开源软件名称(OpenSource Name):abarrak/linux-sysops-handbook开源软件地址(OpenSource Url):https://github.com/abarrak/linux-sysops-handbook开源编程语言(OpenSource Language):开源软件介绍(OpenSource Introduction):Linux SysOps HandbookA study notes book for the common knowledge and tasks of a Linux system admin. Table of Content
ProcessesList the current active process with their statuses, numbers, resource usage, etc. using the command $ ps auxc Quoting man's page documentation on The daemon Each process contains several main parts, such as: PID, state, virtual space address (memory), threads, network and file descriptors, scheduler information, and links. Processes are controlled and respond to signals. The states that a process can transition among are depicted below: To observe the states and other information of the processes interactively, use the To run executables as background process (job), append an ampersand to it: $ echo "Hi .. looping:" | sleep 10000 | echo "done." & To view the current jobs, and their details run To bring back a job in the foreground in the current session, and send it back use the following: $ fg %<job-no>
$ ctrl+z
$ bg %<job-no> Use the command $ kill -l
$ kill -9 5921
$ kill -SIGTERM 6152 Use $ killall -15 nginx
$ pkill -U tester Finally, use $ psgrep -u abdullah -l User ManagementThe users and groups are managed in $ tail /etc/passwd
$ tail /etc/group
$ tail /etc/shadow The commands to manage a user are as follows:
And for groups:
Each user in the system is associated with unique user id $ id abdullah Use flags $ sudo usermod -G admins abdullah
$ sudo usermod -aG staff abdullah To lock or unlock a user account, us the $ usermod -L <username>
$ usermod -U <username> To restrict service user accounts (e.g. accounts for web servers), the shell can be set to $ usermod -s /sbin/nologin nginx_usr1 To change a user password, use the command Use the command Shell Tips and TricksGetting used to bash language and its fundamentals like conditions, looping, functions, etc. is recommended. The popular files and text processing and manipulation utilities are important to master, such as:
Use the command $ date +%x The standard terminal channels in Linux are 3: By default the successful command results are outputted to $ echo "hi there!" 1> error_log.txt
$ cat ~/incorrect-path 2> error_log.txt
# To both:
$ (echo "hi" && cat ~/wrong) >> log.txt 2>&1 To discard output stream, redirect it to the special directory The standard input can be captured via redirection or file pipes: $ cat <<EOF
This is coming from the stdin
EOF
$ cat LICENSE | wc -l The The following list of commands are used to generate and manage ssh keys between client and server:
File PermissionsA file permissions are considered in three dimensions: the owner user, the owner's group, and rest of other users. Showing the permisison of files and directories can be using The basic permission types are: read (r), write (w), and execute (x) on both folders and files: $ ls -l
-rw-r--r-- 1 abdullah staff 35149 Jan 30 17:20 LICENSE Setting the files and folders permission is done by The symbols/letter way is made for # Use + to add, - to remove, and = to reset.
# adding execute permission to user
$ chmod u+x my-file.txt
# setting read, execute to all on a folder and its content
$ chmod -R a=rX my-folder
$ chmod 740 special.txt
$ chmod -R 444 read-only-files/
$ chown sarah file-10.txt
$ chown sarah:staff file-12.txt
$ chown :admins server_log.txt
$ chgrp operators server_log.txt Lastly, a fourth dimension at the start can be added to represent the special permissions of $ chmod a+t protected-folder/
$ chmod -R 1444 read-only-protected/ Background Services and Crons
To list the available categories of daemons, run: $ systemctl -t help There are 3 types of daemons: 1. services, 2. sockets, 3. paths. Use the following to see the system's processes in each: $ systemctl
$ systemctl list-units --type=service
$ systemctl list-units --type=socket --state=LOAD
$ systemctl list-units --type=path --all
$ systemctl list-unit-files The states To view the status of a daemon use the $ systemctl status kubelet
$ systemctl is-active dockerd
$ systemctl is-enabled sshd.service Use the subcommands Additionally, use the following to list a daemon dependencies: $ systemctl list-dependencies nginx.service Finally, to resolve conflicting services making them unavailable, the The cron daemon $ sudo crontab -l
$ sudo crontab -e
$ vim /etc/cron.d/my-backup The syntax of crontab entries is captured by the diagram below. Use the following tool to quick assistance. An example of a cron entry that runs backup command, every day at 5:00 AM: 0 5 * * * /usr/bin/daily-backup Linux DistrosIn 1991, Linux kernel was introduced by Linus Torvalds, and combined with GNU project, which was previously created in 1983-1984 as open source OS programs and components. This formed what we call today Linux distribution, a Unix-like operating system. Today the Linux operating system is supported on most hardware platforms. Linux works on almost every architecture from i386 to SPARC. Linux can be found on almost every type of device today, from watches, televisions, mobile phones, servers, desktops, and even vending machines. One of the major distinction between Linux distributions is the package management part and how software is installed and managed. There are multiple package formats, and the most common ones are Debian (deb), RedHat Package Manager (RPM). Here's a listing for the common Debian based distributions:
And here's for RPM based distributions:
Logs, Monitoring, and TroubleshootingYou can monitor the system's resources usage, uptime, and sessions' load leverages over time as follows: $ top
$ uptime
$ w Use The system events and processes traces are usually kept in as logs in As explored in section (3), use $ head -n 50 /var/logs/mail.log
$ tail -f /var/logs/mysql.log You can configure $ vim /etc/rsyslog.conf
$ systemctl reload rsyslog On the other hand, use $ journalctl -n 50 -p err
$ journalctl -f
$ journalctl _PID=6610 Network EssentialsFor effective work on the system network configurations and troubleshooting, it is essential to review network/internet protocols (TCP/UDP) and IPv4/IPv6 concepts (Ref.1), (Ref.2). See the hostname of current machine or set it as below: $ hostname
$ hostnamectl set-hostname rhel.n1.apps.com The host name is managed under The host connection is either managed dynamically ( The $ ping 172.168.9.13
$ ping -c4 github.com
$ ping6 2001:db8:3333:4444:5555:6666:7777:8888 To see the network routing table and interfaces, use the following: $ ip route
$ ip -6 route
$ ip help
$ ip show link Use the command # Scan a single ip address
$ nmap 192.168.1.1
# Scan a host name
$ nmap -v server1.cyberciti.biz
# View open ports:
$ nmap --open 192.168.2.18
# Trace all pakets:
$ nmap --packet-trace 192.168.1.1
$ nmcli device wifi list
$ nmcli dev status
$ nmcli general hostname centos-8.cluster.internal
$ nmcli con show System Updates and PatchingManaging the system packages varies depending on Linux distributions, but the essential parts are the same (installation, repositories, package managers, etc.). For Debian based distributions, Search for some package: $ apt search <KEYWORD>
$ yum search <KEYWORD> Install a package: $ apt install <NAME>
$ yum install <NAME> Update a package or all packages: $ apt upgrade <NAME>
$ yum update <NAME> Remove a package: $ apt remove <NAME>
$ yum remove <NAME> Show details on a package: $ apt show <NAME>
$ yum info <NAME> List all current packages on the system: $ apt list --installed
$ yum list Audit the history of package management actions: $ cat less /var/log/apt/history.log | less
$ cat less /var/log/dnf.rpm.log | less And finally, the package source repositories can be set up and updated through the following: # list current enabled repos
$ yum repolist all
$ apt-cache policy
# manage and add repos in these directories:
$ cat /etc/apt/sources.list /etc/apt/sources.list.d/*
$ cat /etc/yum.repos.d/* StorageLinux is formed for a unified file-system consists of all file systems provided by the hardware or virtual storage devices attached to the system. Essentially, everything in Linux is a file. It can be viewed as a reversed tree of nested directories starting from the root directory Block devices are the mechanism that the kernel detects and identify raw storage devices (HDD, SSD, USBs, ..). As the name indicates, the kernel interfaces and references them by fixed-size blocks (chunks of spaces). The block devices are stored in Two operations are essential for using block storage: 1. Partitioning: Breaking the disk into reusable smaller units, each treated as own disk. The main partitioning methods are MBR (Master Boot Record) and GPT (GUID Partition Table). 2. Formatting: Preparing the device as a file-system to be read and write to. Many file-system formats exists like:
Additionally, LVM and RAID are another two concepts where the first operate on the opposite of partitioning and group multiple disks as one logical volume. The latter (Redundant Array of Independent Disks) is used to architect more advanced storage setup to ensure high availability, redundancy, DR, etc. To see the currently attached file system with mounts and a directory space usage, run $ df -H
$ du -H /home/abdullah The The permanent mounting process rely on Use the commands Notes and Additional ResourcesUse the Additionally, the Both provide shortcuts, navigation, and searching capabilities (e.g. Recommended Reading ListBooks:
Websites & Blogs: LicenseGNU General Public License v3.0. |
2023-10-27
2022-08-15
2022-08-17
2022-09-23
2022-08-13
请发表评论