Linux 101: Difference between revisions
Duffsigpatch (talk | contribs) (→Bash) |
Duffsigpatch (talk | contribs) (→Bash) |
||
(20 intermediate revisions by the same user not shown) | |||
Line 8: | Line 8: | ||
Linux and the tools associated with it are open source, which means anybody can modify it. This has culminated in many different offerings of Linux known as distributions. Though, there are only a few core ones, there are a bunch that exist based off of existing ones for instance. Let’s introduce the core ones. | Linux and the tools associated with it are open source, which means anybody can modify it. This has culminated in many different offerings of Linux known as distributions. Though, there are only a few core ones, there are a bunch that exist based off of existing ones for instance. Let’s introduce the core ones. | ||
*Debian: Debian, until very recently, stood in defiance of most of other distributions that were based off of it that took more compromising approaches to their development philosophy. Debian refused to support software in it’s repositories if it wasn’t open source and free to use without copyright. This actually lead to them getting in trouble with the makers of Firefox once upon a time because the name Firefox is the only thing about the program that is copyrighted, so they redistributed it as Iceweasel. Debian has had a bunch distributions based on it and they all use the package repository known as '''apt''' and a package manager known as '''dpkg'''. Some popular ones include Ubuntu and Linux Mint. Ubuntu is probably the easiest to use of all Linux distributions as, unlike Debian, they are willing to compromise and support software that isn’t open source. | *'''Debian''': Debian, until very recently, stood in defiance of most of other distributions that were based off of it that took more compromising approaches to their development philosophy. Debian refused to support software in it’s repositories if it wasn’t open source and free to use without copyright. This actually lead to them getting in trouble with the makers of Firefox once upon a time because the name Firefox is the only thing about the program that is copyrighted, so they redistributed it as Iceweasel. Debian has had a bunch distributions based on it and they all use the package repository known as '''apt''' and a package manager known as '''dpkg'''. Some popular ones include Ubuntu and Linux Mint. Ubuntu is probably the easiest to use of all Linux distributions as, unlike Debian, they are willing to compromise and support software that isn’t open source. | ||
*Fedora: Fedora is the community supported version of Red Hat. Red Hat was focused on more corporate enterprise environments. It originally began as a project to make open source software regularly available with Red Hat before being spun off into its own distribution after Red Hat discontinued it’s regular OS to focus on enterprise OSes. The repository is known as '''yum''' and the manager is known as '''rpm'''. | *'''Fedora''': Fedora is the community supported version of Red Hat. Red Hat was focused on more corporate enterprise environments. It originally began as a project to make open source software regularly available with Red Hat before being spun off into its own distribution after Red Hat discontinued it’s regular OS to focus on enterprise OSes. The repository is known as '''yum''' and the manager is known as '''rpm'''. | ||
*Arch: Arch is a little different then other distributions. It is extremely customizable and all software is installed only as needed. There are no releases. Every image just contains the most up to the date software. All that’s needed to get the latest of all software is a system update. It uses the package manager '''pacman'''. | *'''Arch''': Arch is a little different then other distributions. It is extremely customizable and all software is installed only as needed. There are no releases. Every image just contains the most up to the date software. All that’s needed to get the latest of all software is a system update. It uses the package manager '''pacman'''. | ||
==Bash== | ==Bash== | ||
[[Bash]], or Bourne-Again Shell, is the core scripting language used by Linux under the hood. In order to interact with the operating system, the user needs a command line and bash provides that command line. It is a rather primitive language, but that is by design. It contains a list of directories in a variable titled $PATH that it searches for executable files. These executable files can be of any language or they can be in machine code. | |||
If the file is in a scripting language and doesn't need to be compiled, it will look at the start of the file for where it should execute the file. For instance, #!/bin/bash will execute bash running whatever file you execute. | If the file is in a scripting language and doesn't need to be compiled, it will look at the start of the file for where it should execute the file. For instance, #!/bin/bash will execute bash running whatever file you execute. | ||
Line 20: | Line 20: | ||
Bash also supports scripting.Think of a Bash script as a preset set of instructions to follow. Instead of manually typing every command into a command shell, we just run one script to do it all. Also worth noting that every time you open a new shell, the file '''.bashrc''' in your home directory is ran to set variables used in most command environments. | Bash also supports scripting.Think of a Bash script as a preset set of instructions to follow. Instead of manually typing every command into a command shell, we just run one script to do it all. Also worth noting that every time you open a new shell, the file '''.bashrc''' in your home directory is ran to set variables used in most command environments. | ||
So, the command <code>bash test-password.sh | So, the command <code>bash test-password.sh</code> will run the code below provided its in a file named test-password.sh. if you mark the file as executable with chmod, you can run it with <code>./test-password.sh</code> | ||
===Examples=== | ===Examples=== | ||
<nowiki>#!/bin/bash | <nowiki>#!/bin/bash | ||
if [ "$1" == "password" ]; then | if [ "$1" == "password" ]; then | ||
Line 30: | Line 29: | ||
echo "wrong"; | echo "wrong"; | ||
fi</nowiki> | fi</nowiki> | ||
This code checks the variable named 1, which is always the first argument passed to the script. The script can be ran with the argument "password" and return correct. | [https://cybersec.chalphychateau.com/examples/test-password.sh test-password.sh] | ||
This code checks the variable named 1, which is always the first argument passed to the script. The script can be ran with the argument "password" and return correct like <code>bash test-password.sh password</code>. | |||
==Files and The Terminal== | |||
Commands for working with files in Linux are rather simple. Copy is '''cp''', Move is '''mv''', Delete is '''rm'''. The rm and cp commands require the argument -r if you are working with a directory. | |||
Changing a directory is as simple as '''cd''', but you can navigate to the previous directory like <code>cd ..</code>. You can view the files in a directory with '''ls''' and use '''ls -a''' to see it with hidden files. | |||
You can view the contents of an entire file with '''cat''' or use '''more'''/'''less''' to view the file gradually. You can edit said files with '''vi''' if you like navigating a painful user interface or '''nano''' if you are sane. | |||
There's also other commands like '''head''' and '''tail''' which show the start and end of a file respectively. | |||
What about finding files themselves? Well, the command '''find''' will print out every file and directory underneath the argument you ran it with. | |||
But what if you want to search all this data? I got you covered. The command '''grep''' can be used to search for patterns not just in a file, but can also be used to search commands as they give you their output. | |||
===Pipes and Redirects=== | |||
It is also worth noting that any command that prints out data can have it's output piped to another command with the | character. For instance <code>cat my-file.txt | grep hello</code> will only display lines of the text document with the word "hello" in them. You can also reverse this by doing '''grep -v'''. | |||
Another thing to keep in mind is redirects of command output using the > character. By default a terminal has 3 vectors, '''stdin''', '''stdout''', and '''stderr'''. The first and least important, stdin, is basically what you type during the running of a bash script. So if you wanted input from the user in the middle of a bash script using the '''read''' command, it would read one line of stdin. | |||
The next one, stdout, is where any output produced goes. You can add a > to redirect it somewhere else. For instances <code>ls > /dev/null</code> is a common shortcut that basically removes the data from memory as soon as it's created. You can also log it to a file like <code>ls > test.txt</code>. | |||
Lastly, stderr is where error messages are sent. To redirect these, add a 2 before the >. A common method is to redirect stderr to stdout and then to redirect stdout wherever you want it to go like <code>ls 2> /dev/stdout > /dev/null</code>. | |||
==Changing File Permissions and Ownership== | ==Changing File Permissions and Ownership== | ||
Linux manages file permissions using 3 bytes. The bytes are as follows: | |||
*User permissions | |||
*Group permissions | |||
*Everyone else permissions | |||
The bits are, in order from most significant to least significant: | |||
*Read (100/4) | |||
*Write (010/2) | |||
*Execute (001/1) | |||
You essentially add these numbers together to get the preferred permissions number. You do this for the permissions of each domain, User, Group, Everyone Else. Here are some common codes used by most files: | |||
*400: Read only and readable only by the user with ownership, regardless of group. | |||
*755: Editing is allowed only for the owner, even if another user possesses the same group that owns it. Everyone can read and execute it. | |||
*644: Most common permission set. It prevents tampering with files, while allowing read access and prevents it from being executed at all. | |||
Now that you understand permissions, you are probably asking yourself how you can change permissions of files and stuff. Well, if you own a file, you can change the permissions of it freely with the command '''chmod'''. You can also change the permissions of any file if you are logged in as root. | |||
You can also change who owns a file with the '''chown''' and change the group owner of a file with '''chgrp'''. | |||
===Examples=== | |||
<code>chmod 400 file-i-want-to-make-read-only.txt</code></br> | |||
<code>chmod 755 full-perms-only-for-me.txt</code></br> | |||
<code>chown me file-i-want-to-own.txt</code></br> | |||
<code>chgrp sudo file-i-only-want-admins-to-access.txt</code> | |||
==Sudo, Su, Sudo -i, and The root Account== | |||
Linux, unlike Windows, doesn't have administrators with full rights. In fact, a lot of the security features on admin accounts in Windows were inspired by Linux because the way Linux does things is a lot more secure. | |||
The command '''sudo''' is short for Superuser Do, which basically says run this command as [[Root and Sudo|root]]. You'll notice if you type <code>sudo whoami</code> the word root is printed out, not your username. How is this secure if anybody can type sudo and run commands that require elevated privileges? Well, because there is a config file located at '''/etc/sudoers''' that says who can and can't use the command. You can define what groups and individual users get the ability to use sudo. | |||
The command '''su''' is short for Switch User, which switches user accounts. It can actually be used to login as root if the root account has a password set, but this is discouraged because you could harm your system and its a big security vulnerability to have your root account available and accessible with a simple password. | |||
Lastly, the command '''sudo -i''' is just an argument that can be passed to sudo to get logged in as root even if no password is set for the root account. It uses the user's password to authenticate you the same way a single line sudo command would. | |||
===Examples=== | |||
<code>sudo apt install firefox*</code></br> | |||
<code>su root</code></br> | |||
<code>sudo -i</code> |
Latest revision as of 16:58, 15 May 2024
Linux is key part of a lot of organizations. They make up the backbone of a lot of server infrastructure, and for good reason too. It’s versatile, open source, and actively maintained by a community of people connected by nothing but words on a screen. So, chances are, if you have a problem, someone else had that problem before you. This makes solving the issue usually a case of googling the error message and someone has come up with a fix.
While Windows can be like this, it can only really be done for third party software that is open source. With Linux, most core utilities are open source, so it’s much easier to do. Just a few weeks ago for instance, I found out some software was bad on the Linux box I was running, so I installed a patch. Within days, that patch was committed to that distribution of Linux’s package manager.
But, we’re getting ahead of ourselves a little bit. You are probably now asking, “what is a distribution” and “what is a package manager.” Luckily, those are 2 very good areas to start.
Linux Distributions and Their Package Managers
Linux and the tools associated with it are open source, which means anybody can modify it. This has culminated in many different offerings of Linux known as distributions. Though, there are only a few core ones, there are a bunch that exist based off of existing ones for instance. Let’s introduce the core ones.
- Debian: Debian, until very recently, stood in defiance of most of other distributions that were based off of it that took more compromising approaches to their development philosophy. Debian refused to support software in it’s repositories if it wasn’t open source and free to use without copyright. This actually lead to them getting in trouble with the makers of Firefox once upon a time because the name Firefox is the only thing about the program that is copyrighted, so they redistributed it as Iceweasel. Debian has had a bunch distributions based on it and they all use the package repository known as apt and a package manager known as dpkg. Some popular ones include Ubuntu and Linux Mint. Ubuntu is probably the easiest to use of all Linux distributions as, unlike Debian, they are willing to compromise and support software that isn’t open source.
- Fedora: Fedora is the community supported version of Red Hat. Red Hat was focused on more corporate enterprise environments. It originally began as a project to make open source software regularly available with Red Hat before being spun off into its own distribution after Red Hat discontinued it’s regular OS to focus on enterprise OSes. The repository is known as yum and the manager is known as rpm.
- Arch: Arch is a little different then other distributions. It is extremely customizable and all software is installed only as needed. There are no releases. Every image just contains the most up to the date software. All that’s needed to get the latest of all software is a system update. It uses the package manager pacman.
Bash
Bash, or Bourne-Again Shell, is the core scripting language used by Linux under the hood. In order to interact with the operating system, the user needs a command line and bash provides that command line. It is a rather primitive language, but that is by design. It contains a list of directories in a variable titled $PATH that it searches for executable files. These executable files can be of any language or they can be in machine code.
If the file is in a scripting language and doesn't need to be compiled, it will look at the start of the file for where it should execute the file. For instance, #!/bin/bash will execute bash running whatever file you execute.
Bash also supports scripting.Think of a Bash script as a preset set of instructions to follow. Instead of manually typing every command into a command shell, we just run one script to do it all. Also worth noting that every time you open a new shell, the file .bashrc in your home directory is ran to set variables used in most command environments.
So, the command bash test-password.sh
will run the code below provided its in a file named test-password.sh. if you mark the file as executable with chmod, you can run it with ./test-password.sh
Examples
#!/bin/bash if [ "$1" == "password" ]; then echo "correct"; else echo "wrong"; fi
This code checks the variable named 1, which is always the first argument passed to the script. The script can be ran with the argument "password" and return correct like bash test-password.sh password
.
Files and The Terminal
Commands for working with files in Linux are rather simple. Copy is cp, Move is mv, Delete is rm. The rm and cp commands require the argument -r if you are working with a directory.
Changing a directory is as simple as cd, but you can navigate to the previous directory like cd ..
. You can view the files in a directory with ls and use ls -a to see it with hidden files.
You can view the contents of an entire file with cat or use more/less to view the file gradually. You can edit said files with vi if you like navigating a painful user interface or nano if you are sane.
There's also other commands like head and tail which show the start and end of a file respectively.
What about finding files themselves? Well, the command find will print out every file and directory underneath the argument you ran it with.
But what if you want to search all this data? I got you covered. The command grep can be used to search for patterns not just in a file, but can also be used to search commands as they give you their output.
Pipes and Redirects
It is also worth noting that any command that prints out data can have it's output piped to another command with the | character. For instance cat my-file.txt | grep hello
will only display lines of the text document with the word "hello" in them. You can also reverse this by doing grep -v.
Another thing to keep in mind is redirects of command output using the > character. By default a terminal has 3 vectors, stdin, stdout, and stderr. The first and least important, stdin, is basically what you type during the running of a bash script. So if you wanted input from the user in the middle of a bash script using the read command, it would read one line of stdin.
The next one, stdout, is where any output produced goes. You can add a > to redirect it somewhere else. For instances ls > /dev/null
is a common shortcut that basically removes the data from memory as soon as it's created. You can also log it to a file like ls > test.txt
.
Lastly, stderr is where error messages are sent. To redirect these, add a 2 before the >. A common method is to redirect stderr to stdout and then to redirect stdout wherever you want it to go like ls 2> /dev/stdout > /dev/null
.
Changing File Permissions and Ownership
Linux manages file permissions using 3 bytes. The bytes are as follows:
- User permissions
- Group permissions
- Everyone else permissions
The bits are, in order from most significant to least significant:
- Read (100/4)
- Write (010/2)
- Execute (001/1)
You essentially add these numbers together to get the preferred permissions number. You do this for the permissions of each domain, User, Group, Everyone Else. Here are some common codes used by most files:
- 400: Read only and readable only by the user with ownership, regardless of group.
- 755: Editing is allowed only for the owner, even if another user possesses the same group that owns it. Everyone can read and execute it.
- 644: Most common permission set. It prevents tampering with files, while allowing read access and prevents it from being executed at all.
Now that you understand permissions, you are probably asking yourself how you can change permissions of files and stuff. Well, if you own a file, you can change the permissions of it freely with the command chmod. You can also change the permissions of any file if you are logged in as root.
You can also change who owns a file with the chown and change the group owner of a file with chgrp.
Examples
chmod 400 file-i-want-to-make-read-only.txt
chmod 755 full-perms-only-for-me.txt
chown me file-i-want-to-own.txt
chgrp sudo file-i-only-want-admins-to-access.txt
Sudo, Su, Sudo -i, and The root Account
Linux, unlike Windows, doesn't have administrators with full rights. In fact, a lot of the security features on admin accounts in Windows were inspired by Linux because the way Linux does things is a lot more secure.
The command sudo is short for Superuser Do, which basically says run this command as root. You'll notice if you type sudo whoami
the word root is printed out, not your username. How is this secure if anybody can type sudo and run commands that require elevated privileges? Well, because there is a config file located at /etc/sudoers that says who can and can't use the command. You can define what groups and individual users get the ability to use sudo.
The command su is short for Switch User, which switches user accounts. It can actually be used to login as root if the root account has a password set, but this is discouraged because you could harm your system and its a big security vulnerability to have your root account available and accessible with a simple password.
Lastly, the command sudo -i is just an argument that can be passed to sudo to get logged in as root even if no password is set for the root account. It uses the user's password to authenticate you the same way a single line sudo command would.
Examples
sudo apt install firefox*
su root
sudo -i