ACL
ACL stands for active control list. This is the part of the file that allows you to choose who specificly can assess the file not just the user or group who created it. this is incredibly useful for keeping that guy in the office out of your files.
GETFACL
the getfacl command is the command used to show you what acls are already used in the files it should look like this:
a # file: my_stuff
b #owner: jjohnson
c #group: root
d user: :rwx
e user:steve:---
f group: :r-x
g mask: :r-x
h other: :r-x
as you can see line a shows the file name line b and c show the owner and the group and the last lines show what the specified groups or users can and cannot do for instance Steve cannot do anything to this file so he can't look through my stuff.
SETFACL
now how do you add acls to a file? you use setfacl
say for instance your new intern john is looking into your important_stuff folder
what you do is use:
setfacl
with the modify option command
setfacl -m
then you add the acl
setfacl -m u:john:0
lastly you add the file name
setfacl -m u:john:0 important_stuff
hit enter and you have successfully kept intern john out of the important stuff folder.
Tuesday, June 14, 2016
Monday, May 9, 2016
lvcreate
Logical volumes:
Before we start making logical volumes we have to know what a logical volume is. A logical volume is a portion of a volume group witch is in turn an abstract representation of your physical volumes (hard drives). this allows you to treat your storage as one single volume and partition it however you see fit across hard drives.
Before we start making logical volumes we have to know what a logical volume is. A logical volume is a portion of a volume group witch is in turn an abstract representation of your physical volumes (hard drives). this allows you to treat your storage as one single volume and partition it however you see fit across hard drives.
a quick diagram of physical volumes, volume groups and logical volumes
making logical volumes is simple albeit dangerous. if you make a typo you can seriously bork the computer. first the command you want to use is lvcreate with its two most basic options -n and -L.
lvcreate -n var -L 20GiB
-n is the name option it allows you to give a name to the new partition.
-L is the size partition it allows you to choose how big the partition has to be
--you can see your logical partitions if you use the command lvdisplay--
after you have created your partition you will have to make the file system for the partition to do this you just use the command mkfs or make files system like this
mkfs <the partitions address>
--to find the partition address all you have to do is look in lvcreate it should look like any file system address--
once you have done that you have to mount it to do this you mount it like any other file system
mount <the partition's address> <directory were you want it mounted>
Monday, March 14, 2016
scheduling tasks
at
at allows you to run commands once at a different chronological location than when you type them. for instance you can run:
$ at 11:50
and it will open a terminal that will allow you to type in a command that will be executed at 11:50
crontab
crontab allows you to run a repeating command at a different time or date every time that time or date happens. to do this you have to use the command:
$ crontab -e
this allows you to edit the crontab. then you can schedule tasks by typing in the time code then the command. the time codes are formatted like this:
minute hour day week month year
so for instance Wednesday march 16th at 7:30 at night would be:
30 19 16 3 3
for any random unit of time you use a *. so for say every wednesday at 7:00 AM you would use:
0 7 * * 3
now how do you find out what cron tabs are running? all you have to do is use:
$ crontab -l
Thursday, March 10, 2016
AT
at is a great command that you can use to activate commands at another time.
to use at all you have to do is type at and the time:
$ at 15:00
this will change the dollar signs to
at>
then you can type the commands into the console
then to exit the console by hitting ctrl-D
to use at all you have to do is type at and the time:
$ at 15:00
this will change the dollar signs to
at>
then you can type the commands into the console
then to exit the console by hitting ctrl-D
Thursday, February 18, 2016
useradd/passwd/usermod
User add/passwd/usermod
This is one of the most important commands to learn
what does it do?:
it allows you to create users
so say for example you wanted to make an account for bruce wayne:
sudo useradd bruce_wayne -m
the -m here tells the computer to create a home directory if it does not exist
you can also use: -M to tell the computer not to create a home directory for the user
but that is not too secure because there is no password to do this we use passwd
sudo passwd bruce_wayne
for this demonstration we are using 'batman' as the password
what if you dont want the password to stay the same for too long? then you use -e:
-e tells the computer when this user account password will expire
this date is the amount of seconds from the epoch or 1/1/1970 this is because that was the year UNIX was officially invented.
we are going to use October 5th 2277 in UNIX that is: 9693475200
sudo useradd bruce_wayne -m -e 9693475200
Unfortunately -e presents us with a problem what do you do a user account is inaccessible for too long? You use -f. -f tells the computer how long this account's password can be expired before it deletes the account. this is presented as days before the user account will terminate itself. for this we are going to give this a week
sudo useradd bruce_wayne -m -e 9693475200 -f 7
groups:
groups are a big part of user management. so it makes sense that there are group tools inside of useradd.
first how do we designate the group a user is in? we use -g. -g sets the name or number of the group that the user will be created in.
sudo useradd bruce_wayne -m -e 9693475200 -f 7 -g 'justice league'
if you want the user to be part of more groups you use -G. -G sets the names of the other groups this user is a part of.
sudo useradd bruce_wayne -m -e 9693475200 -f 7 -g 'justice league' -G 'detective comics'
you can even have it create a group with the same name as the user with -n
sudo useradd bruce_wayne -m -e 9693475200 -f 7 -g 'justice league' -G 'detective comics' -n
these are some other useful options:
---------------------------------------------------------------------------------------------------------------------------------
-b this tells the computer what the base directory will be or in plainer English what directory you start in on this account.
-c allows you to connect any text string as a description for the user
-h help tells the computer to display the help message and exit
-l this tells the computer to not have the user added to the last login file.
-r this is used to flag the account as a user account
-s tells the computer a login shell that the account will use
-u allows you to choose the user id for the account
-------------------------------------------------------------------------------------------------------------------------------------
User mod:
so after you make your account how are you going to edit the user? Well you use Usermod!
here are some options on usermod
-a, allows you to add the user to the following group
- -c, this is used to change the comment in the passwd folder
- -d, this changes the users home directory to the following group
- -e, his changes the user's password experation date
- -f, this changes the number of days that the user account can be expired before deletion
- -g, his changes the users initial group
- -G, this allows you to add the user to the following groups
- -l, this changes the name of the user
- -L, his locks the user's password
- -m, his allows you to move the users home directory
- -o, When used with the -u option, allows to change the user ID to a non-unique value
- -s, this changes the users login shell
- -u, this changes the users UID
- -U, this unlocks a user password
Friday, February 5, 2016
Cut
Cut is a command that allows you to output certain portions of the line. it gives you many ways to do this:
head -n 1 etc/passwd/ |cut -d ':' -f 1
outputs:
root
as you can see -d is the delimiter and -f is the field list. here the character they are separated by is ':' and the section they are showing is 1. you can even use -s to bypass lines that dont contain field delimiters
head -n 1 etc/passwd/ |cut -c 2-4
outputs:
oot
as you can see -c is the character range.
delimiters and field lists:
delimiters and field lists allow you to chunk out lines separated by characters for instance:head -n 1 etc/passwd/ |cut -d ':' -f 1
outputs:
root
as you can see -d is the delimiter and -f is the field list. here the character they are separated by is ':' and the section they are showing is 1. you can even use -s to bypass lines that dont contain field delimiters
charicters:
characters are the simplest way to use cut. it just outputs the characters in a range. for example:head -n 1 etc/passwd/ |cut -c 2-4
outputs:
oot
as you can see -c is the character range.
bytes:
bytes allows you to specify the amount of bytes you want the output to take up. I am not going to give an example for this. all you need to know is that -b is bytes.Heads/ Tails
Head and tail are two simple commands.
the first one head gives the first ten lines of a file for instance:
head /etc/passwd
outputs:
root
bin
deamon
adm
lp
sync
shutdown
halt
mail
the secon
root
bin
deamon
adm
lp
d one: tail gives the last ten words of a file to use a similar example:
tail /etc/passwd
outputs:
avahi
tcpdump
jelkner
student
systemd-bus-proxy
systemd-network
geoclue
setroubleshoot
jjohnson
hrodriguez
now people dont always want just the first or last ten words in a line. sometimes they want the first/last four or first/last twenty seven. to do this we use the:
head -n 5 /etc/passwd
gives you:
root
bin
deamon
adm
lp
or
tails -n 15 /ect/passwd
gives you:
pulse
gdm
gnome-initial-setup
postfix
sshd
avahi
tcpdump
jelkner
student
systemd-bus-proxy
systemd-network
geoclue
setroubleshoot
jjohnson
hrodriguez
the first one head gives the first ten lines of a file for instance:
head /etc/passwd
outputs:
root
bin
deamon
adm
lp
sync
shutdown
halt
the secon
root
bin
deamon
adm
lp
d one: tail gives the last ten words of a file to use a similar example:
tail /etc/passwd
outputs:
avahi
tcpdump
jelkner
student
systemd-bus-proxy
systemd-network
geoclue
setroubleshoot
jjohnson
hrodriguez
now people dont always want just the first or last ten words in a line. sometimes they want the first/last four or first/last twenty seven. to do this we use the:
-N parameter
the -n parameter tells the computer how many lines you want it to output for instance:head -n 5 /etc/passwd
gives you:
root
bin
deamon
adm
lp
or
tails -n 15 /ect/passwd
gives you:
pulse
gdm
gnome-initial-setup
postfix
sshd
avahi
tcpdump
jelkner
student
systemd-bus-proxy
systemd-network
geoclue
setroubleshoot
jjohnson
hrodriguez
Tuesday, January 19, 2016
Tuesday, January 5, 2016
Review Questions
1.
You do not want to buy a RHEL license, but you want to create an
environment to practice for the exam. Which distribution should you use?
A: centos
2. Why can’t you use a 32-bit version of RHEL to prepare for the exam?
3. You want to install a minimal system. How much RAM do you need?
A: 512 MB
4. Why is it a good idea to have Internet access on all servers you are installing?
5.
You want to install a virtual machine on a computer that does not have
an optical disk drive. What is the easiest alternative to perform the
installation?
A: download a disk formated file
6. Why is it a good idea to install a GUI?
A: there are some easy tools that can help you with the problems on the RHCSA
7. What is the default file system on RHEL 7?
A:LVM
8. Can you install RHEL if you do not have Internet access?
A: yes
9. What is the most important feature offered through RHN?
A: technical support
10. Which installation pattern should you use if you have a very limited amount of disk space available?
Subscribe to:
Comments (Atom)