Chapter 1: Using Command Line Tools - Linux Commands (cat, grep, head, tail, logger, journalctl, chmod)
chmod Command: what are three types of permissions in Linux?
1. Read (r) --> indicates someone can open the file and view its contents 2. Write (w) --> indicates a user can modify the contents. It is generally combined with read 3. Executes (x) --> indicates a user can launch the files and is used with executable files
What is the difference between - sudo cat /var/log/auth.log and sudo cat /var/log/auth.log | more - commands?
1. sudo cat /var/log/auth.log --> shows the entire contents of the auth.log files, scrolling so fast, you can't see the beginning of the file 2. sudo cat /var/log/auth.log | more --> displays one page at a time. Pressing the space bar shows the next page
chmod Command: Permissions (r, w, x) apply to which three identities?
1. u --> indicates the file owner 2. g --> indicates the group owner 3. o --> indicates all others **You can assign permissions with these letters and the r, w, x permissions Example --> adding read permission to a group --> chmod g=r filename
Why is journalctl used?
Part of the reason why journalctl is used is because you can't query journald since it stores log data in a binary format, whereas, journald displays the data as text
What does the grep command do?
When executed, the grep command (globally search a regular expression and print) searches for a specific string or pattern of text within a file. **This can simplify the search** Example --> sudo grep "authentication failure" /var/log/auth.log shows only the entries with the text "authentication failure" (w/o quotes)
What is the chmod command used for?
Short for "change model" the chmod command is used to modify permissions on Linux system files and folders *Any file can have read, write, and execute permissions
CAT: what does the cat command do?
Short for concatenate --> The CAT command is used to display the contents of files. Additionally, CAT allows you to make copies of a file or merge multiple files into one **one of the easiest ways to view a file's content example --> sudo cat [file path] sudo cat /var/log/auth.log
What does the head command allow you to do?
The head command allows you to see the beginning of a log file *By default it shows the first 10 lines of a file, however, you can use the -n switch to specify how many lines to display --> sudo head -n 15 /var/log/syslog
What command would you use to view entries from previous boots?
The journalctl --list-boots command will display previous boots You can then retrieve a specific boot log identified with a number --> journalctl - 1
What does the journalctl command do?
The journalctl command queries the Linux system logging utility (journald) and displays log entries from several sources
What does the logger command do?
The logger command provides an interface to the syslog subroutine, which writes entries to the system log. In other words, this command lets you add entries in the /var/log/syslog file from the terminal or from scripts and applications
What does the tail command allow us to do?
The tail command displays the last 10 lines of a log file by default The following example shows how to use the tail command to get the last 15 lines of a file --> sudo tail -n 15 /var/log/messages
True/False: The grep command can be used in combination with the cat command
True, for example: sudo cat /var/log/auth.log | grep "authentication failure" --> this reads the file with cat and then pipes (|) the result to the grep command
True/False: journalctl displays ALL journal entries which can be fairly extensive
True, however, there are multiple ways you can limit the output For example, you can limit the logs displayed to only the last hour using this command --> journalctl -- since "1 hour ago"
True/False: As with any other command that sends output to the display, using the journalctl command you can redirect the output of a text file using the redirect operator
True, to accomplish this you would type: journalctl -- since "1 hour ago" > myjournal.txt
chmod Command: how are permissions removed?
You can remove permissions by using a dash. The following example removes execute permission from all others: chmod o-x filename