MODULE 1

INTRODUCTION TO LINUX
 What is Operating System?
As per Wikipedia
An operating system is systemsoftware that manages computer hardware and software
resources, and provides common services for computer programs

In simple words
An operating system(OS) is software that acts as a middleman or a bridge between
computer hardware and the computer user. It provides a user interface and controls the
computer hardware so that software can function

Types of Operating Systems:

1. Desktop Operating Systems, e.g., Microsoft Windows, macOS, and Linux such as Ubuntu
2. Server Operating Systems, e.g., Windows Server, Linux distributions like CentOS, Red Hat Enterprise Linux
3. Mobile Operating Systems, e.g., Android, iOS, Windows Mobile
4. Embedded Operating Systems used in devices like routers, smart TVs, automobiles, home appliances etc.
5. Real-Time Operating Systems (RTOS) used in critical systems like medical equipment, car ECUs, aerospace,
defense, network firewalls, home security system etc.
 What is Linux?
• Linux, in simple terms, is a free and open-source operating system
• It’s similar to Windows and macOS, but it's different in several ways
• Linux is very popular for its stability, security, and flexibility. It can be modified and distributed by anyone,
which has led to many different versions, known as "distributions," and each distribution is tailored for
different uses
• Its open-source nature means that a community of developers and users contribute to its development

.iso
 What is Linux?
Why Learn Linux or its importance?

• Widely used in servers and cloud computing

• Free software philosophy
• Strong command line interface
• Faster processing
• Enhanced security
• Customization because of open-source nature
• Community support
• Understanding of other operating systems
• Career opportunities.
 Linux vs. Unix
• Origins and Development:
• Unix: Originated in the 1970s at AT&T's Bell Labs. It was developed by Ken Thompson, Dennis
Ritchie, and others
• Linux: Created in the early 1990s by Linus Torvalds. It's free and open-source, meaningits source
code can be used, modified, and distributed by anyone
• OS Distribution:
• Unix: Solaris, HP-UX, AIX. BSD etc.
• Linux: Red Hat, CentOS, Fedora, Ubuntu, SUSE, Kali etc.
• Licensing and Cost:
• Unix: Generally requires a paid license, especially for commercial use
• Linux: Free to use, modify, and distribute
• Community and Development:
• Unix: Development and updates are controlled by the owning organization
• Linux: Maintained and developed by a global community of developers
• Hardware Support:
• Unix: Traditionally supports less hardware variety compared to Linux
• Linux: Known for its broad hardware support, including both traditional PCs and servers as well
as embedded devices.
 Section 1: Introduction to Linux

Linux Flavors
"Linux flavors" = "Linux distributions" = or "distros" for short

• Ubuntu • openSUSE

• Fedora
• Linux Mint

• Debian • Gentoo

• Red Hat Enterprise Linux (RHEL) • Slackware

• CentOS • Alpine Linux

• Arch Linux • Kali Linux

 Linux Users
Linux is used by a wide range of users and organizations due to its versatility,
stability, and open-source nature.

• Developers
• Educational institutions
• Government agencies
• Enterprise and businesses
• Tech companies
• Cloud and web servers
• Supercomputers and research facilities
• Telecommunications and networking
• Media and entertainment
L INUX VS. W INDOWS
MODULE 2
DOWNLOAD,
INSTALL AND
CONFIGURE
LINUX
 Lab Design
Option 1 Option 2

Virtual Machine Virtual Machine

VMWare player Oracle VirtualBox

Virtualization software Cloud Services

What is Oracle VirtualBox?
• VirtualBox is a free and open-source hypervisor for x86 computers
currently being developed by Oracle Corporation

• It installs on your existing Intel or AMD-based computers, whether

they are running Windows, Mac, Linux or Solaris operating systems.
It extends the capabilities of your existing computer so that it can
run multiple operating systems on one hardware at the same time

Linux Windows MAC

Oracle Virtual Box

Operating System (Windows or MAC)
Hardware
 O RACLE VIRTUAL B OX
D O W N L O A D A N D I NSTALLATION
V M W A R E W ORKSTATION P LAYER

Download, Installation and Configuration

 CentOS vs. CentOS Stream
• Brief history of CentOS

2004
Community Enterprise Operating System

Greg Kurtzer

Red Hat OS

2014
 CentOS vs. CentOS Stream

Before Feb 2021

Fedora  RHEL  CentOS

After Feb 2021

Fedora  CentOS Stream  RHEL

CentOS vs. CentOS Stream

Question???

Is it worth learning CentOS

*** ABSOLUTELY ***

Create Virtual Machine

Virtual Machine

VMWare player Oracle VirtualBox

Virtualization software
 Download and Install Linux (CentOS 7)

• You can use Ubuntu/Kali or any Linux OS

7
(CentOS = Recommended)
• 80% of the Corporate world uses RHEL Virtual Machine

• Regarding CentOS version

• CentOS 7
• CentOS 8 Stream
VMWare player Oracle VirtualBox
• CentOS 9 Stream
Virtualization software
 Download and Install Linux (CentOS 8)

Skip… 8
Virtual Machine
Go back
• Create a VM VMWare player Oracle VirtualBox
• Download CentOS 8 Stream ISO Virtualization software
• Install CentOS 8 Stream
 Download and Install Linux (CentOS 9 Stream)

Go back… 9
Virtual Machine
• Create a VM
• Download CentOS 9 Stream ISO
• Install CentOS 9 Stream
VMWare player Oracle VirtualBox

Virtualization software
 Install Linux on Cloud
Option 2

Skip…
Virtual Machine

Cloud Services
D I FFERENT W AYS TO I NSTALL OS
MODULE 3
LINUX
FUNDAMENTALS
Important Things to Remember in Linux
• Linux has super-user account called root
• root is the most powerful account that can create, modify, delete
accounts and make changes to system configuration files
• Linux is case-sensitive system
• ABC is NOT same as abc
• Avoid using spaces when creating files and directories
• Linux kernel is not an operating system. It is a small software within Linux
operating system that takes commands from users and pass them to system
hardware or peripherals
• Linux is mostly CLI not GUI
• Linux is very flexible as compared to other operating systems.
 Access to Linux System
There are 2 types of access
1. Console
2. Remote

The console is a direct access to an operating system when it is

connected through VGA, HDMI, DVI etc.
 Access to Linux System
The 2nd type of access is remote where you connect to your operating system
remotely over the network

Putty
Client
RDP Sharing

Linux to Linux
SSH [Link]
 Access to Linux System
Important:
Windows 10 or newer version
SSH built-in client

ssh [Link]
 Download and Install Putty
If you are using Windows 10 or newer version
then you do NOT have to download or install Putty
 Download and Install Putty
Putty is a software which allows you to connect from a Windows system to
Linux system remotely

[Link]
Access to Linux fromMAC

• Open a terminal on your MAC

• Run the following command
• # ssh –l User [Link]
 Access Linux via Putty orSSH

[Link]
Linux

Linux

ssh [Link]

ssh –l User [Link]

 Access to Linux via Putty

• The newer version of CentOS might not have the ifconfig command, therefore, use
“ip addr” command instead
• To use ifconfig in 7.5 or later version then run = “yum install net-tools”
Access to Linux via SSH

Linux
 Command Prompts and Getting Prompts Back

• What are command prompts?

• A command prompt, also referred to simply as a prompt, is a short text at
the start of the command line followed by prompt symbol on a command
line interface

username hostname Prompt symbol

• To get your prompt back

• Ctrl + c
 Introduction to Filesystem
• What is a Filesystem?
• It is a system used by an operating system to manage files. The system
controls how data is saved or retrieved

Closet

Shirts Jackets

Accessories Shoes

Pants
Skirts
 Introduction to Filesystem
• What is a Filesystem?
• It is a system used by an operating system to manage files. The system
controls how data is saved or retrieved

Closet

Shirts Jackets

Accessories Shoes

Pants
Skirts
 Introduction to Filesystem
• Operating system stores files and directories in an organized and
structured way
• System configuration file = Folder A
• User files = Folder B
• Log files = Folder C
• Commands or scripts = Folder D and so on

• There are many different types of filesystems. In general, improvements

have been made to filesystems with new releases of operating systemsand
each new filesystem has been given a different name
• e.g. ext3, ext4, xfs, NTFS, FAT etc.
F ILE S YSTEM S TRUCTURE
 File System Structure and its Description
/boot Contains file that is used by the boot loader ([Link])
/root root user home directory. It is not same as /
/dev System devices (e.g. disk, cdrom, speakers, flashdrive, keyboard etc.)
/etc Configuration files
/bin  /usr/bin Everyday user commands
/sbin  /usr/sbin System/filesystem commands
/opt Optional add-on applications (Not part of OS apps)
/proc Running processes (Only exist in Memory)
/lib  usr/lib C programming library files needed by commands and apps
strace -e open pwd
/tmp Directory for temporary files
/home Directory for user
/var System logs
/run System daemons that start very early (e.g. systemd and udev) to store
temporary runtime files like PID files
/mnt To mount external filesystem. (e.g. NFS)
/media For cdrom mounts.
 Navigating File System
• When navigating a UNIX filesystem, there are a few important commands:
"cd”
"pwd”
"ls“

• "cd" stands for change directory. It is the primary command for moving you around the filesystem.
• “pwd” stands for print working directory. It tells you where you current location is.
• “ls” stands for list. It lists all the directories/files within a current working directory
• Using of TAB key to auto-complete
 Linux File orDirectory Properties
Each file or directory in Linux has detail information or properties

Type # of Links Owner Group Size Month Day Time Name

drwxr-xr-x. 21 root root 4096 Feb 27 13:33 var

lrwxrwxrwx. 1 root root 7 Feb 27 13:15 bin

-rw-r—r-- 1 root root 0 Mar 2 11:15 testfile

The second column is the number of hard links to the file. For a
directory, the number of hard links is the number of immediate
subdirectories it has plus its parent directory and itself
Linux File Types
 What is Root?
• There are 3 types of root on Linux system
1. Root account:root is an account or a username on Linux machine and it is the
most powerful account which has access to all commands and files

2. Root as /: the very first directory in Linux is also referred as root directory

3. Root home directory:the root user account also has a directory located in
/root which is called root home directory
Changing Password

• You should change your initial password as soon as you login

Command = passwduserid
Old password: - enter your current password
New password:- enter your new password
Retype new password:- re-enter your new password
File System Paths
• There are two paths to navigate to a filesystem
 Absolute Path
 Relative Path

• An absolute path always begins with a "/". This indicates that the path starts at the root directory. An
example of an absolute path is
cd /var/log/httpd

• A relative path does not begin with a "/". It identifies a location relative to your current position. An
example of a relative path is:
cd /var
cd log
cd httpd
 Creating Files and Directories
• Creating Files
 touch
 cp
 vi

• Creating Directories
 mkdir
Copying Directories
• Command to copy a directory
• cp

• To copy a directory on Linux, you have to execute the “cp” command with the “-R”
option for recursive and specify the source and destination directories to be copied
• cp -R <source_folder> <destination_folder>
 Find Files and Directories

• Two main commands are used to find

files/directories

• find
• locate
 Difference Between find and locate

• locate uses a prebuilt database, which should be regularly

updated, while find iterates over a filesystem to locate files.
Thus, locate is much faster than find , but can be inaccurate
if the database (can be seen as a cache) is not updated

• To update locate database run updatedb

 WildCards

• A wildcard is a character that can be used as a

substitute for any of a class of characters in a
search

• * - represents zero or more characters

• ? - represents a single character
• [] - represents a range of characters
 Soft and Hard Links

• inode = Pointer or number of a file on the hard disk

• Soft Link = Link will be removed if file is removed or renamed
• Hard Link = Deleting renaming or moving the original file will not affect the
hard link

• ln
• ln -s
C O M M A N D S S YNTAX
• Command options and arguments

Commands typically have the syntax:

command option(s) argument(s)

Options:
Modify the way that a command works
Usually consist of a hyphen or dash followed by a single letter
Some commands accept multiple options which can usually be grouped together after a single hyphen

Arguments:
Most commands are used together with one or more arguments
Some commands assume a default argument if none is supplied
Arguments are optional for some commands and required by others
 F ILE P ER MIS S ION S
• UNIX is a multi-user system. Every file and directory in your account can be protected
from or made accessible to other users by changing its access permissions. Every user has
responsibility for controlling access to their files.

• Permissions for a file or directory may be restricted to by types

• There are 3 type of permissions
• r - read
• w - write
• x - exeawke = running a program

• Each permission (rwx) can be controlled at three levels:

• u - user = yourself
• g - group = can be people in the same project
• o - other = everyone on the system

• File or Directory permission can be displayed by running ls –l command

• -rwxrwxrwx

• Command to change permission

• chmod
 Permission Using Numeric Mode
• Permission to a file and directory can also be assigned numerically
• chmod ugo+r FILE
OR
• chmod 444 FILE

-r--r--r--
 Permission Using Numeric Mode
• The table below assigns numbers to permissions types

• chmod 764 FILE

 Permission Using Numeric Mode
• Online calculators can be used as well
F ILE O WN ER S HIP
• There are 2 owners of a file or directory
• User and group

• Command to change file ownership

• chown and chgrp
• chown changes the ownership of a file
• chgrp changes the group ownership of a file

• Recursive ownership change option (Cascade)

• -R
Help Commands

• There are 3 types of help commands

• whatis command
• command –-help
• man command
TAB Completion and Up A r r o w
• Hitting TAB key completes the available commands, files
or directories
• chm TAB
• ls j<TAB>
• cd Des<TAB>

• Hitting up arrow key on the keyboard returns the last

command ran.
Adding Text t o Files ( Redirects)

• 3 Simple ways to add text to a file

• vi
• Redirect command output > or >>
• echo > or >>
 I NPUT A N D O UTPUT R EDIRECTS
• There are 3 redirects in Linux
1. Standard input (stdin) and it has file descriptor number as 0
2. Standard output (stdout) and it has file descriptor number as 1
3. Standard error (stderr) and it has file descriptor number as 2

• Output (stdout)- 1
• By default when running a command its output goes to the terminal
• The output of a command can be routed to a file using > symbol
• E.g. ls -l > listings
pwd > findpath
• If using the same file for additional output or to append to the same file then use >>
• E.g. ls –la >> listings
echo “Hello World” >> findpath.
 I NPUT A N D O UTPUT R EDIRECTS
• Input (stdin) - 0
• Input is used when feeding file contents to a file
• E.g. cat < listings
mail –s “Office memo” allusers@[Link] < memoletter

• Error (stderr) - 2
• When a command is executed we use a keyboard and that is also considered (stdin -0)
• That command output goes on the monitor and that output is (stdout – 1)
• If the command produced any error on the screen then it is considered (stderr – 2)
• We can use redirects to route errors from the screen
• E.g ls –l /root 2> errorfile
telnet localhost 2> errorfile.
 Standard Output to a File (tee)
• “tee” command is used to store and view (both at the same
time) the output of any command
• The command is named after the T-splitter used in plumbing. It
basically breaks the output of a program so that it can be both
displayed and saved in a file. It does both the tasks
simultaneously, copies the result into the specified files or
variables and also display the result.
P IP ES
• A pipe is used by the shell to connect the output of one command directly to
the input of another command.

The symbol for a pipe is the vertical bar ( | ). The command syntax is:

command1 [arguments] | command2 [arguments]

P IP ES

ls -l | more
F ILE M A IN TEN A N C E C O M M A N D S

• cp
• rm
• mv
• mkdir
• rmdir or rm -r
• chgrp
• chown
F ILE D ISPLAY C O M M A N D S

• cat
• more
• less
• head
• tail
 Filters / Text Processors Commands

• cut
• awk
• grep and egrep
• sort
• uniq
• wc
 cut - Text Processors Commands
cut
• cut is a command line utility that allows you to cut parts of lines from specified files or piped data and
print the result to standard output. It can be used to cut parts of a line by delimiter, byte position, and
character

• cut filename = Does not work

• cut --version = Check version
• cut –c1 filename = List one character
• cut –c1,2,4 = Pick and chose character
• cut –c1-3 filename = List range of characters
• cut –c1-3,6-8 filename = List specific range of characters
• cut –b1-3 filename = List by byte size
• cut -d: -f 6 /etc/passwd = List first 6th column separated by :
• cut -d: -f 6-7 /etc/passwd = List first 6 and 7th column separated by :
• ls –l | cut –c2-4 = Only print user permissions of files/dir
 awk - Text Processors Commands
awk
• awk is a utility/language designed for data extraction. Most of the time it is used to extract fields from a
file or from an output

• awk --version = Check version

• awk ‘{print $1}’ file = List 1st field from a file
• ls –l | awk ‘{print $1,$3}’ = List 1 and 3rd field of ls –l output
• ls –l | awk ‘{print $NF}’ = Last field of the output
• awk '/Jerry/ {print}' file = Search for a specific word
• awk -F: '{print $1}' /etc/passwd = Ouput only 1st field of /etc/passwd
• echo "Hello Tom" | awk '{$2="Adam"; print $0}‘ = Replace words field words
• cat file | awk '{$2=“Imran"; print $0}‘ = Replace words field words
• awk 'length($0) > 15‘ file = Get lines that have more than 15 byte size
• ls -l | awk '{if($9 == "seinfeld") print $0;}‘ = Get the field matching seinfeld in /home/User
• ls -l | awk '{print NF}‘ = Number of fields.
 grep/egrep - Text Processors Commands

• What is grep?
• The grep command which stands for “global regular expression print,” processes text line by line
and prints any lines which match a specified pattern

• grep –-version OR grep --help = Check version or help

• grep keyword file = Search for a keyword from a file
• grep –c keyword file = Search for a keyword and count
• grep –i KEYword file = Search for a keyword ignore case-sensitive
• grep –n keyword file = Display the matched lines and their line numbers
• grep –v keyword file = Display everything but keyword
• grep keyword file | awk ‘{print $1}’ = Search for a keyword and then only give the 1st field
• ls –l | grep Desktop = Search for a keyword and then only give the 1st field

• egrep –i “keyword|keyword2” file = Search for 2 keywords.

 sort/uniq - Text Processors Commands

• What are sort and uniq commands?

• Sort command sorts in alphabetical order
• Uniq command filters out the repeated or duplicate lines

• sort –-version OR sort --help = Check version or help

• sort file = Sorts file in alphabetical order
• sort –r file = Sort in reverse alphabetical order
• sort –k2 file = Sort by field number

• uniq file = Removes duplicates

• sort file | uniq = Always sort first before using uniq their line numbers
• sort file | uniq –c = Sort first then uniq and list count
• sort file | uniq –d = Only show repeated lines.
 wc - Text Processors Commands

• What is wc command?
• The command reads either standard input or a list of files and generates: newline count, word
count, and byte count

• wc –-version OR wc --help = Check version or help

• wc file = Check file line count, word count and byte count
• wc –l file = Get the number of lines in a file
• wc –w file = Get the number of words in a file
• wc –b file = Get the number of bytes in a file
• wc DIRECTORY = NOT allowed
• ls –l | wc -l = Number of files
• grep keyword | wc -l = Number of keyword lines.
Compare Files

• diff (Line by line)

• cmp (Byte by byte)
Compress and un-Compress Files

• tar
• gzip
• gzip –d OR gunzip
 Truncate File Size (truncate)
• The Linux truncate command is often
used to shrink or extend the size of a file to
the specified size

• Command
• truncate –s 10 filename
 C OMBINING A N D S PLITTING F ILES

• Multiple files can be combined into one and

• One file can be split into multiple files

• cat file1 file2 file3 > file4

• split file4

• e.g. split –l 300 [Link] childfile

Split [Link] into 300 lines per file and output to childfileaa,
childfileab and childfileac
 Linux vs. W i n d o w s Commands
Command Description Windows Linux
Listing of a directory dir ls -l
Rename a file ren mv
Copy a file copy cp
Move file move mv
Clear screen cls clear
Delete file del rm
Compare contents of files fc diff
Search for a word/string in a file find grep
Display command help command /? man command
Displays your location in the file system chdir pwd
Displays the time time date
MODULE 4
LINUX SYSTEM
ADMINISTRATION
 Linux File Editor
• A text editor is a program which enables you to create and manipulate data
(text) in a Linux file

• There are several standard text editors available on most Linux systems
• vi - Visual editor
• ed - Standard line editor
• ex - Extended line editor
• emacs - A full screen editor
• pico - Beginner’s editor
• vim - Advance version of vi

• Our editor = vi (available in almost every Linux distribution)

Int roduction t o vi Editor

• vi supplies commands for:

• Inserting and deleting text
• Replacing text
• Moving around the file
• Finding and substituting strings
• Cutting and pasting text

• Most common keys:

• i – insert
• Esc – Escape out of any mode
• r – replace
• d – delete
• :q! – quit without saving
• :wq! – quit and save
 Difference Between vi and vim Editor
• As far as functionality is concerned, both editors work in the same manner. Which
editor you choose is a matter of personal choice. Some people recommend learning the
vim editor instead of the vi editor. Due to added features, learning and using vim editor
is much easier than the vi editor.

• Since vim is based on the vi, when you will learn how to use the vim editor, you will
automatically learn how to use the vi editor.

• vim has all the features as vi with some excellent addition

• There's also a comprehensive help system and lots of customization options available.
Difference Between vi and vim Editor
 “vim” Interactive Learning Tools

• There are many websites that offer free vim interactive training:

• [Link]

• [Link]

• [Link] (Games)
 “sed” Command

• Replace a string in a file with a newstring

• Find and delete a line
• Remove empty lines
• Remove the first or n lines in a file
• To replace tabs with spaces
• Show defined lines from a file
• Substitute within vi editor
• And much more…
User Account Management
Commands
• useradd
• groupadd
• userdel
• groupdel
• usermod

Files
• /etc/passwd
• /etc/group
• /etc/shadow

Example:
useradd –g superheros –s /bin/bash –c “user description” –m –d
/home/spiderman spiderman
 The /etc/[Link] File
• The chage command – per user
• Example
chage [-m mindays] [-M maxdays] [-d lastday] [-I inactive] [-E
expiredate] [-W warndays] user

• File = /etc/[Link]

• PASS_MAX_DAYS 99999
• PASS_MIN_DAYS 0
• PASS_MIN_LEN 5
• PASS_WARN_AGE 7
 The chage Command

• The chage command – per user

• Example
chage [-d lastday] [-m mindays] [-M maxdays] [-W warndays] [-I
inactive] [-E expiredate] user

-d = 3. Last password change (lastchanged) : Days since Jan 1, 1970 that password was last changed
-m = 4. Minimum : The minimum number of days required between password changes i.e. the number of days left
before the user is allowed to change his/her password
-M = 5. Maximum : The maximum number of days the password is valid (after that user is forced to change his/her
password)
-W = 6. Warn : The number of days before password is to expire that user is warned that his/her password must be
changed
-I = 7. Inactive : The number of days after password expires that account is disabled
-E = 8. Expire : days since Jan 1, 1970 that account is disabled i.e. an absolute date specifying when the login may no
longer be used.
S w i t c h Users and sudo Access
Commands
• su – username
• sudo command
• visudo

File
• /etc/sudoers
Monitor Users
• who
• last
•w
• finger
• id
Talking t o Users

• users
• wall
• write
 Linux Account Authentication

• Types of Accounts
• Local accounts
• Domain/Directory accounts

Account authentication

User authenticated
Client Server

• Windows = Active Directory

• Linux = LDAP?
Difference between Active Directory, LDAP, IDM, WinBIND,
OpenLDAP etc.

• Active Directory = Microsoft

• IDM = Identity Manager
• WinBIND = Used in Linux to communicate with Windows
(Samba)
• OpenLDAP (open source)
• IBM Directory Server
• JumpCloud
• LDAP = Lightweight Directory Access Protocol
S y s t e m Ut ilit y Commands
• date
• uptime
• hostname
• uname
• which
• cal
• bc
Processes and Jobs

• Application = Service
• Script
• Process
• Daemon
• Threads
• Job
Process / Services Commands

• systemctl or service
• ps
• top
• kill
• crontab
• at.
 systemctl command
• systemctl command is a new tool to control system services
• It is available in version 7 and later and it replaces the service command

• Usage example:
systemctl start|stop|status [Link] (firewalld)
systemctl enable [Link]
systemctl restart|reload [Link]
systemctl list-units --all
 systemctl command
• To add a service under systemctl management:
Create a unit file in /etc/systemd/system/[Link]

• To control system with systemctl

systemctl poweroff
systemctl halt
systemctl reboot
 “ps” command
• ps command stands for process status and it displays all the currently running processes in the
Linux system

Usage examples:
• ps = Shows the processes of the current shell

PID = the unique process ID

TTY = terminal type that the user logged-in to
TIME = amount of CPU in minutes and seconds that the process has been running
CMD = name of the command

• ps –e = Shows all running processes

• ps aux = Shows all running processes in BSD format
• ps –ef = Shows all running processes in full format listing (Most commonly used)
• ps –u username = Shows all processes by username.
 “top” command
• top command is used to show the Linux processes and it provides a real-time view of the running system
• This command shows the summary information of the system and the list of processes or threads which
are currently managed by the Linux Kernel
• When the top command is executed then it goes into interactive mode and you can exit out by hitting q

• Usage: top

PID: Shows task’s unique process id

USER: Username of owner of task
PR: The “PR” field shows the scheduling priority of the process from the perspective of the kernel
NI: Represents a Nice Value of task. A Negative nice value implies higher priority, and positive Nice value means lower priority.
VIRT: Total virtual memory used by the task
RES: Memory consumed by the process in RAM
SHR: Represents the amount of shared memory used by a task
S: This field shows the process state in the single-letter form
%CPU:Represents the CPU usage
%MEM:Shows the Memory usage of task
TIME+: CPU Time, the same as ‘TIME’, but reflecting more granularity through hundredths of a second.
 “top” command
• top –u user1 = shows tasks/processes by user owned
• top then press c = shows commands absolute path
• top then press k = kill a process by PID within top session
• top then M and P = To sort all Linux running processes by Memory usage

Please note:
Top command refreshes the information every 3 seconds
 “kill” command
• kill command is used to terminate processes manually
• It sends a signal which ultimately terminates or kills a particular process or
group of processes

Usage:
kill [OPTION] [PID]
OPTION = Signal name or signal number/ID
PID = Process ID
kill –l = to get a list of all signal names or signal number

Most used signals are:

kill PID = Kill a process with default signal
kill -1 = Restart
kill -2 = Interrupt from the keyboard just like Ctrl C
kill -9 = Forcefully kill the process
kill -15 = Kill a process gracefully
 “kill” command
• Other similar kill commands are:
killall
pkill
 “crontab” command
• Crontab command is used to schedule tasks

Usage:
o crontab –e = Edit the crontab
o crontab –l = List the crontab entries
o crontab –r = Remove the crontab
o crond = crontab daemon/service that manages scheduling
o systemctl status crond = To manage the crond service

o Create crontab entry by scheduling a task:

crontab –e
schedule, echo “This is my first crontab entry” > crontab-entry
 “at” command
• at command is like crontab which allows you to schedule jobs but only once
• When the command is run it will enter interactive mode and you can get out by pressing Ctrl D

Usage:
o at HH:MM PM = Schedule a job
o atq = List the at entries
o atrm # = Remove at entry
o atd = at daemon/service that manages scheduling
o systemctl status atd = To manage the atd service

• Create at entry by scheduling a task:

at 4:45PM  enter
echo “This is my first at entry” > at-entry
Crtl D
 “at” command

Other future scheduling format:

o at 2:45 AM 101621 = Schedule a job to run on Oct 16th, 2021 at 2:45am

o at 4PM + 4 days = Schedule a job at 4pm four days from now
o at now +5 hours = Schedule a job to run five hours from now
o at 8:00 AM Sun = Schedule a job to 8am on coming Sunday
o at 10:00 AM next month = Schedule a job to 10am next month
 Additional Cron Jobs
• By default, there are 4 different types of cronjobs
• Hourly
• Daily
• Weekly
• Monthly
• All the above crons are setup in
• /etc/cron. (directory)
• The timing for each are set in
• /etc/anacrontab -- except hourly
• For hourly
• /etc/cron.d/0hourly
 Process Management
• Background = Ctrl-z, jobs and bg
• Foreground = fg
• Run process even after exit = nohup process &
OR = nohup process > /dev/null 2>&1 &
• Kill a process by name = pkill
• Process priority = nice (e.g. nice –n 5 process)
The niceness scalegoesfrom -20 to 19. The lowerthe number more priority that task gets
• Process monitoring = top
• List process = ps.
S y s t e m Monitoring

• top
• df
• dmesg
• iostat 1
• netstat
• free
• cat /proc/cpuinfo
• cat /proc/meminfo
 Log Monitoring
Another and most important way of system administration is log monitor

Log Directory = /var/log

• boot
• chronyd = NTP
• cron
• maillog
• secure
• messages
• httpd
 Sy stem Maintenance Commands

• shutdown
• init 0-7
• reboot
• halt
 Changing Sy st em Hostname

• hostnamectl – set-hostname newhostname

• Version 7 = Edit /etc/hostname

• Version 6 = Edit /etc/sysconfig/network
Finding Sy st em Information

• cat /etc/redhat-release
• uname –a
• dmidecode
 System Architecture
• Differences between a 32-bit and 64-bit CPU
A big difference between 32-bit processors and 64-bit processors is the number of
calculations per second they can perform, which affects the speed at which they can
complete tasks. 64-bit processors can come in dual core, quad core, six core, and eight core
versions for home computing. Multiple cores allow for an increased number of calculations per
second that can be performed, which can increase the processing power and help make a
computer run faster. Software programs that require many calculations to function smoothly
can operate faster and more efficiently on the multi-core 64-bit processors

• Linux = arch
• Windows = My computer  Properties
Terminal Control Keys
Several key combinations on your keyboard usually have a special effect on the terminal.

These "control" (CTRL) keys are accomplished by holding the CTRL key while typing the second key.
For example, CTRL-c means to hold the CTRL key while you type the letter "c".

The most common control keys are listed below:

• CTRL-u - erase everything you've typed on the command line

• CTRL-c - stop/kill a command
• CTRL-z - suspend a command
• CTRL-d - exit from an interactive program (signals end of data).
 Terminal Commands
• clear
Clears your screen

• exit
Exit out of the shell, terminal or a user session

• script
The script command stores terminal activities in a log file that can be
named by a user, when a name is not provided by a user, the default
file name, typescript is used
 Recover Root P assw ord

• Restart your computer

• Edit grub
• Change password
• reboot
CentOS / Red Hat 9

[Link]
 SOS Report

• What is SOS Report?

• Collect and package diagnostic and support data

• Package name
• sos-version

• Command
• sosreport
 Environment Variables
• What are environment variables?
• An environment variable is a dynamic-named value that can affect the way
running processes will behave on a computer. They are part of the environment
in which a process runs.
• In simple words: set of defined rules and values to build an environment
• E.g.

Playroom
Bedroom

Kitchen

Dining Room
 Environment Variables
• To view all environment variables
• printevn OR env
• To view ONE environment variable
• echo $SHELL
• To set the environment variables
• export TEST=1
• echo $TEST
• To set environment variable permanently
• vi .bashrc
• TEST=‘123’
• export TEST
• To set global environment variable permanently
• vi /etc/profile or /etc/bashrc
• Test=‘123’
• export TEST
Special Permissions with setuid, setgid and sticky bit
• All permissions on a file or directory are referred as bits

-r w x r w x r w x

bits chmod

Users Groups Others

Not actual commands
• There are 3 additional permissions in Linux
• setuid: bit tells Linux to run a program with the effective user id of the owner instead of the
executor: (e.g. passwd command)  /etc/shadow
• setgid: bit tells Linux to run a program with the effective group id of the owner instead of the
executor: (e.g. locate or wall command)
Please note: This bit is present for only files which have executable permissions

• sticky bit: a bit set on files/directories that allows only the owner or root to delete those files
Special Permissions with setuid, setgid and sticky bit

• To assign special permissions at the user level

• chmod u+s [Link]
Please note:
• To assign special permissions at the group level These bits work on c
• chmod g+s [Link] programming executables not
on bash shell scripts
• To remove special permissions at the user or group level
• chmod u-s [Link]
• chmod g-s [Link]

• To find all executables in Linux with setuid and setgid permissions

• find / -perm /6000 -type f

Sticky bit
• It is assigned to the last bit of permissions
-r w x r w x r w t

• Why? Example of /tmp directory

Special Permissions with setuid, setgid and sticky bit
Lab exercise:
• Become root and create a directory allinone in / = mkdir /allinone
• Assign all rwx permissions to that directory = chmod 777 /allinone
• Become User and create directory inside of /allinone = mkdir imrandir
• Give all rwx permissions to that directory = chmod 777 imrandir
• Create 3 files in that directory = touch a b c
• Open another terminal and login as spiderman
• Go to /allinone directory and delete imrandir directory = rm –rf imrandir
• You will see the directory is deleted
• Now become root again and assign sticky bit permission to /allinone = chmod +t /allinone
• Become User and create directory again inside of /allinone = mkdir imrandir
• Give all rwx permissions to that directory = chmod 777 imrandir
• Create 3 files in that directory = touch a b c
• Become spiderman user again
• Go to /allinone directory and try to delete imrandir directory = rm –rf imrandir
• Now as spiderman you cannot delete the directory
MODULE 5
NETWORKING, SERVICES AND SYSTEM UPDATES
Internet Access to VM
• Open Virtualbox Manager
• Select the machine you cannot get internet on in the left pane
• Click the Settings button in the top menu
• Click Network in the left pane in the settings window
• Switched to Bridged Adaptor in the Attached to drop-down menu
• Hit OK to save your changes
• Start your VM
Network Components

• IP
• Subnet mask
• Gateway
• Static vs. DHCP

• Interface
• Interface MAC.
Network Files and Commands
• Interface Detection
• Assigning an IP address
• Interface configuration files
• /etc/[Link]
• /etc/hostname
• /etc/sysconfig/network
• /etc/sysconfig/network-scripts/ifcfg-nic
• /etc/[Link]

• Network Commands
• ping
• ifconfig
• ifup or ifdown
• netstat
• tcpdump
 NIC Information

NIC = Network Interface Card

Example:
ethtool enp0s3

Other NICs
lo = The loopback device is a special interface that your computer uses to communicate
with itself. It is used mainly for diagnostics and troubleshooting, and to connect to servers
running on the local machine

virb0 = The virbr0, or "Virtual Bridge 0" interface is used for NAT (Network Address
Translation). Virtual environments sometimes use it to connect to the outside network
 NIC Bonding

NIC = Network Interface Card (PC or laptop)

NIC(Network Interface Card) bonding is 2G

also known as Network bonding. It can 1G + 1G
be defined as the aggregation or
combination of multiple NIC into a
single bond interface.
Redundancy High Availability
It’s main purpose is to provide high Link Aggregation
availability and redundancy
 NIC Bonding Procedure
• modprobe bonding
• modinfo bonding
• Create /etc/sysconfig/network-scripts/ifcfg-bond0
• Edit /etc/sysconfig/network-scripts/ethernet1
• Edit /etc/sysconfig/network-scripts/ethernet2

nic1

nic2
bond0

• Restart network = systemctl restart network

 New Network Utilities
What we will learn in this lecture…

• Getting started with NetworkManager

• Network configuration methods
• nmtui
• nmcli
• nm-connection-editor
• GNOME Settings.
 New Network Utilities
 Getting started with NetworkManager
• NetworkManager is a service that provides set of tools designed specifically to make it easier to
manage the networking configuration on Linux systems and is the default network management
service on RHEL 8
• It makes network management easier
• It provides easy setup of connection to the user
• NetworkManager offers management through different tools such as GUI, nmtui, and
nmcli.
 New Network Utilities
 Network configuration methods
• nmcli – Short for network manager command line interface. This tool is useful when access to a
graphical environment is not available and can also be used within scripts to make network
configuration changes
• nmtui – Short for network manager text user interface. This tool can be run within any terminal
window and allows changes to be made by making menu selections and entering data
• nm-connection-editor - A full graphical management tool providing access to most of the
NetworkManager configuration options. It can only be accessed through the desktop or console
• GNOME Settings - The network screen of the GNOME desktop settings application allows basic
network management tasks to be performed

• Let’s practice in our Linux machine…

 Manage Linux Networking

 Using nmcli to configure static IP

• # nmcli device (Get the listing of network interface)

• # nmcli connection modify enp0s3 [Link]

[Link]/24

• # nmcli connection modify enp0s3 [Link]

[Link]

• # nmcli connection modify enp0s3 [Link]

manual

• # nmcli connection modify enp0s3 [Link]

[Link]

• # nmcli connection down enp0s3 && nmcli

connection up enp0s3

• # ip address show enp0s3

 Manage Linux Networking

 Adding secondary static IP using nmcli

• # nmcli device status

• # nmcli connection show –active

• # ifconfig

• # nmcli connection modify enp0s3 +[Link]

[Link]/24

• # nmcli connection reload

• # systemctl reboot

• # ip address show
 System Updates and Repos

• yum (CentOS), apt-get (other Linux)

• rpm (Redhat Package Manager)
 Download Files or Apps
• Example of Windows browser

• Linux = wget

• Example in Linux:
wget [Link]

• Why???
Most of the servers in corporate
environment do NOT have internet access
 curl and ping Commands
• Example of Windows browser

• Linux = curl
• Linux = ping

• Example in Linux:
curl [Link]
curl –O [Link]

ping [Link]
 FTP – File Transfer Protocol
• The File Transfer Protocol is a standard network protocol used for the transfer of
computer files between a client and server on a computer network. FTP is built
on a client-server model architecture using separate control and data
connections between the client and the server. (Wikipedia)

• Protocol = Set of rules used by computers to communicate

• Default FTP Port = 21

• For this lecture we need 2 Linux machines

• Client = MyFirstLinuxVM
• Server = LinuxCentOS7
 FTP – File Transfer Protocol

Client = A Server = B

FTP

ftpd = 21
 FTP – File Transfer Protocol
• Install and Configure FTP on the remote server
• # Become root
• # rpm –qa | grep ftp
• # ping [Link]
• # yum install vsftpd
• # vi /etc/vsftpd/[Link] (make a copy first)

• Find the following lines and make the changes as shown below:
• ## Disable anonymous login ##
• anonymous_enable=NO

• ## Uncomment ##
• ascii_upload_enable=YES
• ascii_download_enable=YES

• ## Uncomment - Enter your Welcome message - This is optional ##

• ftpd_banner=Welcome to UNIXMEN FTP service.

• ## Add at the end of this file ##

• use_localtime=YES

• # systemctl start vsftpd

• # systemctl enable vsftpd
• # systemctl stop firewalld
• # systemctl disable firewalld
• # useradd User (if the user does not exist).
 FTP – File Transfer Protocol
• Install FTP client on the client server
• # Become root
• # yum install ftp
• # su – User
• $ touch kruger

• Commands to transfer file to the FTP server:

• ftp 192.168.1.x
• Enter username and password
• bi
• hash
• put kruger
• bye.
 SCP – Secure Copy Protocol
• The Secure Copy Protocol or “SCP” helps to transfer computer files securely
from a local to a remote host. It is somewhat similar to the File Transfer Protocol
“FTP”, but it adds security and authentication

• Protocol = Set of rules used by computers to communicate

• Default SCP Port = 22 (same as SSH)

• For this lecture we need 2 Linux machines

• Client = MyFirstLinuxVM
• Server = LinuxCentOS7
 SCP – Secure Copy

Client = A Server = B
ssh
scp

sshd = 22
 SCP – Secure Copy
• SCP commands to transfer file to the remote server:

• Login as yourself (User)

• touch jack
• scp jack User@192.168.1.x:/home/User
• Enter username and password
 rsync – Remote Synchronization
• rsync is a utility for efficiently transferring and synchronizing files within the
same computer or to a remote computer by comparing the modification times
and sizes of files

• rsync is a lot faster than ftp or scp

• This utility is mostly used to backup the files and directories from one server to
another

• Default rsync Port = 22 (same as SSH)

• For this lecture we need 2 Linux machines

• Client = MyFirstLinuxVM
• Server = LinuxCentOS7
rsync – Remote Synchronization

Client = A Server = B
ssh
rsync

2M 2M 2M sshd = 22

8M 8-2 = 6 8M
20M 20-8 = 12 20M
 rsync – Remote Synchronization
• Basic syntax of rsync command
• # rsync options source destination

• Install rsync in your Linux machine (check if it already exists)

• # yum install rsync (On CentOS/Redhat based systems)
• # apt-get install rsync (On Ubuntu/Debian based systems)

• rsync a file on a local machine

• $ tar cvf [Link] . (tar the entire home directory (/home/User)
• $ mkdir /tmp/backups
• $ rsync -zvh [Link] /tmp/backups/

• rsync a directory on a local machine

• $ rsync -azvh /home/User /tmp/backups/

• rsync a file to a remote machine

• $ mkdir /tmp/backups (create /tmp/backups dir on remote server)
• $ rsync -avz [Link] User@192.168.1.x:/tmp/backups

• rsync a file from a remote machine

• $ touch serverfile
• $ rsync -avzh User@192.168.1.x:/home/User/serverfile /tmp/backups
 System Upgrade/Patch Management

• Two type of upgrades yum update vs. upgrade

Major version = 5, 6, 7
Minor version = 7.3 to 7.4 upgrade = delete packages

Major version = yum command update = preserve

Minor version = yum update

Example:
yum update –y
 C R EA TE L OCAL R EPOSITORY FROM D V D

• What is local repository?

Repos
Repos

Redhat or CentOS
Linux repository
Server

• Command
createrepo
 Advance Package Management
• Installing packages
• Upgrading
• Deleting
• View package details information
• Identify source or location
information
• Packages configuration files
 Rollback Updates and Patches

• Virtual machine
• Physical machine

• Rollback a package or patch

• yum install <package-name>
• yum history undo <id>

• Rollback an update
• Downgrading a system to minor version (ex: RHEL7.1 to RHEL7.0) is not
recommended as this might leave the system in undesired or unstable state

• yum update= Update will preserve them

• yum upgrade = Upgrade will delete obsolete packages
• yum history undo <id>
 S S H A N D T ELNET
• Telnet = Un-secured connection between computers
• SSH = Secured

• Two type of packages for most of the services

• Client package
• Server package

Server SSH Client

ntp
Client Server
DNS = Domain Name System
• Purpose?
Hostname to IP (A Record)
IP to Hostname (PTR Record)
Hostname to Hostname (CNAME Record)

• Files
/etc/[Link]
/var/named

• Service
systemctl restart named
 Download, Install and Configure DNS
• Create a snapshot of your virtual machine
• Setup:
• Master DNS
• Secondary or Slave DNS
• Client

• Domain Name = [Link]

• IP address = My local IP address on enp0s3

• Install DNS package

• yum install bind bind-utils –y

• Configure DNS (Summary)

• Modify /etc/[Link]
• Create two zone files ([Link] and [Link])
• Modify DNS file permissions and start the service

• Revert back to snapshot

 H O S T N A M E / I P L OOKUP

• Commands used for DNS lookup

• nslookup
• dig
NTP
• Purpose?
Time synchronization

• File
/etc/[Link]

• Service
systemctl restart ntpd

• Command
ntpq
 chronyd
• Purpose? = Time synchronization
• Package name = chronyd
• Configuration file = /etc/[Link]
• Log file = /var/log/chrony
• Service = systemctl start/restart chronyd
• Program command = chronyd.
 New System Utility Command (timedatectl)

• The timedatectl command is a new utility for RHEL/CentOS 7/8 based distributions, which comes as a
part of the systemd system and service manager
• It is a replacement for old traditional date command

• The timedatectl command shows/change date, time, and timezone

• It synchronizes the time with NTP server as well
• You can either use chronyd or ntpd and make the ntp setting in timedatectl as yes
• Or you can use systemd-timesyncd daemon to synchronize time which is a replacement for ntpd and
chronyd

Please note:
Redhat/CentOS doesnot provide this daemon in its standard repo. You will have to download it separately.
 New System Utility Command (timedatectl)
Lab exercise:
• To check time status
• timedatectl

• To view all available time zones

• timedatectl list-timezones

• To set the time zone

• timedatectl set-timezone “America/New_York“

• To set date
• timedatectl set-time YYYY-MM-DD

• To set date and time

• timedatectl set-time '2015-11-20 [Link]’

• To start automatic time synchronization with a remote NTP server

• timedatectl set-ntp true.
 Sendmail - OLD

• Purpose?
Send and receive emails

• Files
/etc/mail/[Link]
/etc/mail/[Link]
/etc/mail

• Service
systemctl restart sendmail

• Command
mail –s “subject line” email@[Link]
 Sendmail
• Sendmail is a program in Linux operating systems that allows
systems administrator to send email from the Linux system

• It uses SMTP (Simple Mail Transfer Protocol)

• SMTP port = 25

• It attempts to deliver the mail to the intended recipient immediately

and, if the recipient is not present, it queues messages for later
delivery.
 Sendmail
• Sendmail installation and configuration
• # su – (Login as root)
• # rpm –qa | grep sendmail (verify if it is already installed)
• # yum install sendmail sendmail-cf
• # vi /etc/mail/[Link]
• # systemctl start sendmail
• # systemctl enable sendmail
• # systemctl stop firewalld
• # systemctl disable firewalld
 Web Server (httpd)
• Purpose = Serve webpages

• Service or Package name = httpd

• Log Files = /var/log/httpd/
• Files = /etc/httpd/conf/[Link]
= /var/www/html/[Link]

• Service
systemctl restart httpd
systemctl enable httpd
 C EN TR A L L OGGER ( RSYSLOG )

• Purpose = Generate logs or collect logs from other servers

Client
• Service or package name = rsyslog

• Configuration file= /etc/[Link]

• Service Client Server Client

systemctl restart rsyslog

systemctl enable rsyslog

Client
 Linux OS Hardening
• User Account
• Remove un-wanted packages
• Stop un-used Services
• Check on Listening Ports
• Secure SSH Configuration
• Enable Firewall (iptables/firewalld)
• Enable SELinux
• Change Listening Services Port Numbers
• Keep your OS up to date (security patching)
 OpenLDAP Installation
• What is OpenLDAP?

• OpenLDAP Service
• slapd

• Start or stop the service

• systemctl start slapd
• systemctl enable slapd

• Configuration Files
• /etc/openldap/slapd.d
 Trace Network Traffic (traceroute)
• The traceroute command is used in Linux to map the journey that a packet
of information undertakes from its source to its destination. One use for
traceroute is to locate when data loss occurs throughout a network, which
could signify a node that's down.
• Because each hop in the record reflects a new server or router between
the originating PC and the intended target, reviewing the results of a
traceroute scan also lets you identify slow points that may adversely affect
your network traffic.

• Example
# traceroute [Link]
 Configure and Secure SSH

• SSH
• SSH stands for secure shell
provides you with an interface to the Linux system. It takes in
your commands and translate them to kernel to manage hardware

pwd

$ bash
csh ksh

# ls
Hardware
cp

• Open SSH is a package/software Kernel

• Its service daemon is sshd

Shell
• SSH port # 22
Utilities
 Configure and Secure SSH

• SSH itself is secure, meaning communication through SSH is always encrypted, but there
should be some additional configuration can be done to make it more secure
• Following are the most common configuration an administrator should take to secure SSH

 Configure Idle Timeout Interval

Avoid having an unattended SSH session, you can set an Idle timeout interval

 Become root
 Edit your /etc/ssh/sshd_config file and add the following line:
 ClientAliveInterval 600
 ClientAliveCountMax 0
 # systemctl restart sshd

The idle timeout interval you are setting is in seconds (600 secs = 10 minutes). Once the interval
has passed, the idle user will be automatically logged out
 Configure and Secure SSH

 Disable root login

Disabling root login should be one of the measures you should take when setting up
the system for the first time. It disable any user to login to the system with root
account

 Become root
 Edit your /etc/ssh/sshd_config file and replace PermitRootLogin yes to no
 PermitRootLogin no
 # systemctl restart sshd
 Configure and Secure SSH

 Disable Empty Passwords

You need to prevent remote logins from accounts with empty passwords for
added security.

 Become root
 Edit your /etc/ssh/sshd_config file and remove # from the following line
 PermitEmptyPasswords no
 # systemctl restart sshd
 Configure and Secure SSH

 Limit Users’ SSH Access

To provide another layer of security, you should limit your SSH logins to only certain
users who need remote access

 Become root
 Edit your /etc/ssh/sshd_config file and add
 AllowUsers user1 user2
 # systemctl restart sshd
 Configure and Secure SSH

 Use a different port

By default SSH port runs on 22. Most hackers looking for any open SSH servers will
look for port 22 and changing can make the system much more secure

 Become root
 Edit your /etc/ssh/sshd_config file and remove # from the following line and
change the port number
 Port 22
 # systemctl restart sshd
 Configure and Secure SSH
Access Remote Server without Password (SSH-Keys)

• Two reasons to access a remote machine

• Repetitive logins
• Automation through scripts

• Keys are generated at user level

• User
• root
 Configure and Secure SSH
Access Remote Server without Password (SSH-Keys)
Server = LinuxCentOS7
Client = MyFirstLinuxVM
SSH

Username?
Password?

Generate Keys Copy over the Keys from

client to server Username?
Password?

Client = MyFirstLinuxVM SSH

Step 1 — Generate the Key
# ssh-keygen

Step 2 — Copy the Key to the server

# ssh-copy-id root@192.168.1.x

Step 3 — Login from client to server

# ssh root@192.168.1.x
# ssh –l root 192.168.1.x
 SSH without a Password
• SSH is a secure way to login from host A to host B
• Repetitive tasks require login without a password

What we will learn…

• How to generate SSH keys on the server
• Add SSH keys to the client
• Verify by logging through SSH.
Access Remote Server without Password (SSH-Keys)

• Two reasons to access a remote machine

• Repetitive logins
• Automation through scripts

• Keys are generated at user level

• User
• root
 Access Remote Server without Password (SSH-Keys)
Client = MyFirstLinuxVM Server = LinuxCentOS7
SSH

Username?
Password?

Generate Keys Copy over the Keys from

client to server Username?
Password?

SSH
Client = MyFirstLinuxVM
Step 1 — Generate the Key
# ssh-keygen

Step 2 — Copy the Key to the server

# ssh-copy-id root@192.168.1.x

Step 3 — Login from client to server

# ssh root@192.168.1.x
# ssh –l root 192.168.1.x
 Cockpit
• Cockpit is a server administration tool sponsored by Red Hat, focused on providing a
modern-looking and user-friendly interface to manage and administer servers

• Cockpit is the easy-to-use, integrated, glanceable, and open web-based interface for your
servers

• The application is available in most of the Linux distributions such as, CentOS, Redhat,
Ubuntu and Fedora

• It is installed in Redhat 8 by default and it is optional in version 7

• It can monitor system resources, add or remove accounts, monitor system usage, shut
down the system and perform quite a few other tasks all through a very accessible web
connection
Install, Configure and Manage Cockpit
• Check for network connectivity
• ping [Link]

• Install cockpit package as root

• yum/dnf install cockpit –y (For RH or CentOS)
• apt-get install cockpit (For Ubuntu)

• Start and enable the service

• systemctl start|enable cockpit

• Check the status of the service

• systemctl status cockpit

• Access the web-interface

• [Link]
 Introduction to Firewall 1/2

• What is Firewall
• A wall that prevents the spread of fire

• When data moves in and out of a server its packet information is tested against the
firewall rules to see if it should be allowed or not

• In simple words, a firewall is like a watchman, a bouncer, or a shield that has a set
of rules given and based on that rule they decide who can enter and leave

• There are 2 type of firewalls in IT

• Software = Runs on operating system

• Hardware = A dedicated appliance with firewall software

 Introduction to Firewall 2/2

rule = A is allowed for 22

SSH = 22

Connection established
B
A

rule = A is NOT allowed for ftp

ftp = 21

Connection refused
B
A
 Firewall (iptables – tables, chains and targets) 1/4

• There are 2 tools to manage firewall in most of the Linux distributions

• iptables = For older Linux versions but still widely used
• firewalld = For newer versions like 7 and up

• You can run one or the other

• In this lecture we will work with iptables to manage firewall

• Before working with iptables make sure firewalld is not running and disable it
• service OR systemctl stop firewalld = To stop the service
• systemctl disable firewalld = To prevent from starting at boot time
• systemctl mask firewalld = To prevent it from running by other programs

• Now check if you have iptables-services package installed

• rpm –qa | grep iptables-services
• yum install iptables-services - If not installed then

• Start the service

• systemctl start iptables
• systemctl enable iptables

• To check the iptables rules

• iptables –L

• To flush iptables.
• iptables -F
 Firewall (iptables – tables, chains and targets) 2/4

• The function of iptables tool is packet filtering

• The packet filtering mechanism is organized into three different kinds of structures: tables, chains
and targets

1. tables = table is something that allows you to process packets in specific ways. There
are 4 different types of tables, filter, mangle, nat and raw

2. chains = The chains are attached to tables, These chains allow you to inspect traffic at
various points. There are 3 main chains used in iptables
 INPUT = incoming traffic
 FORWARD = going to a router, from one device to another
 OUTPUT = outgoing traffic
• chains allow you to filter traffic by adding rules to them
• Rule = if traffic is coming from [Link] then go to defined target

3. targets = target decides the fate of a packet, such as allowing or rejecting it. There are 3
different type of targets
 ACCEPT = connection accepted
 REJECT = Send reject response
 DROP = drop connection without sending any response
 Firewall (iptables – tables, chains and targets) 3/4

Let’s draw it out:

Table

If IP, port etc. matches

INPUT Rule ACCEPT/DROP/REJECT

FORWARD Rule ACCEPT/DROP/REJECT

OUTPUT Rule ACCEPT/DROP/REJECT

chains Target

• To check the iptables rules

• iptables -L
 Firewall (iptables – tables, chains and targets) 4/4

Output of iptables -L Types of chain

chain

The destination IP address or subnet of the

traffic, or anywhere

The source IP address or subnet of the traffic, or anywhere

Rarely used, this column indicates IP options

Target The protocol, such as tcp, udp, icmp, or all

 Firewall (iptables – practical examples) 1/2

• Drop all traffic coming from a specific IP ([Link])

• iptables –A INPUT –s [Link] –j DROP

• Drop all traffic coming from a range of IPs ([Link])

• iptables –A INPUT –s [Link]/24 –j DROP

• List all rules in a table by line numbers

• iptables –L --line-numbers

• Delete a specific rule by line number

• iptables –D INPUT 1

• To flush the entire chain

• iptables –F

• To block a specific protocol with rejection (e.g. ICMP)

• iptables -A INPUT -p icmp -j REJECT

• To block a specific protocol without rejection (e.g. ICMP)

• iptables -A INPUT -p icmp -j DROP

• To block a specific port # (e.g. http port 80)

• iptables -A INPUT -p tcp --dport 80 -j DROP
 Linux Firewall (iptables – practical examples) 2/2

Practical:

• Block connection to a network interface

• iptables -A INPUT -i enps03 -s [Link] -j DROP

• Drop all traffic going to [Link]

• host -t a [Link] = find IP address
• iptables –A OUTPUT –d [Link] –j DROP
• IMPORTANT: The iptables read the rules in
• Block all outgoing traffic to a network range sequence
• iptables –A OUTPUT –d [Link]/24 –j DROP • DROP first then it will drop all
without going to the next one
• Block all incoming traffic except SSH • So make sure to ACCEPT first with –I
• iptables -A INPUT -p tcp --dport 22 -j ACCEPT option instead of -A
• iptables -P INPUT DROP

• After making all the changes save the iptables. Again make sure firewalld is not running
• iptables-save = The file is save in /etc/sysconfig/iptables

• iptables saved file can also be restored

• iptables-restore /LOCATION/FILENAME

• By default everything is logged in

• /var/log/messages
 Firewall (firewalld) 1/2

• Firewalld works the same way as iptables but of course it has it own commands
• firewall-cmd

• It has a few pre-defined service rules that are very easy to turn on and off
• Services such as: NFS, NTP, HTTPD etc.

• Firewalld also has the following:

• Table
• Chains
• Rules
• Targets
 Firewall (firewalld) 2/2

• You can run one or the other

• iptables or firewalld

• Make sure iptables is stopped, disabled and mask

• systemctl stop iptables
• systemctl disable iptables
• systemctl mask iptables

• Now check if filewalld package is installed

• rpm –qa | grep firewalld

• Start firewalld
• systemctl start/enable firewalld

• Check the rule of firewalld

• firewall-cmd --list-all

• Get the listing of all services firewalld is aware of:

• firewall-cmd --get-services

• To make firewalld re-read the configuration added

• firewall-cmd --reload
 Firewall (firewalld – Practical Examples) 1/3

• The firewalld has multiple zone, to get a list of all zones

• firewall-cmd --get-zones

• To get a list of active zones

• firewall-cmd --get-active-zones

• To get firewall rules for public zone

• firewall-cmd --zone=public --list-all
OR
• firewall-cmd --list-all

• All services are pre-defined by firewalld. What if you want to add a 3rd party service
• /usr/lib/firewalld/services/[Link]
• Simply cp any .xml file and change the service and port number

Version of XML

Service
Service

Port
Description
 Firewall (firewalld – Practical Examples) 2/3

• To add a service (http)

• firewall-cmd --add-service=http

• To remove a service
• firewall-cmd --remove-service=http

• To reload the firewalld configuration

• firewall-cmd --reload

• To add or remove a service permanently

• firewall-cmd --add-service=http --permanent
• firewall-cmd --remove-service=http --permanent

• To add a service that is not pre-defined by firewalld

• /usr/lib/firewalld/services/[Link]
• Simply cp any .xml file [Link] and change the service and port number (32)
• systemctl restart firewalld
• firewall-cmd --get-services (to verify new service)
• Firewall-cmd --add-service=sap
 Firewall (firewalld – Practical Examples) 3/3

• To add a port
• firewall-cmd --add-port=1110/tcp

• To remove a port
• firewall-cmd --remove-port=1110/tcp

• To reject incoming traffic from an IP address

• firewall-cmd --add-rich-rule='rule family="ipv4" source address=“[Link]" reject’

• To block and unblock ICMP incoming traffic

• firewall-cmd --add-icmp-block-inversion
• firewall-cmd --remove-icmp-block-inversion

• To block outgoing traffic to a specific website/IP address

• host -t a [Link] = find IP address
• firewall-cmd --direct --add-rule ipv4 filter OUTPUT 0 -d [Link] -j DROP
 Tune System Performance 1/8

Linux system comes fined tunned by default when you install, however there are a few tweaks
that can be done based on system performance and application requirements

In this lesson we will learn…

• Optimize system performance by selecting a tuning profile managed by the tuned daemon
• Prioritize or de-prioritize specific processes with the nice and renice commands
 Tune System Performance 2/8

What is tuned?

• Tuned pronounced as tune-d

• Tune is for system tuning and d is for daemon
• It is systemd service that is used to tune Linux system performance
• It is installed in CentOS/Redhat version 7 and 8 by default
• tuned package name is tuned
• The tuned service comes with pre-defined profiles and settings (List of profile will be discussed in the next page)
• Based on selected profile the tuned service automictically adjust system to get the best
performance. E.g. tuned will adjust networking if you are downloading a large file or it will adjust
IO settings if it detects high storage read/write
• The tuned daemon applies system settings when the service starts or upon selection of a new
tuning profile.
 Tune System Performance (tuned profiles)
3/8

Tuned profile Purpose

balanced deal for systems that require a compromise between power saving and performance
desktop Derived from the balanced profile. Provides faster response of interactive applications
Throughput-performance Tunes the system for maximum throughput
Latency-performance Ideal for server systems that require low latencyat the expense of power consumption
network-latency Derived from the latency-performance profile. It enables additional network tuning
parameters to provide low network latency
Network-throughput Derived from the throughput-performance profile. Additional network tuning parameters are
applied for maximum network throughput
powersave Tunes the system for maximum power saving
oracle Optimized for Oracle database loads based on the throughput-performance profile
virtual-guest Tunes the system for maximum performance if it runs on a virtual machine
virtual-host Tunes the system for maximum performance if it acts as a host for virtual machines
 Tune System Performance 4/8

• Check if tuned package has been installed

rpm –qa | grep tuned

• Install tuned package if NOT installed already

yum install tuned

• Check tuned service status

systemctl status|enable|start tuned
systemctl enable tuned (To enableat boot time)

• Command to change setting for tuned daemon

tuned-adm

• To check which profile is active

tuned-adm active

• To list available profiles

tuned-adm list.
 Tune System Performance 5/8

• To change to desired profile

tuned-adm profile profile-name

• Check for tuned recommendation

tuned-adm recommend

• Turn off tuned setting daemon

tuned-adm off

• Change profile through web console

Login to [Link]
Overview  Configuration  Performance profile
 Tune System Performance (nice/renince)
6/8

• Another way of keeping your system fine-tuned is by prioritizing processes through

nice and renice command
• If a server has 1 CPU then it can execute 1 computation/process at a time as they come
in (first comefirst served) while other processes must wait
• With nice and renice commands we can make the system to give preference to certain
processes than others
• This priority can be set at 40 different levels
• The nice level values range from -20 (highest priority) to 19 (lowest priority) and by
default, processes inherit their nice level from their parent, which is usually 0.
 Tune System Performance (nice/renince)
7/8

• To check process priority

top

Nice value is a user-space and priority PR is the process's actual priority that use by Linux kernel. In
Linux system priorities are 0 to 139 in which 0 to 99 for real time and 100 to 139 for users

• Process priority can be viewed through ps command as well with the right options
$ ps axo pid,comm,nice,cls --sort=-nice
 Tune System Performance (nice/renince)
8/8

• To set the process priority

nice –n # process-name
e.g. nice –n -15 top

• To change the process priority

renice –n # process-name
e.g. renice –n 12 PID.
 DHCP
In this video I will show you how to setup DHCP server conceptually
because if you want to setup DHCP server on your Linux machine then
you will have to re-configure your router/modem in your home which can
route DHCP traffic to your new DHCP server.
Reconfiguring router/modem will make all your devices at home lose the
network connectivity

• DHCP stands for Dynamic Host Configuration Protocol

• In order to communicate over the network, a computer needs to have an IP address
• DHCP server is responsible to automatically assign IP addresses to servers, laptops, desktops,
and other devices on the network

• Wait a second…
• Right now in our home how IPs are assigned to our devices?
• Answer  The router or gateway given to you by your ISP provider
• How IPs are assigned in corporate world?
• Answer  Dedicated routers run DHCP service to assign IPs on the network
 DHCP
Step by steps instructions
• Pick a server to be your DHCP and take a snapshot

• Assign a static IP to the DHCP server

• vi /etc/sysconfig/network/enp0s3
• Or simply run nmtui command to use GUI based network tool
 DHCP
• Install dhcp server package
• yum install dhcp (version 7)
• dnf install dhcp-server (version 8)

• Edit the configuration file with desired parameters

• vi /etc/dhcp/[Link]
• cp /usr/share/doc/dhcp-x.x.x/[Link] /etc/dhcp/[Link]

• The DHCP server will reserve the IP

address for at least 10 minutes
• The DHCP server will reserve the IP
address for a max of 2 hours
• Defines the subnet range of 256 addresses
• Defines the DHCP range assignment of 150 addresses
• Routers defines the default gateway
• Defines the default subnet mask that will be
assigned to each host
• Defines the DNS nameservers which will be
assigned to each host.
 DHCP
• Start dhcpd service
• systemctl start dhcpd
• systemctl enable dhcp

• Disable firewalld or allow dhcp port over firewall

• systemctl stop firewalld
• OR
• firewall-cmd --add-service=dhcp –permanent
• firewall-cmd –reload

• Switch DHCP service from your router/modem to your new DHCP server
• Login to your ISP provided router
• Disable dhcp and enable forwarding to the new dhcp server.
MODULE 6
DISK MANAGEMENT AND RUN LEVELS
S y s t e m Run Level
• System Run Levels

Main Run level

• 0 Shut down (or halt) the system
• 1 Single-user mode; usually aliased as s or S
• 6 Reboot the system

Other Run levels

• 2 Multiuser mode without networking
• 3 Multiuser mode with networking
• 5 Multiuser mode with networking and GUI.
Linux Boot Process
 Linux Boot Process (Newer Versions)

• The boot sequence changes in CentOS/Redhat 7 and above

• systemd is the new service manager in CentOS/RHEL 7 that manages the boot
sequence

• It is backward compatible with SysV init scripts used by previous versions of

RedHat Linux including RHEL 6

• Every system administrator needs to understand the boot process of an OS in

order to troubleshoot effectively
 Linux Boot Process (Newer Versions)
BIOS = Basic Input and Output Setting (firmware
interface)
POST = Power-On Self-Test started
MBR = Master Boot Record
Information saved in the first sector of a hard disk that indicates where
the GRUB2 is located so it can be loaded in computer RAM

GRUB2 = Grand Unified Boot Loader v2

Loads Linux kernel
/boot/grub2/[Link]

Kernel = Core of Operating System

Loads required drivers from [Link]
Starts the first OS process (systemd)

Systemd = System Daemon (PID # 1)

It then starts all the required processes
Reads = /etc/systemd/system/[Link] to bring the system to the
run-level
Total of 7 run-levels (0 thru 6)
Message of t h e Day

• Message of the day file location

• /etc/motd
 Customize Message of the Day

• Once again, message of the day is the first

message users will see when they login to the
Linux machine

• Steps:
• Create a new file in /etc/profile.d/[Link]
• Add desired commands in [Link] file
• Modify the /etc/ssh/sshd_config file to edit
#PrintMotd yes to PrintMotd no
• Restart sshd service
• systemctl restart [Link]
D i s k Partition

• Commands for disk partition

• df
• fdisk
Adding D i s k and Creating Partition

• Purpose? = Out of Space, Additional Apps etc.

• Commands for disk partition

• df
• fdisk
Computer Storage
• Local Storage
• RAM, HDD, SSD, etc.

• DAS (Direct Attached Storage)

• CD/DVD, USB flash drive, external disk directly attached with
USB or other cables

• SAN (Storage Area Network)

• Storage attached through iSCSI or fiber cable

• NAS (Network Attached Storage)

• Storage attached over network (TCP/IP)
• E.g. Samba, NFS etc.
Logical Volume Management (LVM)

• LVM allows disks to be combined together

C:
D:
E:
 LVM Configuration During Install

• Install Linux CentOS with LVM configuration

Add Di sk and Create LVM Partition
 A D D A N D E x T E N D D ISK USI NG L V M

/oracle = 1.0G
/oracle = Full

Few Options:
• Delete older files to free up disk space
• Add new physical disk mount to /oracle2
• Create a new virtual disk and mount to /oracle2
• Or extend /oracle through LVM.
 A DD/ E XTEND S WAP S PACE
• What is swap? – [Link]
Swap space in Linux is used when the amount of physical memory (RAM) is full. If the system needs
more memory resources and the RAM is full, inactive pages in memory are moved to the swap
space. While swap space can help machines with a small amount of RAM, it should not be
considered a replacement for more RAM. Swap space is located on hard drives, which have a
slower access time than physical memory

• Recommended swap size = Twice the size of RAM

M = Amount of RAM in GB, and S = Amount of swap in GB, then

If M < 2
then S = M *2
Else S=M+2

• Commands
• dd
• mkswap
• swapon or swapoff
 Implement Advanced Storage Features
• Red Hat 8 introduces the next generation volume management solution called Stratis
• It uses thin provisioning by default
• It combines the process of creating logical volume management (LVM) and creation of
filesystems into one management
• In LVM if a filesystem system gets full you will have to extend it manually whereas stratis
extends the filesystem automatically if it has available space in its pool

In this lesson we will learn…

• How to manage multiple storage layers using Stratis local storage management
Implement Advanced Storage Features
Physical Disks LVM Logical volumes

Volume Group

Stratis

Filesystem

10G

30G
Pool
 Implement Advanced Storage Features
• Install Statris package
yum/dnf install stratis-cli stratisd

• Enable and start Statris service

systemctl enable|start stratisd

• Add 2 x 5G new disks from virtualization software and verify at the OS level
Oracle virtualbox storage setting
lsblk

• Create a new stratis pool and verify

stratis pool create pool1 /dev/sdb
stratis pool list

• Extend the pool

stratis pool add-data pool1 /dev/sdc
stratis pool list
 Implement Advanced Storage Features
• Create a new filesystem using stratis
stratis filesystem create pool1 fs1
stratis filesystem list (Filesystemwill start with 546 MB)

• Create a directory for mount point and mount filesystem

mkdir /bigdata
mount /dev/stratis/pool1/fs1 /bigdata
lsblk

• Create a snapshot of your filesystem

startis filesystem snapshot pool1 fs1 fs1-snap
stratis filesystem list

• Add the entry to /etc/fstab to mount at boot

UUID=“asf-0887afgdja-” /bigdata xfs defaults,x-
[Link]=[Link] 0 0
 RAID
• RAID (Redundant Array of Independent Disks)

• Type of RAID
• RAID0
• RAID1
• RAID5

5 5 5 5 5 5 5
+ 5+5=10G = 5,5=5G + + 5+5+5=12G
= =

RAID0 RAID1 RAID5

 File System Check (fsck and xfs_repair)

• Linux fsck utility is used to check and repair Linux

filesystems (ext2, ext3, ext4, etc.)
• Linux xfs_repair utility is used to check and repair Linux
filesystems for xfs filesystem type
• Depending on when was the last time a file system was
checked, the system runs the fsck during boot time to
check whether the filesystem is in consistent state
• System administrator could also run it manually when
there is a problem with the filesystems
• Make sure to execute the fsck on an unmounted file
systems to avoid any data corruption issues.
 File System Check (fsck and xfs_repair)…
• Force a filesystem check even if it’s clean using option –f
• Attempt to fix detected problems automatically using option -y
• The xfs_repair utility is highly scalable and is designed to repair even
very large file systems with many inodes efficiently. Unlike other Linux
file systems, xfs_repair does not run at boot time
• The following are the possible exit codes for fsck command
 System Backup (dd Command)
5 Different Types of Backups
1. System backup (entire image using tools such as acronis, Veeam, Commvault
etc.)
2. Application backup (3rd party application backup solution)
3. Database backup (Oracle dataguard, SQL backup etc.)
4. Filesystem backup (tar, gzip directoris etc.)
5. Disk backup or disk cloning (dd command)

• dd is a command-line utility for Unix and Unix-like operating systems whose primary
purpose is to convert and copy files
• As a result, dd can be used for tasks such as backing up the boot sector of a hard
drive, and obtaining a fixed amount of random data
• Please note the source and destination disk should be the same size
 System Backup (dd Command)…
• To backup or clone an entire hard disk to another hard disk connected to the
same system, execute the dd command as shown

# dd if=<source file name> of=<target file name> [Options]

# dd if=/dev/sda of=/dev/sdb

• To backup/copy the disk partition

# dd if =/dev/sda1 of=/root/[Link]

• Restoring this image file to other machine after copying the .img
# dd if=/root/[Link] of=/dev/sdb3
 Network File System (NFS)
• NFS stands for Network File System, a file system developed by Sun
Microsystems, Inc.
• It is a client/server system that allows users to access files across a network and
treat them as if they resided in a local file directory
• For example, if you were using a computer linked to a second computer via
NFS, you could access files on the second computer as if they resided in a
directory on the first computer. This is accomplished through the processes of
exporting (the process by which an NFS server provides remote clients with
access to its files) and mounting (the process by which client map NFS shared
filesystem)
Approved

NFS Request
Server Client
 Network File System (NFS)…
Steps for NFS Server Configuration

• Install NFS packages

# yum install nfs-utils libnfsidmap (most likely they are installed)

• Once the packages are installed, enable and start NFS services
# systemctl enable rpcbind
# systemctl enable nfs-server
# systemctl start rpcbind, nfs-server, rpc-statd, nfs-idmapd
• Create NFS share directory and assign permissions
# mkdir /mypretzels Read/write all changes to the according filesystem are
immediately flushed to disk; the respective
# chmod a+rwx /mypretzels write operations are being waited for
• Modify /etc/exports file to add new shared filesystem
# /mypretzels [Link](rw,sync,no_root_squash) = for only 1 host

# /mypretzels *(rw,sync,no_root_squash) = for everyone

• Export the NFS filesystem root on the client machine will have the same
IP address of
NFS share # exportfs -rv client machine
level of access to the files on the system as root
on the server.
 Network File System (NFS)…
Steps for NFS Client Configuration
• Install NFS packages
# yum install nfs-utils rpcbind
• Once the packages are installed enable and start rpcbind service
# systemctl rpcbind start
• Make sure firewalld or iptables stopped (if running)
# ps –ef | egrep “firewall|iptable”
• Show mount from the NFS server
# showmount -e [Link] (NFS Server IP)
• Create a mount point
# mkdir /mnt/kramer
• Mount the NFS filesystem
# mount [Link]:/mypretzels /mnt/kramer
• Verify mounted filesystem
# df –h
• To unmount
# umount /mnt/kramer
 Samba
• Samba is a Linux tool or utility that allows sharing for Linux resources such as files and
printers to with other operating systems

• It works exactly like NFS but the difference is NFS shares within Linux or Unix like system
whereas Samba shares with other OS (e.g. Windows, MAC etc.)

• For example, computer “A” shares its filesystem with computer “B” using Samba then
computer “B” will see that shared filesystem as if it is mounted as the local filesystem

Approved

mount request
Server Client
 Samba (smb vs. CIFS)
• Samba shares its filesystem through a protocol called SMB (Server Message Block) which
was invented by IBM

• Another protocol used to share Samba is through CIFS (Common Internet File System)
invented by Microsoft and NMB (NetBios Named Server)

• CIFS became the extension of SMB and now Microsoft has introduced newer version of
SMB v2 and v3 that are mostly used in the industry

• In simple term, most people, when they use either SMB or CIFS, are talking about the same
exact thing
 Samba Installation and Configuration
• Take snapshot of your VM
• Install samba packages
• Enable samba to be allowed through firewall (Only if you have firewall running)
• Disable firewall
• Create Samba share directory and assign permissions
• Also change the SELinux security context for the samba shared directory
• Or disable SELinux
• Modify /etc/samba/[Link] file to add new shared filesystem
• Verify the setting
• Once the packages are installed, enable and start Samba services (smb and nmb)
• Mount Samba share on Windows client
• Mount Samba share on Linux client
• Additional instructions on creating secure Samba share.
 NAS Device for NFS or Samba
• A storage can be carved on a Linux server, and it can be shared with another
Linux machine through NFS or to a Windows machine through Samba service

Server Client

• NFS/Samba or any NAS service can be setup through a dedicated NAS device

OS

Client

Client

NAS
Client
 NAS Device for NFS or Samba

• In this video we will learn…

• Physical layout of a NAS device
• Setup, configure and manage NAS device
• Create shared filesystem (NFS and Samba)
• Mount shared folder from the NAS device to Linux and Windows
 SATA and SAS
• SATA Stands for Serial Advanced Technology Attachment and SAS stands for Serial
Attached SCSI (SCSI Stands for Small Computer System Interface, typically pronounced
as “scuzzy”)
• Both SAS and SATA utilize serial communication. Serial communication means that the
highway has both lanes

Parallel communication

Serial communication
 SATA and SAS
• The main difference between them is that SAS drives are faster and more reliable than SATA drives

• SAS is generally more expensive, and it’s better suited for use in servers or in processing-heavy
computer workstations. SATA is less expensive, and it’s better suited for desktop file storage

• In a SATA cable, all 4 wires are placed within the same cable. In a SAS cable, the 4 wires are
separated into 2 different cables

Why divide the wires between 2 cables???

• So you can connect more devices to one another. With a SATA cable, you can only link the motherboard
and the storage drive. You could hook up an expansion device, but that takes up valuable room inside your
computer.
• With a SAS cable, you can hook up the motherboard to both a storage drive and another piece of
hardware that has SAS connectors.

Here’s what the highways look like, metaphorically:

• SATA cable: Los Angeles to San Francisco
• SAS cable: Los Angeles to San Francisco or Los Angeles to Las Vegas
Difference Between CentOS/RHEL 7 and 8
• Red Hat Enterprise Linux 8 (RHEL 8) is now available for production use with lots of developer-
friendly capabilities
• RHEL 8 official release by Red Hat Inc, was announced on May 7, 2019
• I will cover only what is changed and what you should in terms of my Linux course

RHEL 8 RHEL 7
General Availability Date 14-Nov-18 10-Jun-14
Code Name Ootpa Maipo
Kernel Version 4.18 3.10.0-123
End of Support May-2029 30-Jun-2024
Last Minor Release 8.x 7.7
Network Time Synchronization Only Chrony Chrony and ntpd
GUI Interface (Desktop) Gnome 3.28 Gnome 3
MySQL 8.0, MariaDB 10.3,
Default Database PostgreSQL 10 and 9.6, and Redis MariaDB
5.0
Difference Between CentOS/RHEL 7 and 8

RHEL 8 RHEL 7
Firewalld, it uses nftables Firewalld, it uses Iptables
Default Firewall
framework in the backend framework in the backend

Max Supported (Individual) File

XFS= 1024TB XFS= 500TB
& Filesystem Size

By default only YUM and

By default both are installed,
Package Management DNF can be installed from the
YUM symbolic link to DNF
Extra repo
Max. RAM Supported 24 TB on x86_64 architecture 12 TB on x86_64 architecture
MODULE 7
SHELL
S CRIPTING
Linux Kernel
• What is a Kernel?
• Interface between hardware and Software

Browser, sendmail
Software
GUI, bash, csh
Operating System
Program

CPU, Memory, HD
Intro duction t o Shell

• What is a Shell?
• Its like a container
• Interface between users and Kernel/OS
• CLI is a Shell

• Find your Shell

• echo $0
• Available Shells “cat /etc/shells”
• Your Shell? /etc/passwd

• Windows GUI is a shell

• Linux KDE GUI is a shell
• Linux sh, bash etc. is a shell
Types of Shell
• sh
• bash
• ksh
• csh

S tarti n g a Shell
• Type shell name e.g. csh
• Type exit to exit out of shell
Shell Scripting
• What is a Shell Script?
A shell script is an executable file containing multiple shell commands that are executed
sequentially. The file can contain:

• Shell (#!/bin/bash)
• Comments (# comments)
• Commands (echo, cp, grep etc.)
• Statements (if, while, for etc.)

• Shell script should have executable permissions (e.g. -rwx r-x r-x)
• Shell script has to be called from absolute path (e.g /home/userdir/[Link])
• If called from current location then ./[Link]
Shell S crip t – Basic Scripts

• Output to screen using “echo”

• Creating tasks
• Telling your id, current location, your files/directories, system info
• Creating files or directories
• Output to a file “>”

• Filters/Text processors through scripts (cut, awk, grep, sort, uniq, wc)
 Input and Output of Script
• Create script to take input from the user

read
echo
if-t h e n Scripts

• If then statement

If this happens = do this

Otherwise = do that
For Loop Scripts

• For loops

Keep running until specified number of variable

e.g: variable = 10 then run the script 10 times
OR
variable = green, blue, red (then run the
script 3 times for each color.
do-w h i l e Scripts

• do while

The while statement continually executes a block of statements while a

particular condition is true or met

e.g: Run a script until 2pm

while [ condition ]
do
command1
command2
commandN
done
Case S ta temen t Scripts

• Case

If option a is selected = do this

If option b is selected = do this
If option c is selected = do this.
 Check Other Servers Connectivity

• A script to check the status of remote hosts

Aliases
• Aliases is a very popular command that is used to cut down on lengthy and
repetitive commands

alias ls="ls -al“

alias pl=“pwd; ls”
alias tell=“whoami; hostname; pwd”
alias dir="ls -l | grep ^d"
alias lmar=“ls –l | grep Mar”
alias wpa= "chmod a+w"
alias d="df -h | awk '{print \$6}' | cut -c1-4"
Creating User or Global Aliases
• User = Applies only to a specific user profile
• Global = Applies to everyone who has account on the system

• User = /home/user/.bashrc
• Global = /etc/bashrc

alias hh=“hostname”
Shell History

• Command “history”