Linux 101

From Chalphy Cyber Cavaliers

Linux is key part of a lot of organizations. They make up the backbone of a lot of server infrastructure, and for good reason too. It’s versatile, open source, and actively maintained by a community of people connected by nothing but words on a screen. So, chances are, if you have a problem, someone else had that problem before you. This makes solving the issue usually a case of googling the error message and someone has come up with a fix.

While Windows can be like this, it can only really be done for third party software that is open source. With Linux, most core utilities are open source, so it’s much easier to do. Just a few weeks ago for instance, I found out some software was bad on the Linux box I was running, so I installed a patch. Within days, that patch was committed to that distribution of Linux’s package manager.

But, we’re getting ahead of ourselves a little bit. You are probably now asking, “what is a distribution” and “what is a package manager.” Luckily, those are 2 very good areas to start.

Linux Distributions and Their Package Managers

Linux and the tools associated with it are open source, which means anybody can modify it. This has culminated in many different offerings of Linux known as distributions. Though, there are only a few core ones, there are a bunch that exist based off of existing ones for instance. Let’s introduce the core ones.

  • Debian: Debian, until very recently, stood in defiance of most of other distributions that were based off of it that took more compromising approaches to their development philosophy. Debian refused to support software in it’s repositories if it wasn’t open source and free to use without copyright. This actually lead to them getting in trouble with the makers of Firefox once upon a time because the name Firefox is the only thing about the program that is copyrighted, so they redistributed it as Iceweasel. Debian has had a bunch distributions based on it and they all use the package repository known as apt and a package manager known as dpkg. Some popular ones include Ubuntu and Linux Mint. Ubuntu is probably the easiest to use of all Linux distributions as, unlike Debian, they are willing to compromise and support software that isn’t open source.
  • Fedora: Fedora is the community supported version of Red Hat. Red Hat was focused on more corporate enterprise environments. It originally began as a project to make open source software regularly available with Red Hat before being spun off into its own distribution after Red Hat discontinued it’s regular OS to focus on enterprise OSes. The repository is known as yum and the manager is known as rpm.
  • Arch: Arch is a little different then other distributions. It is extremely customizable and all software is installed only as needed. There are no releases. Every image just contains the most up to the date software. All that’s needed to get the latest of all software is a system update. It uses the package manager pacman.

Bash

Bash, or Bourne-Again Shell, is the core scripting language used by Linux under the hood. In order to interact with the operating system, the user needs a command line and bash provides that command line. It is a rather primitive language, but that is by design. It contains a list of directories in a variable titled $PATH that it searches for executable files. These executable files can be of any language or they can be in machine code.

If the file is in a scripting language and doesn't need to be compiled, it will look at the start of the file for where it should execute the file. For instance, #!/bin/bash will execute bash running whatever file you execute.

Bash also supports scripting.Think of a Bash script as a preset set of instructions to follow. Instead of manually typing every command into a command shell, we just run one script to do it all. Also worth noting that every time you open a new shell, the file .bashrc in your home directory is ran to set variables used in most command environments.

So, the command bash test-password.sh will run the code below provided its in a file named test-password.sh. if you mark the file as executable with chmod, you can run it with ./test-password.sh

Examples

#!/bin/bash
if [ "$1" == "password" ]; then
    echo "correct";
else
    echo "wrong";
fi

test-password.sh

This code checks the variable named 1, which is always the first argument passed to the script. The script can be ran with the argument "password" and return correct like bash test-password.sh password.

Changing File Permissions and Ownership

Linux manages file permissions using 3 bytes. The bytes are as follows:

  • User permissions
  • Group permissions
  • Everyone else permissions

The bits are, in order from most significant to least significant:

  • Read (100/4)
  • Write (010/2)
  • Execute (001/1)

You essentially add these numbers together to get the preferred permissions number. You do this for the permissions of each domain, User, Group, Execute. Here are some common codes used by most files:

  • 400: Read only and readable only by the user with ownership, regardless of group.
  • 755: Editing is allowed only for the owner, even if another user possesses the same group that owns it. Everyone can read and execute it.
  • 644: Most common permission set. It prevents tampering with files, while allowing read access and prevents it from being executed at all.

Now that you understand permissions, you are probably asking yourself how you can change permissions of files and stuff. Well, if you own a file, you can change the permissions of it freely with the command chmod. You can also change the permissions of any file if you are logged in as root.

You can also change who owns a file with the chown and change the group owner of a file with chgrp.

Examples

chmod 400 file-i-want-to-make-read-only.txt
chmod 755 full-perms-only-for-me.txt
chown me file-i-want-to-own.txt
chgrp sudo file-i-only-want-admins-to-access.txt

Sudo, Su, Sudo -i, and The root Account

Linux, unlike Windows, doesn't have administrators with full rights. In fact, a lot of the security features on admin accounts in Windows were inspired by Linux because the way Linux does things is a lot more secure.

The command sudo is short for Superuser Do, which basically says run this command as root. You'll notice if you type sudo whoami the word root is printed out, not your username. How is this secure if anybody can type sudo and run commands that require elevated privileges? Well, because there is a config file located at /etc/sudoers that says who can and can't use the command. You can define what groups and individual users get the ability to use sudo.

The command su is short for Switch User, which switches user accounts. It can actually be used to login as root if the root account has a password set, but this is discouraged because you could harm your system and its a big security vulnerability to have your root account available and accessible with a simple password.

Lastly, the command sudo -i is just an argument that can be passed to sudo to get logged in as root even if no password is set for the root account. It uses the user's password to authenticate you the same way a single line sudo command would.

Examples

sudo apt install firefox*
su root
sudo -i

Retrieved from "https://cybersec.chalphychateau.com//index.php?title=Linux_101&oldid=37"