEL:

# yum --disablerepo="*" --enablerepo="epel" list available

So, for example, if you want to install Chromium browser on your RHEL workstation:

# yum install -y chromium

Managing Networking

-------------------------------

Objectives :

Test & inspect current network configuration
Manage network settings and devices using nmcli
Modify network settings by editing configuration files
Configure a server’s static hostname and its name resolution

IP Address ⇒ IP stands for Internet Protocol. An IP Address is a unique address which identifies a device on the internet or local network.

IPv4 ⇒ 32-bit

IPv6 ⇒ 128-bit

Loopback Address ⇒ 127.0.0.1

What is the need for the command ⇒ ping 127.0.0.1 ⇒ This is used to check whether the TCP/IP protocol stack is installed properly or not.

Network Models ⇒

OSI Model ⇒ 7 Layers

Physical⇒DataLink⇒Network⇒Transport⇒Session⇒Presentation⇒Application

TCP/IP Model ⇒ 4 Layers ⇒ Link==>Internet⇒Transport⇒Application

ping command is used for checking Physical Connectivity between systems/devices.

ping uses the protocol called ICMP (Internet COntrol Message Protocol)

What is a MAC address? Physical Address / Burnt-In Address…

Length ⇒ 48-bit ⇒ Vendor_ID(24-bit)+Serial_No(24-bit)

MAC Address works in Data Link Layer

IP Address works in Network Layer

Data Link Layer ⇒ MAC Layer + LLC

Communication Type ⇒

1. Unicast ⇒ One to one

2. Multicast ⇒ One to Many but not all

3. Broadcast ⇒ One to all

Communication Mode ⇒

1. Simplex ⇒ One way only

2. Half-Duplex ⇒ One way at a time

3. Full-Duplex ⇒ Both way

TCP ⇒ Transmission Control Protocol

UDP ⇒ User Datagram Protocol

TCP is connection-oriented , end-to-end connectivity, reliability, guaranteed delivery

UDP is connectionless protocol, not reliable, delivery is not guaranteed

IP Address ⇒ Network+Host ⇒ 4 Octets ⇒ Each octet contains 8 bits

Class A ⇒ N.H.H.H ⇒ 1-126 ⇒ 255.0.0.0 ⇒ /8(CIDR)

Class B ⇒ N.N.H.H ⇒ 128-191 ⇒ 255.255.0.0 ⇒ /16

Class C ⇒ N.N.N.H ⇒ 192-223 ⇒ 255.255.255.0 ⇒ /24

IP ⇒ 172.25.254.100/16 172.25.254.100/24

Subnet Mask ⇒ 255.255.0.0 255.255.255.0

Network Address ⇒ 172.25.0.0/16 172.25.254.0/24

Broadcast Address ⇒ 172.25.254.255

Gateway IP ⇒ 172.25.254.1

Gateway ⇒ an entry and exit point of a network

Network Interface [NIC] ⇒ Names start with the type of interface

en ⇒ Ethernet Interface

wl ⇒ WLAN Interface

ww ⇒ WWAN Interface

Commands ⇒

To display IP information ⇒ ifconfig / ip

Gateway / Routing Table ⇒ route -n / netstat -r / ip route

DNS Server IP ⇒ /etc/resolv.conf

Upto RHEL5 ⇒ network was the script to manage networking components.

service network start ⇒ /etc/init.d/network start

In RHEL7/RHEL8, the networking service is ⇒ NetworkManager

Tracing Routes taken by traffic ⇒ traceroute / tracepath

What is the command to see the opened ports in a system?

netstat -tlpn

ss -tlpn

Which file contains the port (TCP/UDP) nos? ⇒ /etc/services

What is a port?

Is nothing but a communication channel through which a service can listen to.

http ⇒ 80

https ⇒ 443

ftp ⇒ 21(connection) and 20(data)

ssh ⇒ 22

telnet ⇒ 23

Network Manager Concept

NetworkManager is a daemon that monitors and manages network settings.
Command-line and graphical tools talk to NetworkManager and save configuration files in the /etc/sysconfig/network-scripts directory
A device is a network interface.
A connection is a collection of settings that can be configured for a device
Only one connection can be active for any one device at a time

How to display available network connections?

nmcli con show

To display the status of all network devices

nmcli dev status

Adding a network connection

nmcli con add con-name office-net ifname enp0s3 type ethernet ipv4.address 10.10.10.100/24 ipv4.gateway 10.10.10.1

nmcli con show

Modify a connection

nmcli con mod office-net ipv4.method manual ipv4.dns 10.10.10.254

nmcli con show

Interface Configuration Files ⇒

/etc/sysconfig/network-scripts/ifcfg-<interface_name>

Changes through ifconfig are NOT persistent but changes through nmtui/nmcli are persistent because the changes are written within the interface configuration files.

How to set the Hostname of a system?

hostnamectl set-hostname server1.example.com

It is saved within /etc/hostname file

Controlling Access to Files with ACL

1. Standard Linux file permissions are satisfactory when files are used by only a single owner, and a single designated group of people. However, some use cases require that files are accessed with different file permission sets by multiple named users and groups. Access Control Lists (ACLs) provide this function.

2. With ACLs, we can grant permissions to multiple users and groups, identified by user name, group name, UID, or GID, using the same permission flags used with regular file permissions: read, write, and execute. These additional users and groups, beyond the file owner and the file's group affiliation, are called named users and named groups respectively, because they are named not in a long listing, but rather within an ACL.

3. ACL stands for Access Control List

4. ACL can be used to provide user/group specific access on a file/directory

5. To view ACL ⇒ getfacl

6. To set ACL ⇒ setfacl

7. The plus sign(+) at the end of the 10-character permission string indicates that an extended ACL structure with entries exists on the file/directory.

user: Shows the user ACL settings, which are the same as the standard user file settings; rwx.

group: Shows the current group ACL settings, which are the same as the standard user file settings; rwx.

other: Shows the other ACL settings, which are the same as the standard other file settings; no

access.

To set an ACL for a user john and group dba

setfacl -m u:john:rwx /webcontent

setfacl -m g:dba:rwx /webcontent

getfacl /webcontent

To remove ACL for a user / group

setfacl -x u:john /webcontent

setfacl -x g:dba /webcontent

getfacl /webcontent ⇒ ACL Mask still exists

ls -ld /webcontent ⇒ Plus(+) is there

How to remove the ACL along with Mask so that there is no Plus(+) sign?

setfacl -b /webcontent [ The mask can only be deleted if there no other ASLs set)

ACL Mask

The ACL mask defines the maximum set of permissions that we can grant to named users, the

group owner and named groups.

Mask value will define the highest level of access that a user/group will get on a directory/file

How do we set a Mask value?

setfacl -m m:r-x /webcontent ⇒ After setting this Mask value all users/groups will have an

effective permission as Read and Execute only even if they have ACL configured with

RWX permission.

Default ACL

1. To ensure that files and directories created within a directory inherit ACLS, we use Default

ACL on a directory.

2. The directory itself still requires standard ACLs for access control because the default

ACLs do not implement access control for the directory.

How to implement Default ACL on a directory?

setfacl -m d:u:john:rwx /webcontent

How to set a Recursive ACL?

setfacl -R -m d:u:john:rwx /webcontent

How to delete Default ACLs only?

setfacl -k /webcontent

Tasks :

1. Copy the file /etc/fstab to /tmp/fstab

2. Perform the following tasks on /tmp/fstab

a. Owner of /tmp/fstab should be root

b. Group owner of /tmp/fstab should be root

c. john user should be able to write into this file

d. jane should not have any access to this file

3. Create a directory called /shares/content

4. Create a group called developers

5. Create 2 users called developer1 and developer2. Developers should be the supplementary

group for these 2 users.

6. Change the group owner of /shares/content directory to developers.

7. Configure permissions so that developers group members get full access and others get no

access on /shares/content directory.

8. Create a user called devmaster who will have full access to the /shares/content directory.

9. Configure ACL so that developers group members get full access on /shares/content directory

as well as any directory created within this directory in futute.

10. Ensure that any file/directory created inside /shares/content directory have the group owner

set to developers automatically.

11. Also make sure that one user can not delete other member’s file(s) inside /shares/content

Tech talks

Sunday, May 7, 2023

What is Linux?

What's included with EPEL?

No comments:

What is differrence between STP and RSPT ?

Report Abuse