Linux+(XK0-004)

Ace your homework & exams now with Quizwiz!

dmesg -w

watch the hw logs (all messages sent to the kernel's message buffer after system boot, including messages sent by device drivers) in real-time, each line preceded by timestamp, seconds since the kernel loaded

sudo shred -v -n=1 -z /dev/{partition}

verbosely clean a target disk or partition by overwriting its contents with random data for one iteration then add a final overwrite with zeros to hide the cleaning. This ensures that no sensitive data from past use remains on the device.

sudo systemctl status httpd

verify the loaded and active status of the Apache http service

lvs

view a summary of logical volumes

pvs

view a summary of physical volumes

vgs

view a summary of volume groups

ulimit -a

view all upper limits for file size, open files, pipe size, stack size, etc.

df -h

view device free space in human readable form

useradd -D

view the default configuration for new users

nmap {destination_host}

view the network structure to verify the existence of a path between the source and destination systems.

hostnamectl

view the system's network hostname and other information about the system's hardware and the Linux kernel it is running.

chmod g+s {directory}

using symbolic mode, set the group id on a directory so that all subdirectories created within it will inherit the SGID permission and all new files and subdirectories created within it will inherit the directory's group id (neither applies to existing objects or moved objects)

chmod +t {filename}

using symbolic mode, set the sticky bit of a file so that only the owner can delete it

chmod u+s {filename}

using symbolic mode, set the user id on a file to let it be executed with owner privileges

sudo swapon -a

using this command, all devices marked as swap in /etc/fstab are made available, except for those with the "noauto'' option. Devices that are already being used as swap are silently skipped.

sudo swapoff -a

using this command, swapping is disabled on all known swap devices and files (as found in /proc/swaps or /etc/fstab).

ln -s {target name} [link name]

Make a symbolic link

Unicode

A character code that enables most of the languages of the world to be symbolized with a special character identification.

chcon {-u|-r|-t} {context value} {file/directory}

Change the SELinux security context of a file or directory

getenforce

Display which mode SELinux is running in

yum install -y {package name}

Install a package from a configured repository using yum.

pvscan

Scan for all physical devices that are being used as physical volumes

sysctl -w {parameter}={value}

Set a runtime kernel parameter value.

timedateclt set-time 2020-01-01 15:03:16

Set the system's time to the time provided.

LANG={locale}

The locale to use for all LC_* variables that aren't explicitly defined.

LC_ALL={locale}

The locale to use for all options, overriding any LANG and LC_* values. Typically used for troubleshooting purposes.

--permanent

The option that be used with the firewall-cmd command when committing a change to firewalld for it to persist upon restart of the daemon

Running

The process is currently executing in user space or kernel space. In this state, the process can perform its assigned tasks.

Interruptible sleep

The process relinquishes access to the CPU and waits to be reactivated by the scheduler. A process typically enters this state when it requests currently unavailable resources. The process will wake from its sleep if a scheduler finds a time slot for it.

0-1023

The range of well-known or privileged port numbers is

Timed out

The request reached the destination computer but a response did not return to the source computer before the source computer _________. This often indicates the problem is with the destination computer.

TZ={time zone}

The system time zone. This is an alternative to using commands like date or timedatectl to set the time zone.

Run level 0

This run level halts (shuts down) the system

yum remove {package name}

Uninstall a package using yum.

sudo lvcreate -L {size} {volume_group} -n {logical_volume}

create a logical volume, specifying the size, the associated volume group, and the name

sudo firewall-cmd --permanent --new-zone={zone}

create a new firewalld zone and write the addition to disk instead of RAM.

useradd jdoe -c "John Doe" -e 2019/12/31 -s /bin/dash -d /home/john_doe

create a new user, specify a comment, an account expiration, a default shell, and home directory

sudo mkswap /dev/{swap_partition}

create a swap space on a storage partition

find ~ -type f -name "*.txt" | xargs chmod 775

find all text files in the home directory and modify their permissions

mkdir {directory_name}

make a new directory

paste -d , {file_1} {file_2}

merge the lines of two files horizontally using a comma delimiter

mv {source} {destination}

move or rename a file/directory

less {file_name}

page through the contents of a file

message digest

resulting output of the hashing process

/lib/systemd/system/

standard location that is used by software to install unit files, don't directly edit

644

the octal for default permissions set on a file created by a root user, before any umask is applied

/etc/profile and /etc/bashrc

two files in which a persistent system wide umask can be set

df -i

verify that the inode pool has not been exhausted by using this command.

Differential

All selected files that have changed since the last full backup are backed up. When _______ backups are used, you must restore the last full backup plus the most recent _______ backup. _______ backups require less storage space and backup time than full backups, but are slower to recover.

Stateless Firewalls

Another term for packet filtering firewalls, whose rules appear in the form of an access control list (ACL), named so because they can only inspect a packet in isolation, and cannot determine what has come before that packet that might provide valuable context.

sysctl -r {pattern}

Apply a command to runtime kernel parameters matching a given pattern, using extended regular expressions.

NoMachine (NX)

A cross-platform proprietary remote desktop software that offers support for multi-session environments and account management. It is useful in organizations with many users that require simultaneous access to the same servers. It is designed to work with X.

ASCII

A standard code for representing text characters using one byte. Generally replaced by UTF-8 or UTF-16 to support international languages.

brctl addif {bridge name} {interface}

Add an interface (like eth0 or eth1) to a bridge

ssh-add

Add private key identities to the SSH key agent. If the key is protected by a password, the user only needs to enter the password once, and the agent will automatically authenticate the user.

usermod -aG sales-group user1

Adds user to a group and keeps them in their existing groups

sudo xfs_admin -L {Label} /dev/{disk_partition}

Change the label on an XFS file system

setenforce 1

Change the mode SELinux runs in to enforcing (does not persist on reboot)

setenforce 0

Change the mode SELinux runs in to permissive (does not persist on reboot)

xfs_admin

Change the parameters of an XFS file system, including its label and UUID

setsebool {bool} on

Change the status of an SELinux boolean value to on

usermod -l user99 user1

Changes the user's login name

Boot from HTTP/FTP

Clients can use these content delivery protocols to acquire boot data over the network. More reliable and secure than TFTP used in PXE.

gzip {file name}

Compresses the file and appends the .gz extension

route add default gw {IP address}

Configure a default gateway by its IP address. Packets will be passed to this destination if there are no other routes that match their network ID.

AllowUsers

Configure this setting in /etc/ssh/sshd_config to enable user-specific access by allowing the specified users access over SSH.

netcat -l {port}, netcat {ip_addr} {port}

Connect two computers for the purpose of transferring information (one command from computer 1, another from computer 2)

cpio -i < dir_arch

Copy files from an archive. Extract files from the standard input.

find . -depth -print | cpio -p new_dir

Copy files from one directory tree to another. Read the standard input to obtain the list of file names that are created and copied into the destination directory.

ls | cpio -o > dir_arch

Copy files into an archive. Read the standard input to obtain a list of file names and then copy those files to the standard output and redirect to an archive.

xfs_copy

Copy the contents of the XFS file system to another location

xfs_metadump

Copy the superblock metadata of the XFS file system to a file

crontab -e -u {user_name}

Create a crontab file on behalf of the specified user.

dpkg

Debian's package manager, available for use in Debian and Debian-derivatives

xfs_db

Debug the XFS file system

gzip -d {file name}

Decompresses the file

crontab -r

Delete the current crontab file

sudo aa-disable /etc/apparmor.d/{profile}

Disable an AppArmor profile, unloading it from the kernel.

nmcli con down {device ID}

Disable the specified NIC

sysctl -a

Display all runtime kernel parameters and their current values.

xfs_info

Display details about the XFS file system, including its block information

modinfo {module_name}

Display information about a particular kernel module, such as the file name of the module, license, description, author's name, module version number, dependent modules, and other parameters or attributes.

netstat - i {I-Node}

Display information the specified network interface,

nmcli con edit {device ID}

Enter interactive mode to configure the specified NIC

/etc/systemd/system/

contain files for overriding unit files, unit files in this directory take precedence over files elsewhere,

chown -R {user name} {directory}

Recursively change the owner of a directory structure

RPM

Red Hat Package Manager

systemctl daemon-reload

Reload the systemd init daemon, including all unit files.

cryptsetup luksClose /dev/mapper/{virtual_name}

Remove a LUKS storage device from mapping, locking the device.

rmmod {module_name}

Remove a module from the currently running kernel

sudo chattr -i {file/directory}

Remove the read-only, or immutable, attribute of the file. Requires superuser privileges.

groupmod -g 123 -n newsales sales

Rename a group and change the group ID

top : r

Renice the process for which you specify the PID.

xfs_repair

Repair and recover a corrupt XFS file system

yum info {package name}

Report information about a package.

apt show {package name}

Report information about the package using apt.

yum provides {file name}

Report what package provides specified files or libraries.

restorecon {file/directory}

Restore the default SELinux security context of one or more files

udevadm info /dev/sda1

Retrieve device information stored in the udev database, as well as detailed device attributes from the /sys/ file system. For example, you can view a device's vendor ID, product ID, serial number, and much more.

mail [email protected] < hello.txt

Set the contents of a text file as input and attach it to an email message.

chage -W 5 user1

Sets number of days before expiration that user will be warned to change their password.

chage -E 2022/12/31 user1

Sets the account to expire at the specified date and time.

chage -M 90 user1

Sets the maximum days the password is valid for

chage -m 1 user1

Sets the minimum days until the password can be changed.

ss -i

Show only what ports are being listened on (internal TCP information)

ss dst {host}

Show whether the specified host is connected and what the connection statistics are.

.rpm

Software packages that are prepared for RPM use the this file extension

.dep

Software packages with this file extension can be managed using dpkg

top : P

Sort processes by CPU usage.

top : M

Sort processes by memory usage.

Buffered, Cached

The ______ field in /proc/meminfo indicates memory that is assigned to a specific block device. This memory is used to cache file system metadata, like directory contents, permissions, etc. The ______ memory is similar, but instead of storing file metadata, it stores the actual contents of files. The free command combines these two values together upon output.

GNOME

The default desktop environment in most Linux distributions that follows design principles called human interface guidelines. Starting with version 3, it changed from using a typical desktop metaphor to a more abstract metaphor in which users can switch between virtual desktops and tasks from an overview screen. It supports both X and Wayland.

Persistant Volumes

These are created as part of the Kubernetes orchestration solution for container management, keeping the storage configuration separate from the configurations of the individual cluster nodes. This makes it easier for nodes to be replaced through their lifecycle without impacting the storage.

Software Tokens

These are generated by a system that can distribute the authentication information to any authorized general-purpose device—like a smartphone or a desktop computer

JSON

These files may be used to store information that is easy for most programming languages to interpret and use. Because it uses a standard JavaScript format, it is also relatively easy for humans to interpret and write. One use of these files is for the quick deployment and configuration of one or more virtual machines.

transport mode

This IPSec mode is typically used in remote access VPNs. Only the packet contents are encrypted, whereas the header is not.

tunnel mode

This IPSec mode is typically used in site-to-site VPNs. Both the packet contents and header are encrypted

password requisite pam_pwhistory.so remember=90

This PAM password policy enforces a password history so that users don't re-use old passwords when changing theirs. Passwords are "remembered" for 90 day. Notify the user immediately upon failure.

password sufficient pam_unix.so sha512 use_authtok

This PAM password policy hashes the user's password using the SHA-512 algorithm without conducting any password checks, instead pulling in the password that has already been checked by any prior modules. The module result is ignored upon failure

password required pam_cracklib.so retry=5

This PAM password policy requires users to enter a password that cannot be easily cracked in a dictionary attack, giving them 5 chances to do so

password requisite pam_pwquality.so local_users_only

This PAM password policy will require that the user enter a "quality" (strong) password. Non-local users—those not found in /etc/passwd—are ignored. Notify the user immediately upon failure.

renice -n 8 {pid}

This command alters the scheduling priority of an already running process. Use the -n option to specify the new nice value. The -g option causes all processes in the process group to have their nice value altered. When you renice a user with the -u option, it alters the nice value of all processes owned by the user. By default, the processes affected are specified by their PIDs.

sudo nice -n 11 vim test.txt

This command enables you to run a command with a different nice value than the default. The -n option increments the nice value by the given integer; if you don't provide an integer, then the command will assume an increment of 10. By running without any options, you'll see the default nice value (0). You must have the root user authority to run a command at a higher priority. Once lowered, the priority for any process cannot be increased by normal users, even if they own the process.

journalctl

This command enables you to view and query log files created by the journal component of the systemd suite. Log information is collected and stored via the systemd journald service.

partprobe

This command is used to update the kernel with changes in the partition table (using fdisk or parted). The command first checks the partition table, and if there are any changes, it automatically updates the kernel with the changes.

free -h

This command parses the /proc/meminfo file for easier analysis of memory usage statistics. Its default behavior is to display the following information about system memory and swap space: The total memory, total used, total free, total shared, total buffered and cached (combined), and total available for starting new apps (estimated).

timedatectl set-timezone US/Pacific

This command sets the timezone of the system to Pacific Daylight Time

Enforced use of PKI

This creates a password-less login scheme to mitigate password cracking techniques used by attackers to gain access to an account

Cinnamon

This desktop environment is a fork of GNOME 3 and one of the default environments for the Linux Mint distro. It was developed in response to the changes in GNOME 3, and uses a typical desktop metaphor rather than an abstract one. It does not support Wayland.

MATE

This desktop environment is another fork of GNOME that was created in response to the changes in GNOME 3. It was developed to maintain and extend the functionality of GNOME 2. It is the other default environment for Linux Mint, and is also available as an option in some other distributions. It does not currently support Wayland.

KDE Plasma

This desktop environment is the second-most common desktop environment and is included in distributions like RHEL and CentOS, even if not set as the default. It supports modularity through widgets, enabling users to add, move, and remove screen elements to fit their own personal workflow. It has a robust set of GUI apps, including word processors, mail clients, multimedia software, and more. It supports both X and Wayland.

/etc/apparmor.d/

This directory contains AppArmor profiles for executables

/dev/

This directory contains device driver files that enable the system and users to access devices themselves

/boot

This directory contains files necessary to boot the Linux operating system, including the compressed executable file that contains the Linux kernel itself.

/etc/apparmor.d/tunables/

This directory contains tunable files, which enable you to configure AppArmor functionality without directly modifying profiles

/sys/

This directory is a virtual file system that contains a hierarchical view of device information

/proc/

This directory is a virtual file system that contains various files that represent system information reported by the kernel

/etc/rc.d/

This directory is an alternative location for SysVinit initialization scripts for services

~/.ssh/id_rsa

This file contains the user's private key

~/.ssh/id_rsa.pub

This file contains the user's public key

/etc/nsswitch.conf

This file defines the order in which name resolution methods will be used by the system; The order may be the /etc/hosts file first, then DNS; or DNS first, then the /etc/hosts file. The preferred configuration is /etc/hosts then DNS.

/etc/services

This file is a database of services and their corresponding port numbers. This file enables services to, by default, attempt to bind to their corresponding port when activated

/etc/rc.local

This file is executed at the end of the init boot process, typically used to start custom services. It is rarely used and not supported in some distributions that use SysVinit

/etc/securetty

This file is leveraged by the pam_ _____ module to determine what controlling terminals (/dev/tty#) the root user is allowed to login to. If this file does not exist, the root user can log in from any controlling terminal. If the file exists and is empty, root access is limited to single user mode and certain programs like ssh. Otherwise, adding the name of a controlling terminal to this file in the format tty# will give root access to that terminal.

/etc/ssh/ssh_config

This file is similar to ~/.ssh/config except that it is a client ssh configuration file that applies globally rather than to a specific user.

/etc/ssh/sshd_config

This file is used to configure an SSH server

/etc/default/ufw

This file is used to configure high-level settings like policy defaults and kernel module usage for the UFW management tool.

Anaconda

This installer can provide prompts to an administrator to configure the new Linux server, or it can reference files to customize the installation.

xfs

This is a 64-bit, high-performance journaling file system that provides fast recovery and can handle large files efficiently. It is the default file system for CentOS/RHEL 7 installations.

Secure Sockets layer / Transport Layer Security (SSL/TLS)

This is also used as a VPN authentication and encryption protocol, used primarily for remote access connections. Unlike IPSec, it is an application-layer (layer 7) protocol and is therefore application-dependent.

Kerberos

This is an authentication service that is based on a time-sensitive ticket-granting system. It is used as a single sign-on (SSO) method where the user enters access credentials that are then passed to the authentication server, which contains an access list and allowed access credentials.

IP Forwarding

This is the Linux kernel implementation of network routing functionality. It enables incoming traffic on one network interface to be forwarded to another network interface. It is therefore only useful on systems that have multiple interfaces, particularly systems that act as routers or gateways for other systems in the network.

noop

This is the simplest scheduler and does not sort I/O requests, but merely merges them. This can be ideal in situations where the device or its storage controller performs its own sorting operations. It can also benefit devices that don't have mechanical components requiring seek time, like SSDs and USB flash drives, because this scheduler doesn't expend much effort in reducing seek time.

soft link

This link can be a reference to a file or directory that can span multiple file systems. If the original file or directory is deleted, then the original content is lost.

YAML

This may be used to store configuration information that is used on newly deployed virtual machines. This information may be used by cloud-init to install software or create user accounts during the virtual machine's first boot, or may be used by orchestration tools like Ansible. These files consist of a list of key-value pairs that specify the desired configuration.

Changing default ports

This might be able to confound attackers or temporarily stop automated attacks that target well-known ports

packet drop

This occurs when one or more packets sent from a source are unable to reach their intended destination.

/dev/disk/by-id

This refers to an identifier based on the device's hardware serial number.

/dev/disk/by-path

This refers to an identifier based on the shortest physical path to the device (i.e., the path changes if you plug the device into a different port on the controller). This is useful in configurations using DM-Multipath, a feature of the kernel that supports multiple I/O paths to devices.

/dev/disk/by-uuid

This refers to an identifier based on the universally unique identifier (UUID) that was assigned to the device when a file system was created on it.

Run level 6

This run level reboots the system.

Run level 5

This run level starts multi-user mode with networking and GUI capabilities. Loads a desktop environment.

Run level 3

This run level starts multi-user mode with remote networking. Loads a CLI.

Run level 2

This run level starts multi-user mode without remote networking. Loads a command-line interface (CLI).

Run level 1

This run level starts single-user mode.

deadline

This scheduler performs sorting of I/O operations using three queues: a standard pending request queue, a read first in first out (FIFO) queue, and a write FIFO queue; the latter two of which are sorted by submission time and have expiration values. It is ideal for certain workloads like multi-threaded workloads.

Zombie

This state indicates that a process was terminated, but that it has not yet been released by its parent process. It cannot accept a kill signal because the process isn't available anymore.

Fail2ban

This third-party intrusion prevention system (IPS) prevents brute force attacks by monitoring log files that pertain to any system service with an authentication component. It leverages Netfilter and iptables to actually perform blocking actions, and can even be used to update your firewall rules. It supports both IPv4 and IPv6.

DenyHosts

This third-party intrusion prevention system (IPS) primarily protects SSH servers from brute force password cracking attacks by monitoring the authentication log to look for failed login entries. It will take the source IP address and number of failed attempts into consideration. If enough failed attempts from the same source meet the threshold you've configured (or the default), it will block that source. It only works for IPv4 traffic.

netcat -l {port} > received.file, netcat {ip_addr} < original.file

Transfer file content between two computers (one command from computer 1, another from computer 2)

/dev/mapper

contains all logical volumes on the system that are managed by LVM, formatted as /dev/mapper/<volume group name>-<logical volume name>. Logical volumes may also be in the path /dev/<volume group name>/<logical volume name>

/etc/modprobe.d

contains configuration files for modprobe, older distributions used /etc/modprobe.conf

/dev/tty#

controlling terminals are referenced by this path

sudo yum install iptables-services, service iptables save

In CentOS/RHEL, install the necessary package and issue the proper command to ensure rule changes made with iptables persist on reboot.

/etc/grub2.cfg

In RHEL forked distros, this is a symbolic link to the grub.cfg file

apt purge {package name}

Uninstall the package using apt and remove its configuration files.

apt remove {package name}

Uninstall the package using apt, leaving behind its configuration files.

apt update

Update APT database of available packages.

yum update [package name]

Update a package using yum; if none provided, updates all installed packages (time-consuming).

apt upgrade [package name]

Upgrade the package using apt, or upgrade all packages if none provided (time-consuming).

scp {filename} user@host:/home/dir

copy a file to a remote host over ssh

rsync -avz /home/mydir/ user@host:/home/mydir/

copy the differences between files to a remote host over ssh, using archive mode to keep symbolic links, devices, attributes, permissions, ownerships etc. preserved, in verbose mode, compressing the data.

groupadd -o -g 123 -f sales

create a group with a non unique id, exiting with success if it already exits

sudo sytemctl enable --now httpd

create a symbolic link from the unit file in /etc/systemd/system to /usr/lib/systemd/system, enabling the Apache http service to start when the system reboots, and also start it now

sudo vgcreate {volume_group} {list_of_disk_partitions from /dev/}

create a volume group from previously initialized physical volumes

brctl addbr {bridge name}

create an empty network bridge

dd if=/dev/sda of=drive_image.iso

create an image of a drive by copying and converting its contents

chroot /home/user /usr/bin/bash

create the new root directory using the Bash shell as the process inside the jail

tar -cvf tarball.tar file1 file2 file3

creating a tarball vurbose into a file name

15 2 * * * /path/to/command

crontab entry that executes the command at 2:15 A.M., daily.

30 4 1 * * /path/to/command

crontab entry that executes the command at 4:30 A.M. on the first day of each month.

* 20 * * 1-5 /path/to/command

crontab entry that executes the command at 8 P.M., Monday through Friday

udev

daemon that runs in the background, manages the automatic detection and configuration of coldpluggable (during boot) and hotpluggable devices (during runtime)

sudo swapoff /dev/{swap_partition}

deactivate the swap space on a device

groupdel {group name}

delete a group

userdel -r {username}

delete a user and their home directory files

sed '/hey/d' test.txt

delete the lines starting with "hey" from a file stdout (the file is not changed)

nmcli general status

View a summary of network connectivity data

nmcli connection show

View identification information for each NIC

crontab -l

View the crontab file for the current user

ip route

View the current routing table on the system

route

View the current routing table on the system, deprecated in favor of the ip route command

Localhost, Unix sockets

When troubleshooting application performance, developers may need to choose how communication with a service occurs. One method, ______, creates a full network connection, including all TCP error checking, etc. This method may be significantly slower. The alternative design for developers is ______. This approach will often provide a performance increase by removing the TCP overhead from the transaction. The overhead isn't needed because the connection is entirely local.

X11 forwarding

X11 is network-aware and can enable clients to access GUI elements over a network. You can forward X traffic through an SSH tunnel in order to encrypt these communications.

Image

You can back up data as individual files or as collections of files, but you can also create one-to-one copies of entire systems. _______-based backups save the state of an operating system in an _______ file format like ISO. You can use this _______ to restore a system to the state it was in when the _______ was captured.

Container Images

You can deploy containers using these. You create them yourself or download them from the Internet. They may contain everything needed for the container, including applications and supporting configurations.

pts/#

You can enable the root user to log in to a pseudoterminal by adding a ____ entry to the /etc/securetty file. However, this is a security risk, as it will allow insecure or malicious programs to leverage root privileges.

echo {scheduler} > /sys/block/{device name}/queue/scheduler

You can set the I/O scheduler to use on a particular device by executing this command

Cloning

_______ is the process of copying all of the contents of a storage drive to another storage medium. Technically, an image backup is a _______ of a drive. However, _______ operations often go one step further by using the image file to reconstruct the original drive on a second drive.

Snapshots

_______ record the state of a storage drive at a certain point in time and usually exist on the same drive. They are "checkpoints" that you can restore the drive to rather than true copies of data that exist elsewhere.

Netfilter

a Linux kernel framework that handles packets that traverse a network interface. Some of the major services it provides are packet filtering, NAT, and connection tracking. It supports the configuration of these services by providing hooks into the kernel's network stack. Every packet that traverses the network interface will be "caught" by these hooks. User space programs that are registered with the relevant hooks are able to interact with the packets on the hooks.

Cloud-init

a cloud-based Linux mechanism to customize a virtual machine during its first bootup. This customization might include security settings, software package installations, user and group creation, etc. It references YAML files to find the necessary settings.

lsmod

a command that displays all kernel modules and their status (size and how many other modules are using it)

sudo grub2-mkconfig -o {output_file}

a command that generates a new grub.cfg configuration file by combining the configuration file templates in the /etc/grub.d/ directory with the settings in /etc/default/grub. By default, the new config file is sent to stdout, but can overwrite an existing grub.cfg by specifying the path.

ss

a command that is an information gathering utility similar to netstat but provides simpler output and syntax

Saturation

a network link's capacity is exceeded, i.e., all bandwidth is being used up.

Yellowdog Updater, Modified (YUM)

a newer and more advanced package manager that is commonly used by Red Hat derivatives. It relies on RPM and uses .rpm packages stored in repositories. It automatically installs any additional packages a package depends on.

Zypper

a package manager that supports repositories, dependency solving, and management of the software lifecycle. It is an openSUSE package manager that supports .rpm packages

raw partition

a partition format other than MBR or GPT that enables users and applications to read from and write to a block storage device directly, without using the system cache. This is useful in situations where software like a database management system (DBMS) has its own caching mechanism. The DBMS has greater control over I/O caching in a raw partition and can bypass the caching normally done by the kernel.

GUID Partition Table (GPT)

a partition structure that is part of the UEFI standard. Every partition on a drive is assigned a globally unique identifier—a GUID. There is no maximum storage space or partition number and boot data is stored in multiple locations for redundancy.

Universal Serial Bus (USB)

a peripheral interface technology that has become the de facto standard for connecting input devices, external storage devices, mobile devices, and more, to computers.

Hardware Token

a physical device that generates and stores the authentication information, and that information is tied to that particular device. One common example is a key fob that generates and displays a numeric token on the key fob's small screen.

Linux Unified Key Setup (LUKS)

a platform-independent FDE solution that is commonly used to encrypt storage devices in a Linux environment.

Common Unix Printing System (CUPS)

a print management system that enables a computer to function as a print server that can process different data formats. It is designed for scheduling print jobs, processing administrative commands, and providing printer status information to local and remote programs. It provides a web-based interface for configuring the service.

Hashing

a process or function that transforms plaintext input into an indecipherable fixed-length output and ensures that this process cannot be feasibly reversed

ntfs

a proprietary file system created by Microsoft as the primary file system for Windows. It provides many enhanced features over FAT, including file- and folder-level security, file encryption, drive compression, and scalability to very large drives and files. Linux does not support It by default

dual-homed

a server with multiple NICs connected to different network segments, virtualization networks support this.

Active/Passive

a setup for NIC bonding where one NIC is active while another is on standby. If the active NIC fails, the system automatically fails over to the standby NIC.

Type 2 hypervisor

a software layer that provides control between the virtual machines and the physical hardware that runs as a service on a locally installed operating system. Examples include: Oracle VM VirtualBox and QEMU

Type 1 hypervisor

a software layer that provides control between the virtual machines and the physical hardware that runs directly on the hardware in a "bare metal" deployment. Examples include: VMware ESXi and Microsoft Hyper-V

Hypervisor

a software layer that resides over the physical hardware and manages the allocation of that physical hardware to a virtual machine.

cifs

a specific implementation of SMB that is rarely in use. Microsoft designed it as a successor to SMB version 1, but SMB versions 2 and 3 superseded it. However, Linux still uses the name in some of its tools, though these tools support newer versions of SMB.

Master Boot Record (MBR)

a type of partition structure and the first physical sector on a storage drive that contains the boot loader that loads the operating system into memory and the partition table of the storage drive. There is a 2TB max storage space, a max of 4 primary partitions, and boot data is stored in only one sector.

Virtual Machine Manager (VMM)

a utility that can be used for managing connectivity to virtual machines. It enables the deployment, management, and removal of virtual machines using an intuitive graphical interface.

fdisk /dev/{device}

a utility that is used to create, modify, or delete partitions on a storage drive.

parted /dev/{device}

a utility that is used to manage partitions. It can be used to create, destroy, and resize partitions

sudo swapon /dev/{swap_partition}

activate a swap partition in a specified device

firewall-cmd --zone=dmz --add-port=21/tcp

add TCP port 21 (FTP) to the dmz zone.

modprobe {module_name}

add a module to the kernel after loading all dependent modules

iptables -A INPUT -p tcp --dport 80 -j ACCEPT

add a rule to the end of the input chain to accept http traffic from anywhere

iptables -A INPUT -p tcp --dport ssh -s {ip_addr) -j ACCEPT

add a rule to the end of the input chain to allow ssh (using named alias vs. port 22) traffic from a specific source (based on ip address)

usermod -aG wheel username

add a user to the wheel group, giving them sudo privileges

ipset add range_set {cidr_block}

add an ip address range to an IP set

firewall-cmd --zone=dmz --add-service=http

add the HTTP service to the dmz zone.

firewall-cmd --zone=dmz --change-interface=<device ID>

add the specified interface to the dmz zone.

acl

add this option to a file system in the /etc/fstab file to enable FACL, if not enabled by default (unmount then remount or reboot if root)

grpquota

add this option to a file system in the /etc/fstab file to enable group storage quotas (unmount then remount or reboot if root)

usrquota

add this option to a file system in the /etc/fstab file to enable user storage quotas (unmount then remount or reboot if root)

/etc/cron.d/cron.deny/allow

add user names to this file on separate lines to blacklist/whitelist these users for cron access

/etc/grub.d/

directory that contains scripts that are used to build the main grub.cfg file. Don't edit the existing scripts. To add a custom scripts use ##_ file name prefix (like 40_custom) to denote the order you want the script to execute in.

systemctl mask ctrl-alt-del.target

disable the use of Ctrl+Alt+Del on systemd systems

systemctl mask firewalld

after disabling it, create a symbolic link from firewalld.service to /dev/null to ignore requests from other services to activate its unit file, this is typically done when switching to iptables

Terminal Access Controller Access-Control System + (TACACS+)

an Internet standard protocol that provides authentication, authorization, and accounting (AAA) services that is more secure than RADIUS

Remote Authentication Dial-In User Service (RADIUS)

an Internet standard protocol that provides authentication, authorization, and accounting (AAA) services. _______ clients will pass all authentication requests to the _______ server for verification.

Dandified YUM package manager (DNF)

an improved version of YUM, it uses fewer resources

cat /etc/passwd | grep {username}

display a user entry for a specific user

which {command}

display the complete path of a specified command's executables

ls -i

display the inode numbers of the files in the current working directory

du -h

displays how devices are used in human readable form

inode

an object that stores metadata about a file or directory on a file system, unique inode numbers in an inode table are mapped to the corresponding file or directory, XFS file systems used dynamic inode allocation with no strict limit.

Statefull Firewall

In contrast to packet filtering firewalls, they can identify past traffic that is related to a packet. This means that they can view the entire conversation of a transmission, such as the three-way TCP/IP handshake, and make more informed decisions about what traffic to deny and what to allow.

thin client

any lightweight computing device that connects to a more powerful server for doing work.

apt install {package name}

Install a package using apt

wget http://download.samba.org/pub/samba/samba-latest.tar.gz

download a file from a website, this command can download files recursively but only supports HTTP/S and FTP

curl -o nmap-7.70.tar.bz2 https://nmap.org/dist/nmap-7.70.tar.bz2

download a file from a website, this command is easily ported to other systems and supports many network protocols, but cannot download files recursively

SIGKILL (9)

Kill the process immediately. The signal cannot be caught or ignored. This is typically used as a last resort.

sudo dmidecode > ~/report.txt

dump the system's Desktop Management Interface (DMI) table to verify connected devices and whether or not they support certain features

ssh-keyscan {ip_addr} >> ~/.ssh/known_hosts

append the public key of a server to the known hosts of a client

/etc/cron.hourly

Link or copy a script into this directory to run your commands every hour

tail -f {file_name}

dynamically watch the last 10 lines of a file

libvirt

Linux virtualization solutions are built on top of this, an application programming interface (API) that provides the software building blocks for developers to write their own virtualization solutions. It provides a solid foundation for Linux-based virtualization.

imedateclt list-timezones

List all available time zones in the format specified by the /usr/share/zoneinfo structure.

ls -Z

List directory contents along with each object's SELinux security context.

aa-unconfined

List processes with open network sockets that don't have an AppArmor profile loaded (at minimum, you should secure any application that is listening on a network port)

ps -Z

List running processes along with each process's SELinux security context

chage -l user1

Lists password aging information

klist

Lists the user's Kerberos ticket cache.

sysctl -p[file name]

Load sysctl settings from the specified file, or /etc/sysctl.conf if no file name is provided.

cryptsetup -v -y luksFormat /dev/{partition}

Format a storage device using the LUKS encryption standard in verbose mode with passphrase verification. A key is generated, attached to the system, and the user's account is granted privileges to access it.

/etc/logrotate.d/

Log rotation behavior can be configured in this directory, where each relevant service has its own configuration file.

Ctl+Z

Halt a job/ pause a process from the terminal, freeing the command prompt so you can use the bg command.

ln {target name} [link name]

Make a hard link

Block Storage

breaking files into pieces and writing those pieces to the fundamental storage areas of the drive. Data is reassembled when called by the operating system.

/etc/pam.d/

PAM configuration files are located in this directory, where each PAM-aware service or application has its own file

sudo tcpdump -i enp0s3 > ~/data.txt

capture everything in a packet except for the payload using a packet sniffing utility, specifying the network interface and redirecting the results to a text file.

cat test.txt | tr "[a-z]" "[A-Z]" > test2.txt

change lower case letters in a file to upper case letters and redirect to another file

chown :{group name} {file/directory}

change the group but not the owner. This is the same as using the chgrp command.

chgrp {group name} {file/directory}

change the group of a file or directory.

chown {user name}: {file/directory}

change the owner and the group of a file or directory so the group will be changed to the specified user's login group.

chown {user name} {file/directory}

change the owner but not the group of a file or directory

touch {file names}

change the time of access or modification time of a file to the current time, or create an empty file with the specified name

passwd

change your own password

chown {user name}:{group name} {file/directory}

changethe owner and the group of a file or directory

SIGSTP (18, 20, 24)

Pause a process from the terminal. The signal can be caught or ignored. This is the same as pressing Ctrl+Z at a terminal; a process might change this shortcut behavior, however.

SIGSTOP (17, 19, 23)

Pause a process. The signal cannot be caught or ignored. This is typically sent from kill or another program and not the terminal.

ls -Z {file/directory}

check the SELinux security context of a specific object

ps -Z {PID}

check the SELinux security context of a specific process

sudo aa-complain /etc/apparmor.d/{profile}

Place a AppArmor profile in complain mode

sudo aa-enforce /etc/apparmor.d/{profile}

Place an AppArmor profile in enforce mode

pam_ldap.so /etc/pam.d/common-

Place directives that use the _____ module to authenticate the user with the LDAP service in the _____ files

netcat -z -v domain.tld {port_range}

Port scan a computer

aggregation

combining the bandwidth, fault tolerance, redundancy, and load balancing of two or more NICs on the same system by bonding them together.

pgrep {pattern}

command displays the PID of processes that match any given pattern, like the name or user ID (UID) of the user who invoked it; the start time; the parent PID; and more.

iptables -I INPUT -m set --match-set range_set src -j DROP

configure an iptables rule to drop traffic whose source matches the ranges in an IP set

VM templates

these can make deployments much more efficient. Administrators and users can deploy servers themselves in a self-service environment using pre-defined templates that specify different processor, memory, storage, and network configurations.

/lib/systemd/system/*.target

these files are used determine one of several ways in which the system can operate, such as running with just a CLI; running with a graphical desktop environment; initiating a system shut down; and more. You can activate these in order to boot into the desired environment.

Virtual Private Network (VPN)

these servers enable remote users to connect to the internal company network and access internal resources as if they were physically present at the network location. Content is encrypted in the client and decrypted in the server

Authentication servers

these servers hold information about user identities in a directory store for use in centralized authentication.

Web Servers

these servers host the files and images that make up websites, typically hosted through a service called Apache using HTTP on TCP port 80 or HTTPS on TCP port 443

Certificate Authority (CA) servers

these servers manage the enrollment, approval, expiration, and revocation of certificates to provide a way of guaranteeing identity based on the use of a public key infrastructure (PKI) and asymmetric encryption

Dynamic Host Configuration Protocol (DHCP) servers

these servers provide IP address configurations (IP address, a subnet mask, default gateway (router) etc.) to client systems who lease them using UDP port 67 and 68

Name / Domain Name System (DNS) servers

these servers store relationships between easy-to-remember hostnames and difficult-to-remember IP addresses. They use TCP/UDP port 53

monitoring services

these services can monitor applications, the OS, or CPU and memory usage like top

Clustering services

these services provide access to a storage area network through a cluster of node servers that accept client connections. If one node goes down, the other nodes can maintain availability

kill {pid}

this command Sends any specified signal, or by default the termination signal, to one or more processes. The PID must be specified as the argument. As a user, you can only use the this command with processes that you own.

pkill {pattern}

this command Sends any specified signal, or by default the termination signal, to processes based on a matching pattern. The command matched a name pattern rather than a process ID.

tune2fs -j {device/file system name}

this command adds journaling to an existing ext2 or ext3 file system. If the file system is already mounted, the journal will be visible in the root directory of the file system. If the file system is not mounted, the journal will be hidden.

sudo e2label /dev/{disk_partition} {Label}

this command adds or changes a ext2/3/4 file system label for easy identification

make

this command automatically looks for the makefile in the current directory, reads the makefile and makefile.dep/, and compiles the application by running the underlying gcc commands specified.

iptables -N {chain}

this command creates a new iptables rule chain

iftop -i eth0

this command displays bandwidth usage information for the system, helping to identify whether a particular NIC or protocol is consuming the most bandwidth. Use it to see what is consuming the most bandwidth on an interface

lsusb -v -s {bus} -d {vendor}

this command displays detailed information about devices that are connected to the specified USB bus and from the specified vendor

lsblk

this command displays information about all block storage devices that are currently available on the system. The output is displayed in a tree-like format with each physical device at the top of the tree and each partition or logical volume branching off from that device.

sudo firewall-cmd --get-default-zone

this command displays the default firewalld zone that all network adaptors are going to be tied to the default zone unless changed

last {terminal number}

this command displays the history of user login and logout actions, along with the actual time and date. It also has options that enable you to filter users who have logged in through a specific terminal

last

this command displays the running history of user login and logout actions, along with the actual time and date

lsdev

this command displays various information about a system's hardware as reported by the kernel

ldd {program binary}

this command enables a user to view shared library dependencies for an application

hwclock

this command enables you to view and set the hardware clock; it is strongly recommended that you keep the hardware clock aligned with UTC to prevent over-correction by other operating systems. Options include --set, -u, -s, --adjusts

ioping -c 5 /dev/{partition}

this command generates a report of device I/O latency in real-time. It will "ping" the specified device the specified number of times (if given) with requests and print information about each request at the command-line.

uptime

this command gives information about the current time, how long the system is running, and how many users are currently logged in. Most relevant to CPU troubleshooting, however, is the load average field. You can find the average load over three different periods of time, from left to right in the output: the last 1 minute, the last 5 minutes, and the last 15 minutes.

make install

this command installs the application binaries, libraries, and documentation in the correct locations for system wide use

/etc/inittab

this file stores details of various processes related to system initialization on a SysVinit system. It also stores details of the runlevels in use. The init daemon reads from this file to determine what runlevel to boot into, what daemons to start, and what to do if the runlevel changes.

/etc/passwd

this file stores user account information; it is not recommended to edit this file directly

sudo resize2fs /dev/{volume_group}/{logical_volume}

ext2/3/4 tooling used to expand or shrink a filesystem on a device; note that the device must be unmounted before shrinking the filesystem

sudo vgextend {volume_group} {disk_partition from /dev}

extend a volume group to include another initialized physical volume

tar -xvf {source_file}.tar | /dev/{partition}

extract a tarball and direct its contents to an available device

tar -xvzf tarball.tar.gz

extract a tarball, verbose, unzip, from a file name

.tgz or .tar.gz

file extension used to indicate a compressed tarball

/etc/fstab

file system table, lists all disks and where they are being mounted to. To make the FS persistent, including logical volume, they must be placed into the file system table. File Systems can be mounted based on uuid, device name (path), or a label.

sudo chkconfig {service} off

for SysVinit, disable a service so that it does not start on boot, no run levels

sudo chkconfig -level 235 {service} on

for SysVinit, enable a service to be started on boot for run levels 2,3, and 5

sudo chkconfig {service} on

for SysVinit, enable a service to be started on boot for run levels 3 and 5 by default

sudo service {name} status

for SysVinit, print the current status of a service

sudo service {name} reload

for SysVinit, re-read a service's configuration files while the service remains running.

sudo service {name} restart

for SysVinit, restart a service immediately (not set to start on reboot)

sudo service {name} start

for SysVinit, start a service immediately (not set to start on reboot)

sudo service {name} stop

for SysVinit, stop a service immediately

Wayland

for this display server, the compositor is the server rather than a separate component, enabling clients to exchange events directly with the compositor, mitigating latency issues, letting clients perform their own rendering, and isolating window I/O data for increased security.

rm -rf {directory}

force recursive removal of a directory and its contents,

sudo udevadm control --reload-rules

force udev to reload the rules so changes will take effect on devices that are already connected

sudo mkfs.ext4 /dev/{volume_group}/{logical_volume}:

format a logical volume, which may also be referenced in /dev/mapper/{logical_volume}

.gz

gzib compression utility file extension, take one or more files and reduces their size

tune2fs {device/file system name}

helps you configure various "tunable" parameters associated with an ext2/3/4 file system

sudoedit /path/to/file

his command permits a user to edit files that need elevated privileges to do so. To use it, you must make an entry in the /etc/sudoers file.

timedateclt {status}

how the current date and time information, including local time, universal time, RTC time, time zone, and more.

third extended file system (ext3)

in case of an abrupt system shutdown, it is much faster than older file systems in recovering data and better ensures data integrity. You can easily upgrade your older file system to this newer format.

X Window System (X11)

in this system, the server coordinates client input and application output to determine how to draw elements on the screen; it also communicates with a compositor that reads a memory buffer that each application writes to and combines each individual application window on the screen so that multiple windows can appear at once. When the server receives an event, it must inform the compositor so that it can re-composite the portion of the screen that is affected by the event

Grand Unified Boot Loader (GRUB)

it enables users to choose which operating system or kernel version to boot in a multi-platform environment, phases out in favor of a newer version

Logical Volume Manager (LVM)

maps whole physical devices and partitions (e.g., /dev/sda1, /dev/sdb2, etc.) into one or more virtual containers called volume groups. Within these volume groups are one or more logical volumes. Ultimately, the logical volumes become the storage devices that the system, user, and applications work with.

find {search_directory} -name {file_name} 2>/dev/null

search a directory for a file while throwing any permission denied errors away

cat {file_name} | grep -E "{string_1}|{string_2}"

search a file for one string OR another

locate {filename}

searche the mlocate database for a matching string in a file or directory, mlocate is not always up to date

iptables-save | tee /etc/sysconfig/iptables

see iptables rules configurations on stdout and save them to disk

ipset create range_set hash:net

set a name, storage method, and data type for a new IP set

sudo passwd {username}

set a user's password as root

EnvironmentFile=/etc/sysconfig/example

set an environment file in a Unit file

Environment=VAR=/value

set an environment parameter in a Unit file to pass from parent processes to child processes

ulimit -n 512

set the maximum number of open file descriptors to 512

sudo lvdisplay

show logical volumes

sudo pvdisplay

show physical volumes and list attributes

head -n 5 {file_name}

show the first 5 lines of a file

tail -n 5 {file_name}

show the last 5 lines of a file

sudo vgdisplay

show volume groups

sudo systemctl stop sshd

shut down the ssh service daemon immediately

sort -k 2 -t, -r {filename}

sort a file on column 2 using a comma delimiter in descending order

sort -k 2 -t" " {filename}

sort a file on column 2 using a space delimiter

sudo systemctl start httpd.service

start the Apache http service (the service extension is optional) from the unit file in /lib/systemd/system/

Blob Storage

storing data in an unstructured manner as a binary large object, object storage for audio, video, multimedia, text

lpr -E -P {destination} -# 10 {file_name}

submit a 10 copies of a file for printing encrypted to a specified printer

sudo telinit 3 -t 30

switch the current run level of the system to run level 3, but wait 30 seconds

.tar

tape archiver file extension, bundle together multiple files into a single tarball

setfacl -m g:{groupname}:rw {filename}

modify the ACL of a file to allow a specified group read and write permissions

setfacl -m u:{username}:rw {filename}

modify the ACL of a file to allow a specified user read and write permissions

mount /dev/mapper/{virtual_name} /mnt/{mount_point}

mount a LUKS encrypted partition

sudo mount dev/{volume_group}/{logical_volume} /mnt/{subfolder}

mount a logical volume to a directory

nfs

offers similar functionality to SMB, but the protocols are not compatible. It is preferred in situations where Linux clients access Linux servers. In environments that are a mix of Windows and Linux, the SMB protocol is the better choice.

insmod {module_name}

old command to install a module into the currently running kernel without inserting any dependent modules, it won't become active unless the hardware is detected

overlay networks

one network built over the top of another, virtualized networks may be thought of as this, especially when deployed in a cloud environment

One-Time Password (OTP)

passwords that either expire after first use or expire within a small time period, or both

dd if=/dev/sda of=/dev/sdb

perform a full backup of a storage partition by copying data from one partition to another

hostnamectl set-hostname {new_name}

permanently change hostname, bash will only reflect the change after a new terminal is opened

General-purpose input/output (GPIO)

pins on a circuit board that have no designated purpose, but are controllable by the user at runtime programmatically through software (on Raspberry Pi devices)

/etc/pam.d/password-auth and /etc/pam.d/system-auth

place user lockout directives using the pam_tally2.so and pam_faillock.so modules in these files.

shared libraries

placed in the /usr/lib/ directory, these are chunks of compiled code that can be used in programs to accomplish specific common tasks

nohup {command/script}

prevents a process from ending when the user logs off

printf "Hello.\nWhat's your name?"

print a formatted string on two lines

systemd-analyze blame

print a list of all systemd units that were executed at boot, along with the time it took each unit to execute, used to determine what startup processes are slowing down boot operations

sed -n '/hey/p' test.txt

print only the lines starting with "hey" from a file

Network Address Translation (NAT)

provides the same functionality in virtual and physical environments, to translate between the reserved, private IP address ranges and the public, Internet address ranges.

mkfs.xfs /dev/mapper/{virtual_name}

put an XFS file system on a LUKS encrypted partition

sudo firewall-cmd --reload

reload the firewall to get changes, like a newly created zone, into RAM from disk

firewall-cmd --zone=dmz --remove-port=21/tcp

remove TCP port 21 (FTP) from the dmz zone.

unlink {file_name}

remove a file using a command other than rm (this command can only remove one file at a time and cannot remove directories)

sudo lvremove /dev/{volume_group}/{logical_volume}

remove a logical volume from a volume group

modprobe -r {module_name}

remove a module from the kernel

atrm {job_number}

remove a scheduled job

setfacl -x u:{username} {filename}

remove a user from the ACL of a file

sudo vgremove /dev/{volume_group}

remove a volume group

rmdir {directory_name}

remove an empty directory

sudo pvremove /dev/{physical_volume1} /dev/{physical_volume2}

remove one or more physical volumes

firewall-cmd --zone=dmz --remove-service=http

remove the HTTP service from the dmz zone.

sudo systemctl disable httpd

remove the symbolic link from the unit file in /etc/systemd/system to /usr/lib/systemd/system so that the Apache http service does not start when the system reboots

sudo lvresize -L +{size_added} /dev/{volume_group}/{logical_volume}

resize a logical volume, note that the filesystem on the logical volume must still be expanded out to utilize the added space using filesystem specific tooling

systemctl restart network

restart the entire networking stack (the network service daemon), ensuring that changes to network configuration scripts take effect (fine for workstations, not such a good idea on servers)

sftp user@host:file.txt

retrieve a file non-interactively from a remove host using an SSH tunnel as a transportation mechanism to encrypt data

awk '$1 == "Apache"' {filename}

retrieve entries from a file who's first field is Apache

getfacl {filename}

retrieve the access control list of a file or directory

cut -d: -f1-3 {filename}

return the first through third fields of a file's lines using a colon delimiter

cut -f 2 -d, {filename}

return the second field of a file's lines using a comma delimiter

wc -lwc {filename}

returns line count, word count, and or character count of a file (the default behavior)

/etc/cron.d/

root user and services can schedule system-wide tasks by using this directory

/etc/crontab

root users can add scheduled system-wide tasks to this file

bg {job_number}

run a stopped application in the background by job number

fg {job_number}

run an application in the foreground by job number

iperf -s, iperf -c {server address}

run these commands, first one on the server and then the next on the client, to test the maximum throughput an interface will support. The utility must be installed on both endpoint systems. It is the client that is getting tested. You can use this command to ensure that throughput is meeting your expectations.

arp -d {IP address}

run this command to clear an entry from the ARP cache for a particular IP address as part of the troubleshooting process. If a computer has cached incorrect or out-of-date information, connectivity may be lost to a particular node.

arp -a

run this command to view the ARP cache

umask 027

temporarily alter (not persistent on reboot) the default permissions on newly created files and directories so that groups have only read and execute permission on directories and only read permissions on files, while others have no permission on directories or files

Throughput

the amount of data that actually moves through a network connection in the given amount of time.

/etc/rsyslog.conf

the configuration file for the rsyslogd service. This file determines how to handle syslog messages through a variety of rules that you can modify as needed. ({facility.severity} {log_path})

/etc/skel/

the contents of this directory are copied into the home directory of a new user when it is created using useradd command, however, existing users will not receive additions or modifications

UTF-8

the default encoding (text to bytes) which uses the Unicode character set.

~/.bashrc

the file in which a persistent per user umask can be set

Local SSH port forwarding

the local client listens for connections on a port, and then tunnels any active connection to a remote server using SSH

grub.cfg

the main configuration file for the GRUB 2 boot loader. On BIOS systems, it is located in the /boot/grub2/ directory. On UEFI systems, it is located in the /boot/efi/EFI/<distro>/ directory with a .efi file extension. Don't edit this file directly!

nmcli

the most fundamental of the NetworkManager interfaces. It contains many subcommands that enable you to view and configure network information.

vmlinux

the non-compressed version of the kernel used for debugging

755

the octal for default permissions set on a directory created by a root user, before any umask is applied

777

the octal for default permissions set on a directory created by a standard user, before any umask is applied

666

the octal for default permissions set on a file created by a standard user, before any umask is applied

Bandwidth

the potential amount of data that may move through a network connection in a given amount of time.

Advanced Package Tool (APT)

the preferred method of package management in Debian-derivatives today, it also relies on .deb packages.

Name resolution

the process of relating easy-to-remember names with difficult-to-remember IP addresses. There are two general ways in which this works. The first is via static text files such as the /etc/hosts file. The second method is via a dynamic database called Domain Name System (DNS).

Uninterruptible sleep

the process will only wake when the resource it's waiting for is made available to it. Otherwise, it will stay in its sleep state. This state is common for processes that perform storage or network I/O.

Remote SSH port forwarding

the server forwards inbound client traffic to another system on a different port.

002

the typical system wide umask setting that is applied to standard users by default

Pluggable Authentication Modules (PAM)

the underlying framework and centralized authentication method leveraged by authentication services like Kerberos and LDAP

wireshark, tshark

this is a very common packet sniffer and network analyzer and its associated cli command. It is used in troubleshooting to identify what network traffic is moving in a given network subnet, to see exactly what packets are moving through a network segment or NIC and what packets are not.

X.Org Server

this is the free and open source reference implementation of the X Window System for Linux and other Unix-like operating systems.

/var/log/secure

this is the location of authentication messages. Primarily used by RHEL and CentOS.

/var/log/messages

this is the location of general non-critical system events. Primarily used by RHEL and CentOS.

/var/log/kern.log

this is the location of kernel messages (e.g., dmesg output).

/var/log/[application]

this is the location of messages from miscellaneous applications (e.g., cron, firewalld, maillog, etc.).

/etc/dhcp/dhclient.conf

this is the primary DHCP (Dynamic Host Configuration Protocol) reference file, enabling the configuration of client settings, including timeout values, dynamic DNS configurations, etc.

Address Resolution Protocol (ARP)

this is used to relate IP addresses and MAC addresses.

/etc/hosts

this old school file can be used in special case situations where a particular system—perhaps a developer's workstation—needs to connect to an experimental server that is not registered on the network. One can also place DNS lookup global overrides here.

smb

this protocol provides users shared access to files and other resources across a local area network (LAN). Clients make requests for resources to servers, which respond and provide the appropriate level of access. This protocol is primarily used with Windows computers. However, compatible software called Samba helps interface Linux and Windows hosts running network shares.

logging service

this service centralizes log files from many Linux servers to one to makes them easier to archive for service-level agreements (SLAs), troubleshooting and diagnostics, and performance auditing

Network Time Protocol (NTP)

this service enables the synchronization of a node's time with a designated, definitive time source. It uses UDP port 123

Load Balancer

this service is used to distribute inbound connection requests across multiple servers, like distributing connection attempts among web servers.

proxy service

this service passes pass Internet requests between the two networks using a trusted connection to an internal network and an untrusted connection to the internet

Secure Shell (SSH)

this service provides an authenticated, encrypted method of connecting to a remote (or even a local) system. Most frequently it is used for remote administration, though it can be used as a tunnel to carry other kinds of network communications securely. It uses TCP port 22

Ctl+c

this shortcut is the same as executing the command to interrupt a process from the terminal, enabling it to end gracefully

/etc/X11/

this subdirectory contains configuration files for input and output devices that might impact the X.Org Server environment, such as keyboards, mice, and monitors.

/sys/devices/

this subdirectory includes files that expose details about specific devices

/etc/crypttab

this table performs a similar function to the fstab file, but its purpose is to store information about encrypted devices and partitions that must be unlocked and mounted on system boot. It includes an optional password field for unlocking the encrypted device.

Thin Provisioning

this type of storage provisioning refers to a virtual storage device file that will grow on demand up to a maximum size. This may make for more efficient use of drive space, but it may also include a performance hit. This is most appropriate in environments where the cost of maintaining large storage pools is much more of a concern than the risk of temporarily running out of storage.

pam_faillock.so and pam_tally2.so

two PAM modules you can use to trigger a temporary user lockout if multiple authentication attempts fail. The first module is recommended, as it is a newer module that improves upon the second by supporting user lockout when authentication is done over a screen saver.

pam_tally2 -r -u user

unlock a user and reset their failure count by issuing this command

sudo umount /mnt/{subfolder}

unmount the folder that the logical volume is tied to

updatedb

update a database for mlocate

at 10 PM Fri

use this command to enter an interactive prompt where you list other commands intended to run once at 10pm this Friday

at now + 1 hour

use this command to enter an interactive prompt where you list other commands intended to run once at one hour from now

/etc/systemd/system/{unit_file}.d/{unit_file).conf

use this file to extend or override specific functionality within the unit file

Datagram Transport Layer Security (DTLS)

used as an alternative VPN tunneling protocol, it essentially implements SSL/TLS over datagrams (UDP), its traffic is not susceptible to the same delays that TCP-oriented traffic is.

Network File System (NFS)

used to deliver boot media to a client over a network. The client will mount an NFS share as its root file system. NFS is preferred in situations where Linux clients access Linux servers.

date +%F

used to print the date in a specified format (in this case YYYY-MM-DD) or change the system's date by including the -s option with a provided argument.

Boot from ISO

using a .iso image file written to a media device to boot from and install an OS. Commonly used to construct virtual machines.

chmod 750 {filename}

using absolute mode, set owner permissions to read, write, and execute, set group permissions to read and execute, and remove all permissions to others for a file

chmod 2755 {directory}

using absolute mode, set the group id on a directory so that all subdirectories created within it will inherit the SGID permission and all new files and subdirectories created within it will inherit the directory's group id (neither applies to existing objects or moved objects)

chmod 1755 {filename}

using absolute mode, set the sticky bit of a file so that only the owner can delete it

chmod 4755 {filename}

using absolute mode, set the user id on a file to let it be executed with owner privileges

chmod u+x, g+rx, o-rwx {filename}

using symbolic mode, add execute permissions to the owner, read and execute permissions to the group, and subtract read, write, and execute permissions from others to a file

chmod u=rwx, g=rx, o= {filename}

using symbolic mode, set owner permissions to read, write, and execute, set group permissions to read and execute, and remove all permissions to others for a file

Containers

A single host operating system runs multiple applications in isolation from each other, but all applications share the OS and its resources.

whereis {command}

locate the binary, source, and manual page files for a command

load

A CPU's ______is expressed as the number of processes that are either using or waiting to use the CPU. It can also include the number of processes in the queue for storage I/O.

self-signed certificate

A certificate that is owned by the same entity that signs it. In other words, the certificate does not recognize any authority, and is essentially certifying itself, requiring the client to trust the entity directly.

LC_*={locale}

A collection of localization environment variables, including, but not limited to: LC_ADDRESS to set the postal address format. LC_MONETARY to set the format of monetary values. LC_MEASUREMENT to set the measurement system (e.g., metric vs. imperial).

Virtual Network Computing (VNC)

A cross-platform remote desktop service that enables full remote control of a desktop environment. It leverages the Remote Frame Buffer (RFB) protocol. A server must be installed on the target machine, which you can access with a corresponding client. There are many different implementations that work on Linux. It can work with X and Wayland.

~/.ssh/known_hosts

A file on the client that lists the public keys that the client accepts. In other words, the client uses this file to authenticate servers.

~/.ssh/config

A file on the client that you can use to configure SSH connection settings, such as using an IdentityFile directive to associate multiple keys with specific servers.

~/.ssh/authorized_keys

A file on the remote server that lists the public keys that the server accepts. In other words, the server uses this file to authenticate the client.

Simple Protocol for Independent Computing Environments (SPICE)

A free and open source protocol designed specifically for use in virtual environments. It is often used by administrators to connect to virtual machines that are hosted by the Kernel-Based Virtual Machine (KVM) hypervisor.

xrdp

A free and open source utility that constructs a Remote Desktop Protocol (RDP)-like server for non-Windows systems. RDP was developed by Microsoft and is the default remote desktop software on Windows. So, you can install this on a remote Linux server and use a tool like rdesktop or even the default RDP client to connect to that server—in other words, the client can be on any platform. This utility is designed to work with X.

Bluetooth

A technology used primarily for establishing a personal area network (PAN) in which devices communicate wirelessly within a few feet of each other.

GNU Compiler Collection (GCC)

A very common compiler for Linux that is also implemented as a utility

targeted

According to a ___________ policy, except the ___________ subjects and objects, all other subjects and objects will run in an unconfined environment. The un___________ subjects and objects will operate on the DAC method and the ___________ ones will operate on the MAC method. A ___________ policy is enabled by default.

Incremental

All selected files that have changed since the last full or _______ backup (whichever was most recent) are backed up. When _______ backups are used, you must restore the last full backup plus all subsequent _______ backups. An _______ backup typically takes less time to perform than a differential backup because it includes less data, but it is also slower when it comes time to recover the data.

Full

All selected files, regardless of prior state, are backed up. Numerous _______ backups can consume a great deal of storage space, and the backup process can be slow. However, _______ backups are fast and reliable when it comes to recovering lost data.

echo 1 > /proc/sys/net/ipv4/ip_forward

Alter a single value in the appropriate file in order to enable IP forwarding in the kernel for IPv4 traffic

echo 1 > /proc/sys/net/ipv6/conf/all/forwarding

Alter a single value in the appropriate file in order to enable IP forwarding in the kernel for IPv6 traffic

/etc/udev/rules.d

An administrator applies their own customizations to this directory so that udev behaves in accordance with the administrator's preferences and/or the organization's business needs. As a result, the files in this directory are loaded with the highest priority.

sudo ssh-copy-id -i ~/.ssh/{key} user@hostname

Append the user's public keys to the remote server's authorized_keys file so that the server can authenticate the user's private key. The public key is sent over SSH and typically requires password authentication to be enabled.

kinit

Authenticates with Kerberos, granting the user a ticket granting ticket (TGT) if successful.

apparmor_status

Display the current status of AppArmor profiles

nmcli device status

Display the current status of each NIC

journalctl -f -n {number of lines} -o {short | verbose | export} -p {alert | err | warning | notice | info} -b {boot ID} -u {service name}

Display the most recent journal entries, and continuously update the display with new entries as they are added to the journal, specify the number of lines to display, the format, the severity, the boot, and the service

getsebool -a

Display the on/off status of ALL SELinux boolean values. Boolean values enable you to change policy configurations at runtime without actually writing the policy directly.

getsebool {bool}

Display the on/off status of ONE SELinux boolean value. Boolean values enable you to change policy configurations at runtime without actually writing the policy directly.

apt version {package name}

Display version information about the package using apt.

sudo visudo

Edit the /etc/sudoers file using this command to enable users and groups to be given specific commands to run in order to fulfill their responsibilities without having full administrator privileges. The system verifies the syntax of the /etc/sudoers file before committing changes

crontab -e

Edit the crontab file for the current user

imedateclt set-ntp {true,false, 0, 1}

Enable or disable synchronization with a Network Time Protocol (NTP) server.

nmcli con up {device ID}

Enable the specified NIC

process ID (PID)

Every process is assigned this when it is started so that the system and users can uniquely identify it. This is a non-negative integer that increases for each new process that is started. The init daemon's is always 1 because it is the first process to start and is the parent of all other processes on the system. For troubleshooting, you'll need this in order to terminate a process, change its priority, and perform other management tasks on it.

sudo udevadm trigger

Execute rules that apply to any device that is currently plugged in. You can also specify an action using the -c option, such as add, remove, or change. As the names imply, these will trigger events where a device is added, removed, or changed in the running kernel.

xfs_growfs

Expand the XFS file system to fill the drive size

route add -host {IP address} reject

Filter traffic destined to the specified address, which enables an administrator to control connections to a particular host. Can also be configured for an entire subnet.

/etc/network/

For Debian-derived distributions, network configuration files representing the interfaces can be found in this directory

sudo apt install iptables-persistent

For a Debian-based distro, install the necessary package to ensure rule changes made with iptables persist on reboot.

hard link

For this link, if the original file is deleted, all its contents will still be available in the linked file. This link cannot be created between two directories, nor can they be created between two files in different file systems

sudo ssh-keygen -t rsa -f ~/.ssh/{key}

Generate a public/private key pair using a specified asymmetric encryption algorithm and specifying a file path and name

sestatus

Get the status of SELinux, including its current mode, policy type, and mount point

Complete Fair Queuing (CFQ)

In this I/O scheduler, each process is given its own queue and each queue has an interval by which it is accessed, or its time slice. The scheduler uses a round-robin system to access each queue and services requests from these queues until either their time slices or requests are exhausted.

Permissive

In this mode, SELinux is enabled, but the security policies are not enforced. So, processes can bypass the security policies. However, when a security violation occurs, it is logged and a warning message is sent to the user.

Disabled

In this mode, SELinux is turned off. So, MAC will not be implemented and the default DAC method will be prevalent.

Enforcing

In this mode, all the SELinux security policies are enforced. Therefore, processes cannot violate the security policies.

sudo pvcreate {list_of_disk_partitions from /dev/}

Initialize one or more drive partitions to use as a physical volume. A partition is expected to already be on the disk. Any formatting on the partition (ext4, xfs) will be wiped.

Unity

Initially designed to make better use of space on devices with small screens, the app launcher on the left side of the screen is always present in this desktop shell. It supports both X and Wayland.

SIGINT (2)

Interrupt a process from the terminal, enabling it to end gracefully. The signal can be caught or ignored. This is the same as pressing Ctrl+C at a terminal; a process might change this shortcut behavior, however.

Importance of disabling root login via SSH

It can prevent an authorized user from gaining complete access over a system from a remote location.

Importance of denying hosts

It configures the system to deny hosts that it does not recognize

Importance of enabling SSL/TLS

It guarantees confidentiality and authenticity in the data that is sent to and received from clients.

fourth extended file system (ext4)

It is backwards-compatible with its older filesystem siblings. Among its improvements are journaling, support of volumes of up to one exbibyte (EiB), and files up to 16 tebibyte (TiB) in size. This is the default file system for Ubuntu installations.

Internet Protocol Security (IPSec)

One of the most prominent protocols for site-to-site connections, this is a set of open, non-proprietary standards that can be used to secure data as it travels across the network or the Internet. It uses different protocols and services to provide data authenticity and integrity, anti-replay protection, non-repudiation, and protection against eavesdropping and sniffing. It operates at the network layer (layer 3) of the OSI model, so it is not application-dependent.

cryptsetup luksOpen /dev/{partition} {virtual_name}

Open a LUKS storage device and set it up for mapping to a virtual name, assuming the provided key material is accurate. The passphrase used to encrypt the device will be asked for.

-20 to 19

Processes are prioritized based on a number from ______, called a nice value or niceness value. The lower the number, the higher the priority. A processes inherits a nice value from its parent, and by default, that value is 0.

SIGTERM (15)

Terminate a process, enabling it to end gracefully. The signal can be caught or ignored. This is typically sent from kill or another program and not the terminal.

top : k

Terminate the process for which you specify the PID.

sar

Use this command to see what component is causing heavy load on the CPU and when. It displays CPU usage in various time increments for each category of resource that accessed the CPU, such as users, the system, I/O scheduling, etc. It also displays the percentage of the CPU that was idle at a given time. At the bottom of the report is an average of each data point across the listed time periods.

sysctl

Use this command to view or set kernel parameters at runtime. Use this command to troubleshoot CPU issues by retrieving CPU-based kernel parameters at runtime.

/etc/hosts.allow

Using a TCP wrapper, you can specify hosts to allow to connect with the SSH service in this file (specify hosts by their hostnames, IP addresses, network segments, etc.). This file takes precedence and is applied before its counterpart file.

/etc/hosts.deny

Using a TCP wrapper, you can specify hosts to deny connection with the SSH service in this file (specify hosts by their hostnames, IP addresses, network segments, etc.) This file is overridden by and is applied after its counterpart file.

virtual file system (VFS)

a common software interface that sits between the kernel and real file systems. We can mount multiple different types of file systems on the same Linux installation, and they will appear uniform to the user and to all other applications; examples include /proc/, /sys/,/boot/initramfs, devtmpfs, and debugfs

GRUB 2

a complete redesign and rewrite of the older boot loader system. It is made of a binary that gets loaded into RAM and various configuration files. finds the OS (initrd + Kernel)

vmlinuz

a compressed executable file that contains the Linux kernel located in the /boot directory

Load Balancing

a configuration for NIC bonding where the combined bandwidth of each NIC is used in a way that one of the NICs is not overwhelmed

Network Interface Card (NIC)

a device that provides an interface with which hosts exchange data over a network. Many are built into a computer's motherboard, but more can be added to the system on an expansion bus or USB. Each type of network connection protocol requires its own type (WLAN, LAN, etc.)

Lightweight Directory Access Protocol (LDAP)

a directory service protocol that runs over Transmission Control Protocol/Internet Protocol (TCP/IP) networks. ______ clients authenticate to the ______ service, and the service's schema defines the tasks that clients can and cannot perform while accessing a directory database, the form the directory query must take, and how the directory server will respond.

real file system (RFS)

a discrete file system that the Linux kernel can normally work with directly; examples include xfs and ext4 file systems

DM-Multipath

a feature of the Linux kernel leverages the device mapper to support multiple I/O paths (connection interfaces) between the CPU and the storage devices. The multipath-tools package enables you to manage DM-Multipath for storage devices. A typical configuration file is located at /etc/multipath.conf

out-of-memory (OOM) killer

a feature of the Linux kernel that determines what process(es) to kill when the system is extremely low on memory. It will continue to kill processes until enough memory is free for the kernel and the system to run smoothly.

/etc/default/grub

a file that contains GRUB 2 display menu settings that are read by the /etc/grub.d/ scripts and built into the grub.cfg file.

/etc/grub.d/40_custom

a file that enables the customization of the menu presented to the user during the boot process that is executes last by default. It enables an administrator to specify the order of the menu choices, provide user-friendly names, and to password protect menu entries

Unified Extensible Firmware Interface (UEFI)

a hardware initializing system that has largely replaced BIOS. It checks for bootable media and loads the primary boot loader from the MBR/GPT partition along with the partition table

kernel panic

a mechanism by which the system detects there has been a fatal error and responds to it. A fatal error could include a corrupted or misconfigured kernel or the systemd program not executing during boot.

digital signature

a message digest that has been encrypted with a user's private key. Asymmetric encryption algorithms can be used with hashing algorithms to create a ______. The sender creates a hashed version of the message text, and then encrypts the hash itself with the sender's private key. The encrypted hash is attached to the message as the ______.

vmstat

command displays various statistics about virtual memory, as well as process, CPU, and I/O statistics (total virtual memory available, total virtual memory that is free for use, total memory used in buffers and cache, total memory used in swap space, Time spent running user space, Time spent running in kernel space, Time spent idle, Time spent waiting for I/O)

virsh

command is an interactive shell to KVM (Kernel-Based) virtual machines. You can create (from XML), start, shutdown, reboot, and save VMs using this command

ip link set eth1 down

command that disables the interface identified as eth1

ip link set eth1 up

command that enables the interface identified as eth1

grub2-install /dev/{device_name}

command that installs the GRUB 2 boot loader on a storage device for a BIOS system. It copies GRUB 2 files into the /boot/grub2 directory.

depmod

command that probes all modules in /lib/modules/<kernel version>/ for all instances of symbols being exported and used by other modules in order to build /lib/modules/<kernel version>/modules.dep so that modprobe can accurately install dependent modules

host {domain_name} {DNS_IP}

command that returns the ipv4 and ipv6 ip address of the specified domain name or vice versa. An optional alternative DNS server can be specified

ip link

command that shows the current status of all network interface

brctl show

command to view the network bridge configuration

dig @{DNS_IP} {domain_name}

command used for gathering information and testing name resolution. Output will include the IP address mapped to the domain name, the DNS server that answered the query, and how long it took to receive that answer. An optional alternative DNS server can be specified

ping -c 5 {domain_name}

command used for sending five test packets between two systems. You can specify the ip address or domain name of the destination, but if the domain name is not converted to an IP, there is a DNS problem. Mismatched sequence numbers might indicate a dropped packet.

nmtui

command used to calll up a text based user interface for network management

dracut /boot/initramfs-$(uname -r).img $(uname -r)

command used to create the initial ram filesystem image

mkinitrd -o /boot/initrd.$(uname -r).img $(uname -r)

command used to create the initial ramdisk image

netstat

command used to gather information about TCP connections to the system, deprecated in favor of the ss commandc

grub2-mkpasswd-pbkdf2

command used to generate a password hash to protect the boot menu

ethtool -S {device}

command used to manage NIC (Network Interface Card) driver and network configurations, with the option to show statistics for a NIC

dmesg -H

command used to print any messages that have been sent to the kernel's message buffer during and after system boot, in human readable format

iwconfig

command used to provide wireless NIC configurations, including settings like SSID, encryption information, etc.

ip addr

command used to show the IP address information on all network interfaces

nslookup {domain_name} {DNS_IP}

command used to test the DNS server, used for gathering name resolution information and testing name resolution. It also has an interactive mode when entered without a specified domain name. An optional alternative DNS server can be specified

diff {filename1} {filename2}

compare two files, showing where they differ

/etc/issue

edit this file to add a banner message that will display useful information every time a user logs in

/etc/motd

edit this file to display a message of the day bellow the information banner

/etc/issue.net

edit this file to display a message to SSH clients

systemctl enable auditd

enable the auditd service to ensure that records used in auditing are being written to storage. These records include everything from number of failed logins, number of commands issued, and much more

Preboot Execution Environment (PXE)

enables a client to retrieve the necessary boot loader and system files from a server over the network

~/.bashrc

enables customization of the user's own environment, like personal aliases or abbreviations for commands, or environment variables, this file will not impact any other users and is read with all subsequent logins

sealert -a /var/log/audit/audit.log | grep {pattern} | audit2why

enter this command to troubleshoot unexpected SELinux violations

/boot/initramfs or /boot/initrd

initialization RAM file system or disk, a small root file system used to get the system booted, virtual file system designed to be used by the kernel, the version must match the version of the kernel, as it is purpose built for it. The initramfs is dynamically sized while the initrd has a fixed-sized.

iptables -I {chain} -j LOG

insert a rule at the beginning of a chain to log all packets that reach the chain. Note: you can create a duplicate rule (in addition to another rule that has an ACCEPT, RETURN, or DROP action) and set the action to LOG

yum install grub2-efi

install the GRUB 2 boot loader on a UEFI system. Installing this package will copy GRUB 2 files onto the EFI system partition (ESP) in the /boot/efi directory

ss -atp

list all TCP sockets and the associated processes using those sockets

ss -1

list all currently listening sockets

firewall-cmd --zone=dmz --list-all

list all details of the dmz zone, including the interfaces, ports, services, protocols, and more that the zone applies to.

ss -an

list all sockets but do not try to resolve service names

jobs

list of applications running in the background

ps -u

list processes with username and star time

ps -r

list processes, excluding those that are not currently running

atq

list scheduled jobs

ls -lash

list the long form of all files and directories, including their size, in human readable form

chkconfig --list

lists all services and 'on' or 'off' for each run level (0-6)

cp -r {source} {destination}

recursively copy an entire directory to another location

&>

redirect both stdout and stderr

sudo echo Hello! > /dev/tty1

redirect text to another terminal

Open Virtualization Appliance (OVA)

refers specifically to a single package representing the network appliance, usually stored in a different format, such as a .tar file.

ps -e

this command invokes the process table, a record that summarizes the current running processes on a system. The option here lists all processes. When the command is run without any options, it displays the processes run by the current shell with details such as the PID, the terminal associated with the process, the accumulated CPU time, and the command that started the process.

mtr domain.tld

this command is a combination of ping and traceroute, with additional improvements to enable testing of the quality of a network connection. Ping packets are sent to the destination in large groups, and response length is noted along with dropped packets to indicate packet loss.

mdadm

this command is a tool used to manage software-based RAID (Redundant array of independent disks) arrays; it enables you to create, manage, and monitor RAID arrays.

fsck {device/file system name}

this command is used to check the integrity of a file system. Most systems run it at boot time to detect errors early. You should unmount the filesystem before scanning it.

who

this command is used to determine the details of users currently logged in to a system, including their user name, their connection source, and the date and time they connected, -u also indicates how long the user has been idle

lspci

this command is used to display information about devices that are connected to the system's PCI buses, including logical slot, class, and vendor

w

this command is used to display the details of users who are currently logged in to a system and their transactions.

whoami

this command is used to display the user name with which you are currently logged in to the system

id {username}

this command is used to display user ID (UID) and group ID (GID) information; the currently logged in user is queries if no other username is provided

dumpe2fs {device/file system name}

this command is used to dump ext2, ext3, and ext4 file system information. It prints the superblock and block group information for the selected device.

time {command}

this command is used to gather information about how long it took to execute a command, as well as some additional statistics about the I/O and memory used in command execution.

lsblk

this command is used to identify block storage devices connected to the system

fsck -r {device/file system name}

this command is used to repair a file system

traceroute {hostname}

this command is used to report the network path between the source and destination computers, including any routers the connection uses, and outputs each hop along the path.

localectl

this command is used to view and configure the system locale (language, monetary values etc.) and keyboard layout settings. subcommands inlcude status, list-locales, set-locale, list-keymaps, and set-keymap

sudo firewall-cmd --get-active-zones

this command list firewalld zones that actually have a network interface attached to them

firewall-cmd --get-zones

this command lists all available firewalld zones, rule sets that can apply specific network resources, most distributions create a hand full of them by default

top

this command lists all processes running on a Linux system. It acts as a process management tool by enabling you to prioritize, sort, or terminate processes interactively.

iostat -d /dev/{device}

this command lists transfers, blocks read, and blocks written per second as well as total blocks used and total blocks written for a device

lsof

this command prints a list of all files that are currently opened to all active processes. This can include everything from a text file to a device file—any object that the system can parse as a file.

runlevel

this command prints the previous and current runlevel of the system, each separated by a space.

whois domain.tld

this command provides information on Internet DNS registrations for organizations. This can be useful for learning or verifying information regarding ownership of a domain name, contact information for an organization, etc.

./configure

this command reads makefile.in, gathers system information needed by the application and places it into a makefile customized to your system

netstat -l

this command shows only information about what ports are being listened on, including the protocol used by the socket, the path name of the process connected, I-Node number etc.

blkid

this command simply prints each block device in a flat format and includes some additional information like device/partition UUID and file system type. However, it is preferable to use lsblk -f if you want this additional information.

vi test.txt &

this command throws vi into the background immediately

lastb

this command will pull information on failed login events

lpq +3 {printer}

this command will report the status of the specified printer queue (if given) or the default pinter, updating every 3 seconds until the queue is empty. By default, it will report each print job's rank in the queue, who owns the job, the job number, the files in the job, and the size of the job.

last 1

this command with display the details of users who logged in using the first terminal (tty1)

bridging

this connects two networks into a single managed unit, virtualization networks support this.

/etc/profile

this file provides system-wide environment variables, the system reads this file only first during the initial login process before reading the user-specific Bash customizations in ~/.profile

Open virtualization format (OVF)

this contains the necessary configuration files, packages, etc., for virtual machines and network devices. These files may be used in the deployment of virtual machines in a virtualized environment. In addition, these files are easily distributed. The metadata of the virtual machine, including information about the VM's requirements and dependencies, is described in an XML-formatted file.

/etc/netplan/

this directory contains YAML description files to configure network interfaces used by the Netplan network configuration utility

/dev

this directory contains files that represent and support devices attached to the system. For example /dev/sda1 refers to the first partition on the first whole SCSI drive.

/dev/mapper/

this directory contains logical volumes, encrypted volumes, and other devices that are managed by device mapper

/etc/sysconfig/network-scripts/

this directory contains network device configuration files. These files include the configurations of any NICs, bonds, and bridges that might exist on the Linux system. These files usually take the form of ifcfg-<NIC>. Settings can include whether the NIC is configured for static or dynamic IP addresses, whether the NIC is enabled or not, etc

/etc/profile.d/

this directory contains scripts for setting additional global environment variables, recommended over editing /etc/profile directly

/usr/lib/udev/rules.d/

this directory contains udev rules that are generated by the system, you should refrain from editing them. Rules in this directory are low priority

/run/udev/rules.d/

this directory contains udev rules that will apply at runtime but will be lost in the event of a system reboot (they're volatile)

/etc/ufw/

this directory holds more granular configuration files for the UFW management tool. You can edit these files to control when rules are applied, when customizations are run with respect to the ufw command, and more.

/etc/

this directory includes configuration files for many components, including components that interface with devices.

/sys/block

this directory includes links to devices that are stored in various subdirectories under the /sys/devices/ location, which presents a hierarchy of devices in the kernel.

/usr/share/zoneinfo/

this directory is a container for all of the regional time zones that you can configure the system to use. Subdirectories in this container usually organize languages by region

/etc/init.d

this directory stores initialization scripts for services. These scripts control the initiation of services in a particular runlevel. The scripts are invoked from the /etc/inittab file when the system initialization begins, using the symbolic links found in the file.

/var/spool/cron

this directory stores user specific scheduled tasks

/etc/timezone

this file can be used to view the time zone on Debian bases distributions.

/proc/devices

this file contains a list of character and block device drivers loaded into the currently running kernel.

/proc/meminfo

this file contains information about RAM usage, including total memory, free memory, cached, swap, and much more.

/proc/partitions

this file contains information about each partition that is currently attached to the system. This is not a real file but part of the virtual file system.

/proc/cpuinfo

this file contains information about the system's processor. You can use this information to identify characteristics about your CPU that might indicate issues related to performance or lack of support for features.

/etc/bashrc

this file contains system wide bash default settings

~/.profile

this file defines user environment variables runs each time a new shell is started

/etc/sysctl.conf

this file enables configuration changes to a running Linux kernel. These changes might include improvements to networking, security configurations, or logging of information.

.automount

this file extension includes instructions for automatically mounting a mount point defined in a .mount unit file

/etc/resolv.conf

this file informs the system of the IP address of one or more DNS servers

Kickstart

this file is used by Linux to customize the installation, providing an unattended install. All information about partitions, packages, user accounts, software deployments, etc., are contained in this file. The combination of Anaconda and this enables rapid, consistent, and customized Linux installations.

/etc/sysconfig/network

this file is used to configure whether networking should be enabled at boot, as well as hostname information, gateway information, etc. These settings may instead be configured on a per-interface basis in the /etc/sysconfig/network-scripts/ifcfg-<NIC> files.

/etc/mtab

this file is very similar to the /proc/mounts file in that it reports the status of currently mounted file systems. However, /proc/mounts is typically more accurate and includes more up-to-date information about the file systems

/etc/group

this file lists groups, their ids, and their members

/proc/mounts

this file lists the status of all currently mounted file systems in a format similar to fstab: the system's name, mount point, file system type, etc. This is not a real file, but part of a virtual file system.

/etc/shadow

this file lists users and their password hash along with additional information including password requirements and expiration information

~/.bash_profile

this file provides shell configuration for the initial login environment, it is only read with the first login

Thick Provisioning

this type of storage provisioning refers to when a virtual storage device immediately reserves the allocated space for use by the virtual device only, regardless of whether that much capacity is actually needed. Performance is better, but it may consume more drive space than it needs. This is most appropriate in environments where disruptions to the continuous storage process present an intolerable risk, more so than the expense of unused storage.


Related study sets

Periodic Table of Elements: Groups 3-7

View Set

Questions and answers using the verb -ir

View Set

Chapter 6: The Nature of Management

View Set

Programming Fundalmentals II — Test 3

View Set