LEARNNING LPI ESSENCIALS CERTIFICATION

This project aims to help students or professionals to learn the main concepts of GNU \ Linux and free software
Some GNU \ Linux distributions like Debian and RPM will be covered
Installation and configuration of some packages will also be covered Four Essential Freedoms:
0.The freedom to run the program as you wish, for any purpose (freedom 0).
1.The freedom to study how the program works, and change it so it does your computing as you wish (freedom 1).
Access to the source code is a precondition for this.
2.The freedom to redistribute copies so you can help others (freedom 2).
3.freedom to distribute copies of your modified versions to others (freedom 3).
By doing this you can give the whole community a chance to benefit from your changes.
Access to the source code is a precondition for this. Use vagrant for up machines and execute labs and practice content in this article.
I have published in each distro folder a Vagrantfile with what is necessary for you to upload an environment for studies

Authors

• Marcos Silvestrini
• marcos.silvestrini@gmail.com

License

• This project is licensed under the MIT License - see the LICENSE.md file for details

References

• Richard Stallman's
• GNU/Linux FAQ by Richard Stallman
• GNU
• GNU Operating System
• GNU Packages
• Collection GNU/Linux
• Hurd
• GCC Compiler
• GNU Tar
• GNU Make
• GNU Emacs
• Bourne Again Shell
• Explainshell
• GNU GNOME
• GNOME
• Harmony
• Kernel
• FSF
• Free Software Directory
• Free Software
• Copyleft
• GPL
• BSD
• Open Source Initiative
• Creative Commons
• GNU Lesser General Public License
• License LTS
• List Linux Distribution
• Distro Watch
• Comparison Linux Distributions
• Filesystem Hierarchy Standard
• File Hierarchy Structure
• Linux Standard Base
• Bugzila
• Let's Encrypt
• Certbot
• Snapcraft
• Bash RC Generator
• DistroTest
• Katacoda
• Environment Variables
• GNU Globbing
• Globbing
• Quoting
• Howtos
• Regular Expressions
• Shebang
• DNS Record Types
• Learning Materials 010-160
• LinuxEssentials Objectives V1.6
• Course by Luciano Siqueira
• Moc Exam by Proprofs
• Moc Exam By ITexams

1 The Linux Community and a Career in Open Source

1.1 Linux Evolution and Popular Operating Systems

Distributions

RPM-Based
RHEL
OpenSUSE

RHEL-based
Fedora
Centos

Centos-based
Oracle Linux

OpenSUSE
SUSE Linux Enterprise Server
SUSE Linux Enterprise Desktop

Debian-Based
Debian
Ubuntu
Raspberry Pi OS
SteamOS

Embedded Systems
Android
Raspbian
Tizen
Kodi

Android Devices

mobile
smart tv
smartwatches
consoles
cameras

Linux in the Cloud

AWS
Google Cloud
Azure

1.2 Major Open Source Applications

Desktop applications

3D creation suite

Blender

Image Editor

GIMP
ImageMagick

Vector graphics editor

inkscape

Audio Editor

Audacity

Video Players

VLC
smplayer

Audio Players

Amarok
Audacious
Banshee

Client Mail

Thunderbird

Web Browsers

Firefox
Chrome
Chrominium

Office Applications

OpenOffice.org(Apache OpenOffice)
LibreOffice

Writer
Text editor

Calc
Spreadsheets

Impress
Presentations

Draw
Vector drawing

Math
Math formulas

Base
Database

Fun applications

Figlet
Cowsay
Fortune
fortune -s | cowsay -W 78 -f $(ls /usr/share/cowsay/cows/ | shuf -n1)

Server Application

Server Printer

Cups

Server Mail

Postfix

DNS Server

Bind

DHCP Server

DNSmasq

LDAP

OpenLDAP

Filesystem

NFS
Samba

Web Server

Apache HTTPD
NGINX
Tomcat
lighttpd

SGBD

MariaDB
MySQL
PostgreSQL

Package Bundle

LAMP - Linux, Apache,Mysql,PHP
LEMP - Linux, Nginx,Mysql,PHP

Cloud

ownCloud
Nextcloud

Development languages

C
Java
JavaScript
Perl
Shell
Python
PHP

Package management tools and repositories

Repository File(RPM)

/etc/yum.conf
/etc/yum.repos.d/

Repository File(Debian)

/etc/apt/sources.list
/etc/apt/sources.list.d/

List Repositories(RPM)

yum repolist

List Repositories(Debian)

sudo grep -rhE ^deb /etc/apt/sources.list*
apt-cache policy

Add new repository(RPM)

sudo yum-config-manager --add-repo https://rpm.releases.hashicorp.com/AmazonLinux/hashicorp.repo
yum-config-manager --enable hashicorp

Add new repository(Debian)

sudo add-apt-repository \
'deb [arch=amd64] https://repo.mongodb.org/apt/ubuntu bionic/mongodb-org/4.0 multiverse'

Remove repository(RPM)

yum --disablerepo=hashicorp update

Remove repository(Debian)

sudo add-apt-repository -r ppa:nemh/systemback`

Search Packge(RPM)

yum search lynx
dnf search xclock

Search Packge(Debian)

apt-cache search lynx
apt-cache search -n lynx

Install Package(RPM)

sudo yum install lynx
sudo dnf install xclock

Install Package(Debian)

sudo apt-get install lynx
sudo apt install xclock

Infos of Package(RPM)

yum info lynx

Infos of Package(Debian)

apt-cache show lynx

Remove Package(RPM)

sudo yum remove lynx

Remove Package(Debian)

sudo apt-get remove lynx

# remove all config files
sudo apt-get purge cups

Update Repo Cache(RPM)

yum makecache

Update Packages(RPM)

sudo yum update

Update Packages(Debian)

sudo apt-get update

1.3 Open Source Software and Licensing

Copyletf

GPL - GNU General Public License
LGLP - GNU Lesser General Public License
GNU Affero General Public License
FDL - GNU Free Documentation License

Creative Commons

CC BY

This license lets others distribute, remix, adapt, and build upon your work, even commercially,
as long as they credit you for the original creation. This is the most accommodating of licenses
offered. Recommended for maximum dissemination and use of licensed materials.

CC BY-SA

This license lets others remix, adapt, and build upon your work even for commercial purposes,
as long as they credit you and license their new creations under the identical terms. This license is
often compared to “copyleft” free and open source software licenses. All new works based on yours will
carry the same license, so any derivatives will also allow commercial use. This is the license used by
Wikipedia, and is recommended for materials that would benefit from incorporating content from
Wikipedia and similarly licensed projects.

CC BY-ND

This license lets others reuse the work for any purpose, including commercially; however,
it cannot be shared with others in adapted form, and credit must be provided to you.

CC BY-NC

This license lets others remix, adapt, and build upon your work non-commercially, and although their
new works must also acknowledge you and be non-commercial, they don’t have to license their derivative
works on the same terms.

CC BY-NC-SA

This license lets others remix, adapt, and build upon your work non-commercially, as long as they
credit you and license their new creations under the identical terms.

CC BY-NC-ND

This is the most restrictive of our six main licenses, only allowing others to download your works and share them as long as they credit you, but without being able to alter them in any way or use them for commercial purposes.s

Others Licensing

FreeBSD

1.4 ICT Skills and Working in Linux

Desktop Environment

GNOME
KDE

Graphical terminal emulator

Gnome Terminal(Gnome)
Konsole(KDE)
XTerm

Encryption

Transport Layer Security (TLS)
Secure Sockets Layer (SSL)
GNU Privacy Guard(GnuPG)

2 Finding Your Way on a Linux System

2.1 Command Line Basics

Shell in Linux

sh
Bourne-again shell (Bash)
C shell (csh ou tcsh, a versão aprimorada do csh)
Korn shell (ksh)
Z shell (zsh)

About prompt

Default value for PS1 variable example:
username@hostname current_directory shell_type

# shel type simbols
# superuser\root: #
# regular user: $

# Ubuntu or Debian GNU/Linux
carol@mycomputer:~$
root@mycomputer:~#

# Centos or Red Hat Linux
[dave@mycomputer ~]$
[root@mycomputer ~]#

Bourne Again Shell - Bash

Syntax

command  [option(s)/parameter(s)...]  [argument(s)...]
[var_name=value] command [option(s)/parameter(s)...]  [argument(s)...]

Command echo

echo "Hello World"
echo "This command save this string in file" > ~/example_echo

Command Type - Display information about command type

type echo
type cp
type if
type -t pwd
type -a ls

Command which - shows the full path of (shell) commands

which pwd
which -a python

Command whereis - Locate the binary, source, and manual page files for a command

whereis pwd
whereis python

Command History - Display or manipulate the history list

history

# clear history
history -c

The three related environment variables you need to be aware of are
HISTFILE, HISTFILESIZE, and HISTSIZE.

HISTFILE—/home/<username>/.bash_history
HISTFILESIZE—1000
HISTSIZE—1000

Command fc - Display last 16 commands

fc -l

# print last 5 commands
fc -l -5

Comand hash - hash database access method

help hash

#Forget all previously remembered utility locations.
hash -r

Relational Operators in Shell commands

ls ~/foo && cp ~/foo ~/bar
ls ~/foo || ls ~/bar

Bash Globbing

# *
cat ~/*.txt
ls -a ~/*.php
ls -a ~/.*

# ?
cat ~/foo?.txt
ls -a ~/202004??.log
ls -a ~/2020040?.log

# []
cat ~/foo[0-9].log
cat ~/foo[!0-9].log
cat ~/foo[A-Z].log
ls -a ~/foo[123].log

# {}
ls {centos?-ks.cfg,*.log}
ls {log[0-2],log[a-b]}.log
echo foo/bar/201{1,2,3}

# ^
grep '^[P-R]' list.txt
grep '[^A-C]' list.txt
sudo grep -rhE ^deb /etc/apt/sources.list*

# !
grep [!P-R] list.txt
grep [!4-8] list.txt
ls log[!0-9].log
ls log[!a-z].log

# $
grep a$ list.txt
grep 50$ list.txt

# Class
ls file[[:digit:]]
ls log[[:alpha:]].log

Bash Quoting

echo \* Hello World \*
echo '* Hello World *'
echo "Hello  World"
cat 'log example.txt'
echo "I am $USER"

Variables in Linux

Escope Shell Variables

name="Marcos Silvestrini"
age=39
echo Name is ${name} and age is ${age}
command="ls -la"
$command

day=10
month=12
year=1981
echo "Date is ${day}\\${month}\\${year}"

Escope Environment Variables

export NAME="Jonny Wick"
echo ${NAME}

NAME="Marcos Silvestrini"
AGE=39
export NAME
export AGE
echo 'echo' Name is '${NAME}' and age is '${AGE}' years old. >~/example_env_vars
chmod 777 ~/example_env_vars
cd ~/
./example_env_vars

Best pratice for scripts

env NAME=Silvestrini AGE=110 bash ./example_env_vars
NAME=Silvestrini AGE=110 bash ./example_env_vars

Remove Variable

NAME="Steve Jobs"
export NAME
echo ${NAME}
env | grep NAME
export -n NAME
env | grep NAME
echo $NAME

NAME="Michael J. Fox"
export NAME
echo ${NAME}
env | grep NAME
unset NAME
echo $NAME
env | grep NAME

Variable PS1 and PS2 (prompt command)

echo $PS1 && echo $PS2

# hostname@username
export PS1='\h@\u: '

# [hostname@username@time:]
export PS1='[\h@\u@\t:]'

# PS2 - new_line
export PS2='new_line: '

Variable PATH

PATH=$PATH:/some_dir
echo $PATH

Some Special Bash Variables

$?
last exit code

$0
script path

$1...$9
list of arguments in script

$#
Number of arguments in script

$@ or @*
array of arguments

Some Environment Variables

HOME: the home directory of the current user\
LOGNAME: name of current user\
USER: the current logged in user\
UID: id of current user\
EDITOR: default editor current user\
SHELL: the path of the current user’s shell, such as bash or zsh\
LANG: the current locales settings\
HISTFILE: history file
?: Exit codes

2.2 Command Line to get Help

Command Help - Display information about builtin commands

help type
ls --help
zip --help
zip -?
zip -h

apropos - Search the manual page names and descriptions(man -k)

apropos pwd

whatis - Display one-line manual page descriptions

whatis pwd

HOWTOs

#find Howto's
apt-cache search HOWTO

#install Howto's
sudo apt-get install python-turbogears2-doc -y

#list Howto"s files
ls /usr/share/doc/python-turbogears2-doc/

#open howto
chromium /usr/share/doc/python-turbogears2-doc/html/index.html

Command Man - Manual pager utils

Path for docs in Linux
/usr/share/doc/

Each man page is divided in maximum of 11 sections, though many of these sections are optional:

SECTION	DESCRIPTION
NAME	Command name and brief description
SYNOPSIS	Description of the command’s syntax
DESCRIPTION	Description of the effects of the command
OPTIONS	Available options
ARGUMENTS	Available arguments
FILES	Auxiliary Files
EXAMPLES	A sample of the command line
SEE ALSO	Cross-reference to the related topics
DIAGNOSTICS	Warnning and Error messages
COPYRIGHT	Author(s) of the command
BUGS	Any known limitations of the command

Man pages are organized in eight categories, numbered from 1 to 8:

CATEGORY	DESCRIPTION
1	Executable programs or shell commands
2	System calls (functions provided by the kernel)
3	Library calls (functions within program libraries)
4	Special files (usually found in /dev)
5	File formats and conventions eg /etc/passwd
6	Games
7	Miscellaneous (including macro packages and conventions), e.g. man(7), groff(7)
8	System administration commands (usually only for root)
9	Kernel routines [Non standard]

man [COMMAND]

Examples:
man ls

# print all ocorrences
man -a ls

#specific man page
man 5 passwd

#similar apropos
man -k ascii
man -k compiler

#similar whatis
man -f zip

#file of config man path
/etc/manpath.config

#list all path of manuals
manpath

info- Read Info documents

info echo

Locate - Find files by name

#update db
sudo updatedb

#locate file
locate -e file

#globbling
locate "*arquivo*"
locate arquivo[2-3].txt
locate arquivo?.txt

#limited number of outputs
locate -l 10 passwd

Find - search for files in a directory hierarchy

find .
find -name "*.jpg"
find -name "var"
find -name "log*"
find -name "*log*"
find -name 'picture[3-9].jpg'
find -name 'picture?.jpg'

#find folder
sudo find /etc -depth -name skel

#find file
find -type f -name "picture*"

#find link
find /usr/bin -type l

#find per user
find -user vagrant
find -user vagrant -type d
find -user vagrant -type f

#find per size
find -size +10k
find / -size -1M
find / -size +10G

#find per access time
find -atime -7

#find per modification time
find -mtime -2

#find per change time
find -ctime -2

#find per inode
find /usr/bin -inum 101245498

# ignore case sensitive
find -iname "*log*"

#find whith and, or , not
find -name "*log*" -name "*2*"
find -name "*picture*" -o -name "*log*"
find \( -name "*picture*" -o -name "*log*" \) -a -name "*1*"
find \( -name "*picture*" -o -name "*log*" \) -a -type d
find \( -name "*picture*" -o -name "*log*" \) -a -type f
find \( -name "*picture*" -o -name "*log*" \) -a \(! -type f \)
find \( -name "*picture*" -o -name "*log*" \) -a \( ! -type f \)

#find with command exec
find [options] -exec command [options] "{}" \;
find -name "*log*" -type f -exec ls -Rlt "{}" \;
find -name "*log*" -type f -exec echo "Find File: "  "{}" \;
find -name "*log*" -type f -exec rm -i  "{}" \;

2.3 Using Directories and Listing Files

Absolute Path Examples

cat /home/vagrant/my_dir/foo.txt

Relative Path Examples

cat my_dir/foo.txt
cd ~/
~/foo.sh
./foo.sh
cd ..
cd ../etc
ls ../../foo.txt
../bar.sh

Command cd - Change the shell working directory

cd /etc
cd ../bar
cd ../../bar/foo

# home
cd
cd ~

# latest path
cd -

Command ls - List directory contents

# Colors in command

Uncolored (white): file or non-filename text (e.g. permissions in the output of ls -l) or multi-hardlink file
Bold blue: directory
Bold cyan: symbolic link
Bold green: executable file
Bold red: archive file
Bold magenta: image file, video, graphic, etc. or door or socket
Cyan: audio file
Yellow with black background: pipe (AKA FIFO)
Bold yellow with black background: block device or character device
Bold red with black background: orphan symlink or missing file
Uncolored with red background: set-user-ID file
Black with yellow background: set-group-ID file
Black with red background: file with capability
White with blue background: sticky directory
Blue with green background: other-writable directory
Black with green background: sticky and other-writable directory

#mark types [*= executables, /=directories, @=symbolik links]
ls -F
ls -p

#all infos actual dir
ls -ld
ls -ld /etc

#inode
ls -inode /usr/bin
ls -i /usr/bin

#list reverse order
ls --reverse
ls -r

#view hidden folders\files
ls -a

#sort size
ls --sort=size
ls -S

#sort time
ls /etc --sort=time
ls --sort=time  --format=long --reverse
ls -t /etc

#sort by extension
ls --sort=extension /etc
ls -X /etc

#format
ls /etc --format=long
ls --sort=size --format=long  /usr/bin

# recursive
ls --recursive /etc
ls -R /etc

# Additional ls Options

#Combining long list with human readable file sizes will give us useful suffixes such as M for megabytes or K #for kilobytes.
ls -lh


#The -d option will list directories but not their contents. Combining this with */ will show only #subdirectories and no files.
ls -d */


#Combines long list with the option to sort by modification time. The files with the most recent changes will
#be at the top, and files with the oldest changes will be at the bottom. But this order can be reversed with:
ls -lt

#Combines long list with sort by (modification) time, combined with -r which reverses the sort.
#Now files #with the most recent changes are at the bottom of the list. In addition to sorting by
#modification time, #files can also be sorted by access time or by status time.
ls -lrt

#Combines long list with the option to sort by file eXtension. This will, for example, group all files ending
#with .txt together, all files ending with .jpg together, and so on.
ls -lX

Command tree - list contents of directories in a tree-like format

tree /home/user

# only directorys
tree -d /

# level
tree -L 1 /

# last modification time
tree -D /home

# hidden files
tree -a /home

2.4 Creating,Moving and Deleting Files

Directories

#create dir
mkdir images
mkdir -p ~/foo/bar/beer/noise

#remove dir
rmdir images
rmdir -p ~/foo/bar/beer

#Globbing
mkdir -p pictures/201{1,2}/foo{1,2,3,4}
rmdir -p --ignore-fail-on-non-empty  pictures/201{1,2}/foo{1,2,3,4}

mkdir 202{1..5}
mkdir -p 202{1..5}/test{1..5}

rmdir 202{1..5}
rmdir -p --ignore-fail-on-non-empty 202{1..5}/test{1..5}

Files

Command touch - Change file timestamps

#create file
touch foo.txt
touch arquive{1..5}.txt

#Update the access and modification times of each FILE to the current time
touch foo.txt
touch -a foo.txt
touch -ca foo.txt
touch -cm foo.txt

Command cp - Copy files and directories

cp /etc/fstab ~/
cp foo.txt foo2.txt
cp pictures/*  images

#recursive
cp -r pictures/  images

#update
cp -ur pictures  images

#copy files with permissions
cp -p /etc/fstab /etc/fstab-bkp

#Warnning in user -f !!!!!
cp -rf pictures  images

Command mv - Move,Rename files

mv ~/foo ~/bar
mv foo2.txt foo3.txt
mv -f ~/foo/bar.txt ~/beer.txt

Command rm - Remove files or directories

rm ~/foo2.txt

# Warnning in use *, -r, -rf
echo ~/pictures/*
rm ~/pictures/*

rm -r ~/pictures
rm -ri ~/pictures
rm -rf ~/pictures

3 The Power of the Command Line

3.1 Archiving Files on the Command Line

Tar - An archiving utility

# Archiving
tar -cf scripts.tar foo1.sh foo2.sh
tar -cvf scripts.tar scripts
tar -cf scripts.tar scripts/*
tar cfv  tar-file.tar --wildcards bigfile[1-3]

#redirect file to specific folder
tar cvf arquive/logs.tar logs/

#view content
tar -tf scripts.tar

# extract
tar -xf scripts.tar
tar -xvf scripts.tar

# extract to specific folder
tar xvf logs.tar -C new-logs/

#update - Add new version for modify files.Not best practice!
tar -uvf scripts.tar scripts

#update best practice for update tar files
tar -cvf scripts.tar scripts

#compress \ descompress with gzip
tar -czvf scripts.tar.gz scripts
tar -xzvf scripts.tar.gz

#compress \ descompress with bzip2
tar -cjvf scripts.tar.bz2 scripts
tar -xjvf scripts.tar.bz2

#compress \ descompress with xz
tar -cJvf scripts.tar.xz scripts

Gzip - compress or expand files

#compress
gzip -v scripts/script1.sh
gzip -v1 scripts/script1.sh
gzip -v9 scripts/script1.sh
gzip -c scripts/script1.sh > scripts/script1.gz

#descompress
gzip -dv picture1.jpg.gz
gunzip -v scripts/script1.gz

#list infos
gzip -l picture1.jpg.gz

Bzip2 - a block-sorting file compressor

#compress
bzip2 -v scripts/script1.sh
bzip2 -v1 picture1.jpg
bzip2 -v9 picture1.jpg

#descompress
bunzip2 -v picture1.jpg.bz2
bzip2 -dv picture1.jpg.bz2

xz - Compress or decompress .xz and .lzma files

#compress
xz script1.sh
xz -1 bigfile bigfile-xz1
xz -9 bigfile bigfile-xz9

#descompress
unxz picture1.xz
xz -d picture1.xz

Zip - package and compress (archive) files

zip pictures.zip  picture1.jpg picture2.jpg
zip -r scripts.zip scripts
zip -rq scripts.zip scripts
zip -r /tmp/scripts.zip scripts

#globbling
zip scripts.zip scripts/script[3-8].sh
zip scripts.zip scripts/script{1,8}.sh
zip scripts.zip scripts/script?.sh
zip scripts.zip scripts/script??.sh

#zip with pipe
find scripts/tar/ -name "*.tar" | zip -@ scripts.zip
find scripts/tar/script[3-7].tar | zip -@ scripts.zip
ls logs/* | zip -@ logs.zip

Unzip - list, test and extract compressed files in a ZIP archive

#list
unzip -l scripts.zip

#descompress
unzip scripts.zip

#quiet mode
unzip -q scripts.zip

# descompress in specific folder
unzip -d /tmp scripts.zip

#descompress specific file
unzip scripts.zip scripts/script1.sh
unzip -d /tmp scripts.zip scripts/script1.sh

#globbling
unzip -d /tmp scripts.zip scripts/script[3-8].sh
unzip -d /tmp scripts.zip scripts/script{1,8}.sh
unzip -d /tmp scripts.zip scripts/script?.sh
unzip -d /tmp scripts.zip scripts/script??.sh
unzip -d /tmp scripts.zip "scripts/*"

3.2 Searching and Extracting Data from Files

wc - print newline, word, and byte counts for each file

wc foo.txt
wc -c bar.txt #bytes
wc -l foo.txt #lines
wc -m bar.txt #chars
wc -w bar.txt #words
wc -L bar.txt #big line

more - file perusal filter for crt viewing

more foo.txt

less - opposite of more

less foo.txt

cat - concatenate files and print on the standard output

cat foo.txt
cat foo.txt bar.txt

tac - concatenate and print files in reverse

tac foo.txt
tac foo.txt bar.txt

head - output the first part of files

head foo.txt

#print N first lines in quiet mode
head -n 2 -q foo.txt

tail - output the last part of files

tail foo.txt

#print N last lines
tail -n 20 foo.txt

#use -n +K to output lines starting with the K
tail -n +30 foo.txt

#follow file
tail -f foo.log

Redirect Standart I/O

input: stdin(channel 0)
output:  stdout(channel 1)
error: stderr(channel 2)

#input
zip -@ programs.zip < list_programs.txt

#output
ls > ~/stdout_ls.txt
echo "Hello World" > echo_hello.txt
ls >> ~/stdout_ls.txt
echo "Second Line" >> echo_hello.txt

#stderr
cd /shgfdjdgfjsdfgjhdfs 2> stderr_cd.txt
ls -lR / >result.txt 2>error.log

#combination chanels
#stdout and stderr
find /home -user vagrant &> newfile

#alter output channel
cat /shgfdjdgfjsdfgjhdfs >stderr_cat.txt 2>&1

Pipe in commandline

find scripts -name program*[1..9].sh | zip -@ programs2.zip
ls -la | less
dnf search msql | less
cat /etc/passwd | wc
cat /etc/passwd | cut -c 1-5 /etc/passwd

cut - remove sections from each line of files

#cut interval n chars
cut -c 10 /etc/passwd

# cut interval k-l chars
cut -c 1-5 /etc/passwd

#cut interval k-l,m-n
cut -c 1-5,10,15 /etc/passwd

#cut field (-f) n with delimiter (-d) x
cut -f 1 -d:  /etc/passwd
cut -f 1,7 -d:  /etc/passwd

#output delimiter
cut -c 1-5,6-12 --output-delimiter=' - ' /etc/passwd
cut -f 1,6 -d: --output-delimiter=";" /etc/passwd
cut -f 1,5 -d: --output-delimiter="|" /etc/passwd

paste - merge lines of files

#generate line 1
cut -f 1 -d: /etc/passwd >passwd.users
#generate line 2
cut -f 6 -d:  /etc/passwd >passwd.home
#merge lines
paste passwd.users passwd.home > passwd_fmt.txt

#use delimiter
paste -d: passwd.users passwd.home
paste -d\;   passwd.users passwd.home

#serial (most use for export for exel,etc)
paste -s passwd.users passwd.home
paste -s\;   passwd.users passwd.home

sort - sort lines of text files

#env variables for witch sort
LC_ALL
LC_COLLATE
LANG

#simple sort
sort passwd.users

#sort per number\value
cut -f 2,3 -d: --output-delimiter=: nfe.txt | sort -k 2 -t: -n
cut -f 2,3 -d: --output-delimiter=: nfe.txt | sort -k 2 -t: -n -r

#ignore duplicate lines
cut -f 2,3 -d: --output-delimiter=: nfe.txt | sort -k 2 -t: -n -u

#output
cut -f 2,3 -d: --output-delimiter=: nfe.txt | sort -k 2 -t: -n -u -o nfe_formatted.txt

grep, egrep, fgrep - print lines matching a pattern

#simple find
grep Xbox post-ign.txt

#ignore case
grep -i No post-ign.txt

#per line
grep -n Xbox post-ign.txt
grep -n -i Xbox post-ign.txt

#count
grep -c Xbox post-ign.txt

#regular expression
grep 'erro.' protheus.log
grep "2021-0[56]" protheus.log
grep "2021-06-11T[0-9]" protheus.log
grep "[[:digit:]]" protheus.log
grep "2021-06-1[[:digit:]]" protheus.log
grep "err[[:alpha:]]" protheus.log
grep "[[:digit:]]\+,[[:digit:]]\*" protheus.log
grep "[[:digit:]]\+:[[:digit:]]*" protheus.log
grep "[[:digit:]]\+:?[[:digit:]]\+" protheus.log
grep "[[:digit:]]\+/[[:digit:]]\+/[[:digit:]]\+" protheus.log
grep "[[:digit:]]\+[:,\]\?[[:digit:]]\+" protheus.log
grep "[[:digit:]]\+[:,\]\?[[:digit:]]\+" protheus.log nfe.txt

#find file
grep -l "[[:digit:]]\+[:,\]\?[[:digit:]]\+" protheus.log nfe.txt

#deny\invert expression
grep -v "[[:digit:]]\+[:,\]\?[[:digit:]]\+" protheus.log nfe.txt

#recursive
grep -r  "[[:digit:]]\+[:,\]\?[[:digit:]]\+"

#pipe
grep erro protheus.log | grep "[[:digit:]]"
ls | grep "[[:digit:]]"
ls | grep "[[:punct:]]"

3.3 Turning Commands into a Script

Running scripts

./foo.sh
/home/vagrant/foo.sh

# current shell environment
source ./foo.sh
. foo.sh

Arguments Variables

$0 = scriptpath
$N, N>0= some argument. Example: example-zip.sh arg1 arg2 argN
$#= number of arguments
$*= print value all arguments

Example 1 - Zip files

#!/bin/bash

# ---------------------------------
#
# Script Zip Files
#
# Purpose: Zip files in folder
#
# Author: Marcos Silvestrini
#
# Version: 1.0.0
# -------------------------------
clear
# clear zip files
rm /tmp/scripts.zip

# create files
mkdir scripts 2>/dev/null
cd scripts
touch program{1..20}.sh

# zip files
cd -
find scripts -name "*program*" \
| zip -@ /tmp/scripts.zip \
| wc -l

unzip -l /tmp/scripts.zip

# remove files
rm -r scripts

Example 2 - Quotting

#!/bin/bash

# ---------------------------------
#
# Script Zip Files
#
# Purpose: Zip files in folder
#
# Author: Marcos Silvestrini
#
# Version: 2.0.0
# --------------------------------
clear

# clear zip files
rm /tmp/scripts.zip

# create files
mkdir scripts 2>/dev/null
cd scripts
touch program{1..20}.sh

# zip files
cd -
echo "Zip files in directory `pwd`/scripts"
find scripts -name "*program*" \
| zip -@ /tmp/scripts.zip \
| echo "Number of files: $(wc -l)"

#list zip files
unzip -l /tmp/scripts.zip

# remove files
rm -r scripts

Example 3 - Variables

#!/bin/bash

# ---------------------------------
#
# Script Zip Files
#
# Purpose: Zip files in folder whith name file like NAME
#
# Example: example-zip5.sh NAME
#
# Author: Marcos Silvestrini
#
# Version: 3.0.0
# --------------------------------

# Clear Screen
clear

# clear zip files
rm /tmp/scripts.zip

# create files
mkdir scripts 2>/dev/null
cd scripts
touch program{1..20}.sh

# zip files
cd -

#Variables
NAME="program"

# Print message
echo "Zip files in directory `pwd`/scripts"

# Find and Zip Files
find scripts -name "*$NAME*" \
| zip -@ /tmp/scripts.zip \
| echo "Number of files: $(wc -l)"

#list zip files
unzip -l /tmp/scripts.zip

# remove files
rm -r scripts

Example 4 - Arguments

#!/bin/bash

# ---------------------------------
#
# Script Zip Files
#
# Purpose: Zip files in folder whith name file like NAME
#
# Example: example-zip5.sh NAME [NAME...]
#
# Author: Marcos Silvestrini
#
# Version: 4.0.0
# --------------------------------

# Clear Screen
clear

# clear zip files
rm /tmp/scripts.zip

# create files
mkdir scripts 2>/dev/null
cd scripts
touch program{1..20}.sh

# zip files
cd -

# ScriptPath
echo "Scrip in exec is: ${0}"

# Print message
echo "Zip files in directory `pwd`/scripts"

#Variables
NAME=${1}

# Find and Zip Files
find scripts -name "*${NAME}*" \
| zip -@ /tmp/scripts.zip \
| echo "Number of files: $(wc -l)"

#list zip files
unzip -l /tmp/scripts.zip

# remove files
rm -r scripts

#execute script with arg
example-zip4.sh program

Example 5 - Loop for

#!/bin/bash

# ---------------------------------
#
# Script Zip Files
#
# Purpose: Zip files in folder whith name file like NAME
#
# Example: example-zip5.sh app bd
#
# Author: Marcos Silvestrini
#
# Version: 5.0.0
# --------------------------------

# Clear Screen
clear

# clear zip files
rm /tmp/logs.zip 2> /dev/null

# create files
mkdir logs 2>/dev/null
cd logs
touch app-log{1..20}.log
touch bd-log{1..20}.log
touch api-log{1..20}.log


# zip files
cd - >/dev/null

# ScriptPath
echo "Scrip in exec is: ${0}"

# Print message
echo "Zip log files in directory `pwd`/logs"

# Variables
SOURCE=logs

if [ -z "${1}" ]
then
    echo "Print value for NAME"
    exit 1
fi

for NAME in $*
do
    echo "Arg : ${NAME}"
    find ${SOURCE} -name "*${NAME}*" \
    | zip -@ /tmp/logs.zip \
    | echo "Number of files: $(wc -l)"
done

#list zip files
unzip -l /tmp/logs.zip

# remove files
rm -r logs

Example 6 - Loop for

#!/bin/bash

# ---------------------------------
#
# Script print fruits
#
# Purpose: Script for print some type of fruits
#
# Example: print-fruits.sh
#
# Author: Marcos Silvestrini
#
# Version: 1.0.0
# --------------------------------

# Clear Screen
clear

# Navegate to home
cd

# ScriptPath
echo "Scrip in exec is: ${0}"

# Print message
echo "Print name of fruits"

# Variables
FRUITS="apple orange lemon banana avocado"

for i in $FRUITS
do
    echo "Fruit : ${i}"
done

Example 7 - Loop for

#!/bin/bash

# ---------------------------------
#
# Script find files
#
# Purpose: Script for find files in MYPATH by NAME and add name file in file
#
# Example: print-files.sh scripts app
#
# Author: Marcos Silvestrini
#
# Version: 1.0.0
# --------------------------------

# Clear Screen
clear

# create files
mkdir scripts 2>/dev/null
cd scripts
touch program{1..20}.sh
touch api{1..20}.sh
touch app{1..20}.sh
cd -

# ScriptPath
echo "Scrip in exec is: ${0}"

#check variables
if [ -z "${1}" ]
then
    echo "Please enter value for MYPATH"
    exit 1
fi

if [ -z "${2}" ]
then
    echo "Please enter value for NAME"
    exit 1
fi

# Variables
MYPATH=${1}
NAME=${2}

# Print message
echo "Find files in: ${MYPATH}"
echo "Name: ${NAME}"

for i in `find ${MYPATH} -name "*${NAME}*"`
do
    echo ${i}
    # add text in file
    echo "${i}" >> $i
done

# remove files
rm -r scripts

Example 8 - Loop for

#!/bin/bash

# ---------------------------------
#
# Script list files
#
# Purpose: Script for list files in MYPATH with extension MYEXTENSION
#
# Example: list-files.sh MYPATH MYEXTENSION
#
# Author: Marcos Silvestrini
#
# Version: 1.0.0
# --------------------------------

# Clear Screen
clear

# Navegate to home
cd

# ScriptPath
echo "Scrip in exec is: ${0}"

# Variables
MYPATH=$1
MYEXTENSION=${2}

# Print message
echo "List files in ${MYPATH} with extension: ${MYEXTENSION}"

cd $MYPATH

for i in *$MYEXTENSION
do
    echo ${i}
done

Example 9 - If Else

#!/bin/bash

# ---------------------------------
#
# Script Example if
#
# Purpose: Script for print list usernames

#
# Example: friendly2.sh USER1 USER2 USERN
#
# Author: https://learning.lpi.org/pt/learning-materials/010-160/3/3.3/3.3_02/
#
# Version: 1.0.0
# --------------------------------

# Clear Screen
clear

#one simple script for salute users
if [ $# -eq 0 ]
then
    echo "Please enter at least one user to greet."
    exit 1
else
    # $@ is special variable for list of arguments with blank space
    echo "Hello $@!"
    exit 0
fi

Text editors

vim - Vi IMproved, a programmer's text editor

#open file
vi foo.txt

#enter edit mode
i

#exit edit mode
esc

# add  char
a - add new letter in next posicion where the course is positioned
I - add new letter in bigin line
A - add new letter in end line

#delete char
x - delete letter where the course is positioned
X - delete previous letter where the course is positioned
dd - delete line where the course is positioned

#find
/
#Example: /foo
#[N: Next],[?: previous ]

#save
:w

#exit
:q

#save and quit
:wq
ZZ

#not save and quit
:q!

nano - Nano's ANOther editor, an enhanced free Pico clone

#open file
nano foo.sh

#exit
ctr+x

#save
ctr+o

#find
ctr+w

#cut
ctr+k

#past
ctr+u

#open another file
ctr+r

4 The Linux Operating System

4.1 Choosing an Operating System

4.2 Understanding Computer Hardware

MOTHERBOARDS - main printed circuit board (PCB)
CPU - Central Processig Unit
BIOS - Basic Input/Output System
UEFI - Unified Extensible Firmware Interface
RAM - Random-Access Memory
HD - Hard Disk
PSU - Power Supply Unit PERIPHERALS - Mouse,Keyboard,Printers, Mic,etc

Storage Managment

lsblk - list block devices

lsblk

fdisk - manipulate disk partition table

sudo fdisk /dev/sdb
# Options for create a default ext2 partition: n, p , 1
# save new partition: w

mkfs - build a Linux filesystem

# default filesystem ext2
sudo mkfs /dev/sdb1

# filesystem ext4
sudo mkfs -t ext4 /dev/sdb1

mount - mount a filesystem

sudo mkdir /mnt/secondary
sudo mount /dev/sdb1 /mnt/secondary
lsblk

umount - umount a file systems

sudo umount /mnt/secondary

du - Estimate file space usage

du /home/vagrant
du -s ~/
du -sh ~/

df - Report file system disk space usage

df /

#human values
df -h /

4.3 Where Data is Stored

FHS - Filesystem Hierarchy Standard

the root directory

\

binary directories

/bin
# Essential command binaries

/sbin
# Essential system binaries

/lib
# Essential shared libraries and kernel modules

/opt
# Add-on application software packages

configuration directories

/boot
# Static files of the boot loader

/etc (Enviroment Tables and Controls)
# Host-specific system configuration

data directories

/home
#  User home directories (optional)

/root
# Home directory for the root user(optional)

/srv
# Data for services provided by this system

/media
# Mount point for removable media

/mnt
# Mount point for mounting a filesystem temporarily

/tmp
# Temporary files

in memory directories

/dev
# Device files

/proc
# Kernel and process information virtual filesystem

/sys
# Kernel and system information virtual filesystem

Unix System Resources - The second major section of the filesystem

/usr
# Unix System Resources

/usr/bin
# Most user commands

/usr/include
# Directory for standard include files

/usr/lib
# Libraries for programming and packages

/usr/local
# Local hierarchy

/usr/share
# Architecture-independent data

/usr/src
# Source code (optional)

Variable data

/run
/var/run
# Data relevant to running processes

/var
/var/log
/var/log/messages
# Log files and directories

/var/cache
# Application cache data

/var/spool
# Application spool data

/var/lib
# Variable state information

Some important FHS files

/etc/fstab : Static information about filesystems (optional)
/etc/hosts : Static information about host names (optional)
/etc/passwd : The password file (optional)
/etc/shadow : Encrypted passwords
/etc/init.d : Prograns executed in boot

/proc/cpuinfo : Details of CPU host
/proc/devices : Details of devices host
/proc/loadavg : CPU usage details
/proc/meminfo : Memory usage details
/proc/version : Infos of gnu\linux

/var/log : Log files

Some Important commands

# Tell how long the system has been running
uptime

# Display amount of free and used memory in the system
free
free -h

# Print or control the kernel ring buffer
dmesg | less

# Display Linux processes
top


# Report a snapshot of the current processes.
ps
ps -e
ps -ef
ps -ef | grep vim
ps -f 5634
ps -l

# kill - terminate a process
kill vim
kill 1298

#force
kill -9 vim

#stop and restore program
kill -STOP 11163
kill -CONT 11163

Some shortcuts

stop program : ctr+z
go back to the program: fg

4.4 Your Computer on the Network

Ip Classes

CLASS	ADDRESS RANGE	Supports
Class A	1.0.0.1 to 126.255.255.254	Supports 16 million hosts on each of 127 networks.
Class B	128.1.0.1 to 191.255.255.254	Supports 65,000 hosts on each of 16,000 networks.
Class C	192.0.1.1 to 223.255.254.254	Supports 254 hosts on each of 2 million networks.
Class D	224.0.0.0 to 239.255.255.255	Reserved for multicast groups.
Class E	240.0.0.0 to 254.255.255.254	Reserved for future use, or research and development purposes.

Private Address Ranges

The Internet Assigned Numbers Authority (IANA) has assigned several address ranges to be used by private networks.
Address ranges to be use by private networks are:\

CLASS	IP RANGE
Class A:	10.0.0.0 to 10.255.255.255
Class B:	172.16.0.0 to 172.31.255.255
Class C:	192.168.0.0 to 192.168.255.255

IP conversions

Bit Position	7	6	5	4	3	2	1	0
	1	1	1	1	1	1	1	1
Decimal	128	64	32	16	8	4	2	1

Convert 172.24.24.36 in binary:\
172: 128+32+8+4 = 10101100\
24:  16+8       = 00011000\
24:  16+8       = 00011000\
36:  32+4       = 00100100\

Result:\
10101100.00011000.00011000.00100100

Netmask Conversions

Bitmask (Bits)	Decimal	Hexadecimal	Binary
/0	0.0.0.0	0x00000000	00000000
/1	128.0.0.0	0x80000000	10000000
/2	192.0.0.0	0xc0000000	11000000
/3	224.0.0.0	0xe0000000	11100000
/4	240.0.0.0	0xf0000000	11110000
/5	248.0.0.0	0xf8000000	11111000
/6	252.0.0.0	0xfc000000	11111100
/7	254.0.0.0	0xfe000000	11111110
/8	255.0.0.0	0xff000000	11111111
/9	255.128.0.0	0xff800000	11111111
/10	255.192.0.0	0xffc00000	11111111
/11	255.224.0.0	0xffe00000	11111111
/12	255.240.0.0	0xfff00000	11111111
/13	255.248.0.0	0xfff80000	11111111
/14	255.252.0.0	0xfffc0000	11111111
/15	255.254.0.0	0xfffe0000	11111111
/16	255.255.0.0	0xffff0000	11111111
/17	255.255.128.0	0xffff8000	11111111
/18	255.255.192.0	0xffffc000	11111111
/19	255.255.224.0	0xffffe000	11111111
/20	255.255.240.0	0xfffff000	11111111
/21	255.255.248.0	0xfffff800	11111111
/22	255.255.252.0	0xfffffc00	11111111
/23	255.255.254.0	0xfffffe00	11111111
/24	255.255.255.0	0xffffff00	11111111
/25	255.255.255.128	0xffffff80	11111111
/26	255.255.255.192	0xffffffc0	11111111
/27	255.255.255.224	0xffffffe0	11111111
/28	255.255.255.240	0xfffffff0	11111111
/29	255.255.255.248	0xfffffff8	11111111
/30	255.255.255.252	0xfffffffc	11111111
/31	255.255.255.254	0xfffffffe	11111111
/32	255.255.255.255	0xffffffff	11111111

Some importants files

# Static information about host names (optional)
/etc/hosts

 # Resolver configuration file (optional)
/etc/resolve.conf

# Resolver configuration file (optional)
/etc/host.conf

dig - DNS lookup utility

# install in centos 7/8
sudo yum install bind-utils

# Examples
dig www.google.com

host - DNS lookup utility

# install
sudo yum install bind-utils

host www.google.com

ping\ping6 - send ICMP ECHO_REQUEST to network hosts

ping www.google.com
ping6 www.google.com

ifconfig - configure a network interface

# install
sudo dnf install net-tools.x86_64

ifconfig

route - show / manipulate the IP routing table

route

ip - show / manipulate routing, network devices, interfaces and tunnels

# list links
ip link show

# list routes
ip route show

# list ips
ip addr show

netstat - Print network connections, routing tables, interface statistics, masquerade connections, and multicast memberships

# list all conections
netstat

#listenning
netstat -l

# tcp connections
netstat -t

# tcp connection and listenning
netstat -tl

# print ports in connections tcp
netstat -tln

# print process id (PID) in connections tcp
netstat -tlnp
netstat -tlnp | grep 80
#all
sudo netstat -tlnp

# udp connections
netstat -u
# all
sudo netstat -u

# print network statistics
netstat -s

List Network Adapters

nmcli d

Configure Network

nmtui

Restart Network

sudo systemctl restart network

5 Security and File Permissions

whoami - print effective userid

#view current user
whoami

id - print real and effective user and group IDs

id

# view group number
id -u
id -u foo

# view groups
id -g
id -g foo
groups

# all groups
id -G
id -G foo

# group by name
id -ng
id -ng foo
id -nG

groups - print the groups a user is in

groups

who - show who is logged on

#latest boot
who -b

#list users
who
who -H

w - Show who is logged on and what they are doing

w

Understanding file format /etc/passwd

1                  2   3    4          5                     6                 7
marcos.silvestrini:x:1000:1000:marcos.silvestrini:/home/marcos.silvestrini:/bin/bash

1 - Username: It is used when user logs in. It should be between 1 and 32 characters in length.
2 - Password: An x character indicates that encrypted password is stored in /etc/shadow file. Please
note that you need to use the passwd command to computes the hash of a password typed at the CLI or to
store/update the hash of the password in /etc/shadow file.
3 - User ID (UID): Each user must be assigned a user ID (UID). UID 0 (zero) is reserved for root and
UIDs 1-99 are reserved for other predefined accounts. Further UID 100-999 are reserved by system for
administrative and system accounts/groups.
4 - Group ID (GID): The primary group ID (stored in /etc/group file)
5 - User ID Info (GECOS): The comment field. It allow you to add extra information about the users such
as user’s full name, phone number etc. This field use by finger command.
6 - Home directory: The absolute path to the directory the user will be in when they log in. If this
directory does not exists then users directory becomes /
7 - Command/shell: The absolute path of a command or shell (/bin/bash). Typically, this is a shell.
Please note that it does not have to be a shell. For example, sysadmin can use the nologin shell, which
acts as a replacement shell for the user accounts. If shell set to /sbin/nologin and the user tries to
log in to the Linux system directly, the /sbin/nologin shell closes the connection.

Understanding File /etc/group

The group membership in Linux is controlled through the /etc/group file. This is a simple text file that
contains a list of groups and the members belonging to each group. Just like the /etc/passwd file,
the /etc/group file consists of a series of colon-delimited lines, each of which defines a single group.
The file is readable by all users.

Here is how an entry in the /etc/group file looks like:
group name:password:GID:list of users

Uderstanding Files /etc/shadow

Here is how an entry in the /etc/shadow file looks like:
username:encrypted password:last password change:minimum:maximum:warning:disabled:disabled date

Here is a brief description of each field:

username: the name of the user.

encrypted password: the password in encrypted form.

last password change: the date of the last password change. This date is stored as the number of
days since January 1, 1970.

minimum: the number of days before a password change is allowed. The value of 0 means the password
can be changed any time.

maximum: the number of days before the password must be changed. The value 99999 means the user’s
password never expires.

warning: the number of days before a password is going to expire during which the user will be
warned.

disabled: the number of days after a password has expired until the user account is disabled. No
entry in this field means that the account is disabled immediately after the password expires.

disabled date: the number of days since January 1, 1970 that the account has been disabled. No entry
in this field means the account is not disabled.

Uderstanding Files /etc/gshadow

Here is how an entry in the /etc/shadow file looks like:
group name:encrypted password:group administrator:group members

Here is a brief description of each field:

Group Name: This is the name of the group. When you create a new user without defining a group name, the\
system automatically assigns the group name with the same as the user name.

Encrypted Password Of Group: The encrypted password for the group. If set, non-members of the group can \
join the group by typing the password for that group using the newgrp command. If the value of this \
field is ! then no user is allowed to access the group using the newgrp command. A value of !! is \
treated the same as a value of! However, it also indicates that a password has never been set before. If\

the value is null, only group members can log into the group.

Group Administrator: All the members of the group, listed here with a comma. You can add or remove group\
members using the gpasswd command

Group Members: All the members of the group listed here are regular members. But, there is a comma to \
separate them, i.e. a non-administrative member of the groups.

Understanding File /etc/skel

The /etc/skel/ directory is for "skeleton" user files, which are used to populate a home directory when
a user is first created.

# Default files
.bash_logout
.bash_profile
.bashrc

groupadd - create a new group

sudo groupadd admins

groupdel - delete group

sudo groupdel admins

groupmod - modify a group definition on the system

sudo groupmod -n infraestructure infra

newgrp - log in to a new group

newgrp group

useradd - create a new user or update default new user information

sudo useradd jon

# personalize useradd defaults
sudo vi  /etc/default/useradd

# create home dir
sudo useradd -m jon

#personalize skel(home files)
sudo mkdir /my-skel
sudo  cp -r /etc/skel /my-skel
sudo touch /my-skel/skel/my-personal-file.txt
sudo useradd -m -k /my-skel/skel/ jon
sudo ls -la /home/jon

chfn - change real user name and information(gecos)

# fullname
sudo chfn -f "New full name here" jon

chsh - change login shell

'sudo chsh -s /bin/bash jon

chage - change user password expiry information

#view expiry date
sudo chage -l jon

#change password expiry date
sudo chage -M 90 jerry

userdel - delete a user account and related files

sudo userdel jon

# remove home dir
sudo userdel -r jon

usermod - modify a user account

# add jon n group 1003
sudo usermod -a -G 1003 jon

passwd - update user's authentication tokens

sudo passwd jon
#block account
sudo passwd -l jon
#unblock account
sudo passwd -u jon

gpasswd - administer /etc/group and /etc/gshadow

gpasswd group: create password for group
gpasswd -r group: delete password for group
gpasswd -a user group:  associate user to group
gpasswd -d user group: delete user of group
gpasswd -A user group: set user for admin of group

su - run a command with substitute user and group ID

su foo

# Start the shell as a login shell with an environment similar to a real login
su - jon

sudo - sudoedit — execute a command as another user

sudo yum install java

# open root terminal
sudo -i

last, lastb - show a listing of last logged in users

last
last vagrant

lastlog - reports the most recent login of all users or of a given user

lastlog
lastlog -u vagrant
lastlog -t 2

vipw, vigr - edit the password, group, shadow-password or shadow-group file

# Edit /etc/passwd
sudo vipw

# Edit /etc/shadow
sudo vipw -s

Undertanding file permissions

The file type is one of the following characters:
-  regular file
b  block special file
c  character special file
C  high performance ("contiguous data") file
d  directory
D  door (Solaris 2.5 and up)
l  symbolic link
M  off-line ("migrated") file (Cray DMF)
n  network special file (HP-UX)
p  FIFO (named pipe)
P  port (Solaris 10 and up)
s  socket
?  some other file type

# Example
1  2   3    4  5  6   7   8     9
- rw- r-- r--. 1 foo foo  0 Jun 25 19:37 my-personal-file.txt

1: d=directory, -= file, l= link , b=block , c=char ,p=fifo channel, s=socket.
2: permission owner file
3: permission owner group
4: permission others owners
5: Count of hardlink in file
6: owner
7: group
8: size
9: data creation

# Symbolic Method
u: user
g: group
o: others
a: all

r: read
w: write
x: execute
t: Sticky Bit
s: setuid,setgid

+: allow permission
-: denny permission

# Numeric Method
0: (000) - There is no permission (---).
1: (001) - It has only the execute permission (--x).
2: (010) - It has only the write permission (-w-).
3: (011) - It has both write and execute permissions (-wx).
4: (100) - It has only read permission (r--).
5: (101) - Assigned only read and execute permissions (r-x).
6: (110) - Only the read and write permissions have been assigned (rw-).
7: (111) - All permissions. (rwx)

1: - Stick bit(t)
2: - Set GID(s)
4: - Set UID(s)

Examples with files:

600:    --rw-------
654:    -rw-r-xr--
744:    -rwxr--r--
1755:   drwxr-xr-t
2755    drwxr-sr-x
4745    -rwsr--r-x

chmod - change file mode bits

# change mode read for others users
chmod o+r bar.txt
chmod o-r bar.txt

# change mode write for others users
chmod o+w bar.txt
chmod o-w bar.txt

# change mode execute for others users
chmod o+x bar.txt
chmod o-x bar.txt

# change mode execute for user
chmod u+x bar.txt
chmod u-x bar.txt

# change mode read,write for group
chmod g+rw bar.txt
chmod g-rw bar.txt

# change mode read,write for user,group and others
chmod ugo+rw bar.txt
chmod a+rw bar.txt
chmod ugo-rw bar.txt
chmod a-rw bar.txt

#recursive
chmod -R o+rw terraform

# quotting
chmod o+x *
chmod o+x foo/*

# reference
chmod --reference=foo.txt bar.txt

# others examples
chmod o=r foo.txt
chmod u=rw,g=r,o=w foo.txt

# numeric method
chmod 644 bar.txt
chmod 777 bar.txt
chmod 744 bar.txt

chown - change file owner and group

# file
sudo chown mark /home/mark/foo.txt

# folder
sudo chown mark -R   /home/mark/foo

# alter group
sudo chown :bar foo.txt
sudo chown mark:bar foo.txt

chgrp - change group ownership

chgrp users documentos.tar.gz

Special File Permissions (setuid, setgid and Sticky Bit)

Special File Permissions (setuid, setgid and Sticky Bit)
Three special types of permissions are available for executable files and public directories. When these
permissions are set, any user who runs that executable file assumes the user ID of the owner (or group)
of the executable file.

You must be extremely careful when you set special permissions, because special permissions constitute a
security risk. For example, a user can gain superuser privileges by executing a program that sets the
user ID (UID) to root. Also, all users can set special permissions for files they own, which constitutes
another security concern.

setuid Permission
When set-user identification (setuid) permission is set on an executable file, a process that runs this
file is granted access based on the owner of the file (usually root), rather than the user who is
running the executable file. This special permission allows a user to access files and directories that
are normally only available to the owner. For example, the setuid permission on the passwd command makes
it possible for a user to change passwords, assuming the permissions of the root ID:

-r-sr-sr-x   3 root     sys       104580 Sep 16 12:02 /usr/bin/passwd

This special permission presents a security risk, because some determined users can find a way to
maintain the permissions that are granted to them by the setuid process even after the process has
finished executing.

Note –
The use of setuid permissions with the reserved UIDs (0–100) from a program might not set the effective
UID correctly. Use a shell script instead or avoid using the reserved UIDs with setuid permissions.

setgid Permission
The set-group identification (setgid) permission is similar to setuid, except that the process's
effective group ID (GID) is changed to the group owner of the file, and a user is granted access based
on permissions granted to that group. The /usr/bin/mail command has setgid permissions:

-r-x--s--x   1 root     mail       63628 Sep 16 12:01 /usr/bin/mail

When setgid permission is applied to a directory, files that were created in this directory belong to
the group to which the directory belongs, not the group to which the creating process belongs. Any user
who has write and execute permissions in the directory can create a file there. However, the file
belongs to the group that owns the directory, not to the user's group ownership.\

You should monitor your system for any unauthorized use of the setuid and setgid permissions to gain
superuser privileges. To search for and list all of the files that use these permissions, see How to
Find Files With setuid Permissions. A suspicious listing grants group ownership of such a program to a
user rather than to root or bin.

Sticky Bit
The sticky bit is a permission bit that protects the files within a directory. If the directory has the
sticky bit set, a file can be deleted only by the owner of the file, the owner of the directory, or by
root. This special permission prevents a user from deleting other users' files from public directories
such as /tmp:

drwxrwxrwt 7  root  sys   400 Sep  3 13:37 tmp

ln - make links between files

# hardlink
sudo ln /home/vagrant/bin/list-files.sh /usr/local/bin/list-files.sh

# simbolik link
sudo ln -s /home/vagrant/bin/list-files.sh /usr/local/bin/list-files.sh