Module -4

System Administration
 System Administration
• Linux system is intended for multi-user &
multitasking.
• Who is System Administrator?
• A System Administrator is a person who is
responsible for the upkeep, configuration and
reliable operation of computer systems;
especially multi-user computers, such as
servers.
 Using the root user account
Every Linux system starts out with at least one
administrative user account (the root user) and possibly
one or more regular user accounts. In most cases, you
log in as a regular user and become the root user to do
an administrative task.
The root user has complete control of the operation of
your Linux system. That user can open any file or run any
program. The root user also installs software packages
 Becoming root from the shell (su command)

• From any Terminal window or shell, you can simply type

the following:
• $ su
• Password: ******
•#
• Now, you have full permission to run any command and
use any file on the system. Type exit to return to the
shell as a regular user.
Gaining administrative access with sudo
 
• Particular users can also be given administrative
permissions for particular tasks or any task by typing
sudo followed by the command they want to run,
without being given the root password.

• After running one command with sudo, user is

immediately returned to a shell, and will be acting as
Allowing administrative access via the
GUI

• when you run GUI tools as a regular user (from Fedora,

Red Hat Enterprise Linux, or some other Linux systems),
you are prompted for the root password before you are
able to access the tool. By entering the root password,
you are given root privilege for that task.
 Common Administration Tasks
A System administrator is expected to manage:
1. File Systems
2. Software installation
3. User Accounts
4. Network Interfaces
5. Servers
6. Security Features
 Common Administration Tasks
1. File Systems:
When you first install Linux, the directory structure is set up to make
the system usable. However, if users later want to add extra storage or
change the file system layout outside their home directory, they need
administrative privileges to do that. Also, the root user has permission
to access files owned by any user. As a result, the root user can copy,
move, or change any other user’s files- a privilege needed to make
backup copies of the file system for safe keeping.
 Common Administration Tasks
2. Software installation:
Because malicious software can harm your system or make it insecure,
you need root privilege to install software so it is available to all users on
your system. Regular users can still install some software in their own
directories and can list information about installed system software.
3. User accounts:
Only the root user can add and remove user accounts and group
accounts.
 Common Administration Tasks
4. Network interfaces:

in the past, the root user had to configure network interfaces and
start and stop those interfaces. Now, many Linux desktops allow
regular users to start and stop network interfaces from their
desktop using Network Manager. This is particularly true for
wireless network interfaces, which can come and go by location, as
you move your Linux laptop or handheld device around.
 Common Administration Tasks
5. Servers:
configuring web servers, file servers, domain name servers, main
servers, and dozens of other servers requires root privilege, as does
starting and stopping those services. Content, such as web pages, can
be added to servers by no-root users if you configure your system to
allow that. Services are often run as special administrative user
accounts, such as apache and rpc. So if someone cracks a service,
they can’t get root privilege to other services or system resources.
 Common Administration Tasks
6. Security Features:
Setting up security features, such as firewalls and user access
lists, is usually done with root privilege. It’s also up to the root
user to monitor how the services are being used and make sure
that server resources are not exhausted or abused.
Identifying Administrative files
Configuration and log files.
 Administrative Commands
•Only the root user is intended to use many administrative commands. When you log in
as root (or use su - from the shell to become root), your $PATH variable is set to
include some directories that contain commands for the root user. In the past, these
have included the following:
•/sbin—Contained commands needed to boot your system, including commands for
checking filesystems (fsck) and turn on swap devices (swapon).
•  Some administrative commands are contained in regular user directories (such as /
bin and /usr/bin). This is especially true of commands that have some options
available to everyone. An example is the /bin/mount command, which anyone can use
to list mounted file systems, but only root can use to mount file systems.
 Administrative configuration files
• Configuration files are another mainstay of Linux administration. Almost
everything you set up for your particular computer—user accounts, network
addresses, or GUI preferences—is stored in plaintext files. This has some
advantages and some disadvantages.

• The advantage of plain text files is that it’s easy to read and change them. Any
text editor will do.

• The disadvantage is that you need to learn the specific structure rules for each
configuration fi le. A comma or a quote in the wrong place can sometimes
cause an entire interface to fail.
 Configuration Files
File Name What the file configures
/etc This directory contains most of the basic Linux system configuration files.
/etc/cron* Directories in this set contain files that define how the crone utility runs
applications on a daily (cron.daily), hourly (cron.hourly), monthly (cron.monthly), or
weekly (cron.weekly) schedule.

/etc/cups Contains files used to configure the CUPS printing service

/etc/default Contains files that set default values for various utilities. For example, the fi le for
the useradd command defines the default group number, home directory,
password expiration date, shell, and skeleton directory (/etc/skel) that are used
when creating a new user account.

/etc/init.d Contains the permanent copies of System V-style run-level scripts. These scripts
are often linked from the /etc/rc?.d directories to have each service associated
with a script started or stopped for the particular run level. The ? is replaced by the
run-level number (0 through 6). Although System V init scripts are still supported,
most services are now managed by the systemd facility.
 Log Files
•One of the things that Linux does well is keep track of itself. This is a good thing,
when you consider how much is going on in a complex operating system.
•Checking illegal access .
•In any of those cases, you want to be able to refer to messages coming from the
kernel and services running on the system.
• For Linux systems that don’t use the systemd facility, the main utility for logging
error and debugging messages is the rsyslogd daemon. Although you can still use
rsyslogd with systemd systems, systemd has its own method of gathering and
displaying messages called the systemd journal (journalctl command).
 Role of System Administrator
•The role of a Linux system administrator is to
keep Linux-based computer systems running
efficiently
•A system administrator works as part of the
Information Systems (IS) or Information
Technology (IT) department of an organization.
•Help users solve problems
 Role of System Administrator
• Train users

• Inform management of technical developments

• Maintain system hardware

• Create new user accounts

• Define procedures and policies

• Plan systems
Managing user accounts-adding and
deleting users
 Creating user accounts
• You can add user accounts to most Linux systems in several
ways.
• In GNOME 3, go the the Activities screen, type Users, and press
Enter.
• In GNOME 2, from the Applications menu, select System Tools ➪
Settings. Then select the Users icon. Select the Unlock button,
and enter the root password. Then select the plus (+) to open a
window for adding a user account, as shown in Figure
Add user accounts from the user window
 Modify existing user accounts
• The Software window lets you modify a small set of information
about a regular user after it has been created. To modify user
information later, select the user account you want to change, click
the Unlock button, and enter the root password. At this point, you
can change the account type (Standard or Administrator), change
the user’s password, or allow the user account to log in
automatically (without a password). This screen is shown in Figure
 Modify existing user accounts from the
Users window
• The Users window was designed to simplify the process of
creating and modifying user accounts.
 Adding users with useradd
• The most straightforward method for creating a new user from the shell is the useradd
command. After opening a Terminal window with root permission, you simply invoke
useradd at the command prompt, with details of the new account as parameters.
• The only required parameter is the login name of the user, but you probably want to
include some additional information ahead of it. Each item of account information is
preceded by a single-letter option code with a dash in front of it. The options available
with useradd include the following:
• -c "comment here"—Provide a description of the new user account. Typically, this is the
person’s full name. Replace comment with the name of the user account (-c Jake). Use
quotes to enter multiple words (for example, -c "Jake Jackson").
 Adding users with useradd
• -d home_dir—Set the home directory to use for the account. The default is to
name it the same as the login name and to place it in /home. Replace
home_dir with the directory name to use (for example, -d /mnt/homes/jake).
• -D—Rather than create a new account, save the supplied information as the
new default settings for any new accounts that are created.
• -e expire_date—Assign the expiration date for the account in YYYY-MM-DD
for-mat. Replace expire_date with a date you want to use. (For example, to
expire an account on May 5, 2017, use -e 2017-05-05.)
• -f -1—Set the number of days after a password expires until the account is
per-manently disabled. The default, -1, disables the option. Setting this to 0
disables the account immediately after the password has expired. Replace -1
(that’s minus one) with the number to use.
 Adding users with useradd
• -g group—Set the primary group (it must already exist in the /etc/group fi le) the new user will be in.
Replace group with the group name (for example, -g wheel). Without this option, a new group is
created that is the same as the user name and is used as that user’s primary group.
• -G grouplist—Add the new user to the supplied comma-separated list of supplementary groups (for
example, -G wheel,sales,tech,lunch). (If you use -G later with usermod, be sure to use -aG and not
just -G. If you don’t, existing supplementary groups are removed and the groups you provide here
are the only ones assigned.)
• Let’s create an account for a new user. The user’s full name is Sara Green, and her login name is sara.
To begin, become root user and type the following command: 
• useradd -c "Sara Green" sara
• Next, set the initial password for sara using the passwd command. You’re prompted to type the
password twice: 
• passwd sara
• Changing password for user sara.
• New password: **********
• Retype new password: **********
 Modifying users with usermod
• The usermod command provides a  simple and straightforward method
for changing account parameters. Many of the options available with it
mirror those found in useradd. The options that can be used with this
command include the following:
• -c username—Change the description associated with the user account.
Replace username with the name of the user account (-c jake). Use
quotes to enter multiple words (for example, -c "Jake Jackson").
• -l login_name—Change the login name of the account.
• -L—Lock the account by putting an exclamation point at the beginning of
the encrypted password in /etc/shadow. This locks the account, while
still allowing you to leave the password intact (the -U option unlocks it).
 Deleting users with userdel
• Just as usermod is used to modify user settings and useradd is used
to create users, userdel is used to remove users. The following
command removes the user chris:
• userdel -r chris
• Here, the user chris is removed from the /etc/password file. The –r
option removes the user’s home directory as well. If you choose not
to use –r, as follows, the home directory for chris is not removed: 
• userdel chris
• Before you delete the user, you may want to run a find command to
find all files that would be left behind by the user. After you delete the
user, you could search on user ID to find files left behind. Here are
two find commands to do those things:
• find / -user chris -ls
• find / -uid 504 -ls
Changing Permissions and
Ownerships
 File Access Permissions
• Permissions associated with files and directories in Linux were designed to
keep users from accessing other users’ private files and to protect important
system files. 
• The nine bits assigned to each file for permissions define the access that
you and others have to your fi le. Permission bits for a regular file appear as
-rwxrwxrwx. Those bits are used to define who can read, write, or execute the
file.
• Of the nine-bit permissions, the first three bits apply to the owner’s
permission, the next three apply to the group assigned to the fi le, and the
last three apply to all others. The r stands for read, the w stands for write,
and the x stands for execute permissions. If a - appears instead of the letter,
it means that permission is turned off for that associated read, write, or
execute bit.
 Access Permissions
Access type Denoted by Action permitted on a Action permitted on a
file directory
read r Display, Copy and List contents of a
compile file directory
write w Edit, rename and move Create new files and
the file to another subdirectories within the
location directory
execute x Execute file with the Move to the specified
read permission directory using the cd
command
 File Access Permissions
• you can see the permission for any file or directory by typing the ls -ld
command. The named file or directory appears as those shown in this
example:
• $ ls –ld ch3 test
• -rw-rw-r– 1 joe sales 4983 Jan 18 22:13 ch3
• drwxr-xr-x 2 joe sales 1024 Jan 24 13:47 test
• The first line shows that the ch3 file has read and write permission for the
owner and the group. All other users have read permission, which means
they can view the file but cannot change its contents or remove it. The
second line shows the test directory (indicated by the letter d before the
permission bits). The owner has read, write, and execute permissions
while the group and other users have only read and execute permissions.
 Changing permissions with chmod (numbers)
• If you own a fi le, you can use the chmod command to change the permission
on it.
• The following table explains the number that denotes each type of permission.
Number permission
4 Read
2 write
1 execute
• Examples:
• The following chmod command results in this permission: rwxrwxrwx 
• # chmod 777 file
• The following chmod command results in this permission: ---------
• # chmod 000 file 
 Changing permissions with chmod (letters)
•In the symbolic mode we can use symbols to specify the permissions and types of users.

Symbol Meaning
u Owner of the file or directory
g Members of the same group
o All other users
a All users
•Examples:
•The following chmod command results in this permission: r-xr-xr-x
•$ chmod a-w file
•The plus sign is used with chmod to turn permissions on. 
•The following chmod command results in this permission: rw-------
•$ chmod u+rw files
 
 Setting default file permission with umask
• When we create a file the umask value and the mode value
determine the initial file permissions.
• The mode value indicates that all the users have read and write
permissions for a file. By default the mode value is 666 for files
and 777 for directories and executable files. To derive file
access permissions, the value of umask is subtracted from the
mode value.
• By default the umask value is given as 002 for user and 022 for
root user which means that each file that a user creates has the
permission 666 -002 =664 (rw-rw-r--)
 Values & output of the umask command
on files
066 -rw------ Assigns read and write permissions to user and no
access for group or others
026 -rw-r----- Assigns read and write permissions to a user , read
permissions to a group and no access to other
users.
006 -rw-rw---- Assigns read and write permissions to a user and
group but no access to other users.
022 -rw-r—r-- Assigns read and write permissions to a user , read
permissions to a group and read permission to
others
 Changing file ownership
• As a regular user, you cannot change ownership of files or directories to have them
belong to another user. You can change ownership as the root user. For example,
suppose you created a file called memo.txt, while you were root user, in the user joe’s
home directory. Here’s how you could change it to be owned by joe: 
• chown joe /home/joe/memo.txt
• ls -l /home/joe/memo.txt
• -rw-r--r--. 1 joe root 0 Dec 19 11:23 /home/joe/memo.txt
• Notice that the chown command changed the user to joe but left the group as root. To
change both user and group to joe, you could type the following instead:
•  chown joe:joe /home/joe/memo.txt
•  ls -l /home/joe/memo.txt
• -rw-r--r--. 1 joe joe 0 Dec 19 11:23 /home/joe/memo.txt
The chown command can be use recursively as well. Using the recursive option (-R) is
helpful if you need to change a whole directory structure to ownership by a particular user.
# chown -R joe:joe /media/myusb
Creating and Managing groups
 Creating Groups with groupadd
• groups are created automatically when a user account is created.
•  Group ID numbers from 0 through 999 are assigned to special administrative
groups. For example, the root group is associated with GID 0. Linux systems
reserve GIDs between 0 to 500 for administrative groups.
• examples of creating a group account with the groupadd command:
• groupadd kings
•  groupadd -g 1325 jokers
•  In the examples just shown, the group named kings is created with the next
available group ID. After that, the group jokers is created using the 1325 group
ID. Some administrators like using an undefined group number under 1000 so
the group they create doesn’t intrude on the group designations above 1000.
 Modifying Group Attributes
• To change a group later, use the groupmod command. For
example:
•  groupmod -g 330 jokers
•  groupmod -n jacks jokers
•  In the first example, the group ID for jokers is changed to 330. In
the second, the name jokers is changed to jacks. If you wanted to
then assign any of the groups as supplementary groups to a user,
you can use the usermod command.
 Deleting Groups
After a group has been added it can be deleted with the groupdel
command.
Deleting a Group
# groupdel folks
The groupdel command will remove all references of the folks
group from the /etc/group file.
# grep -c folks /etc/group
0
 Temporary disabling of user accounts
• It is sometimes necessary to temporarily disable an account, without
removing it. For example, the user might not have paid his fees, or the
system administrator may suspect that a cracker has got the password of
that account.
• The best way to disable an account is to change its shell into a special
program that just prints a message. This way, whoever tries to log into the
account, will fail, and will know why. The message can tell the user to
contact the system administrator so that any problems may be dealt with.
 Temporary disabling of user accounts
• It would also be possible to change the username or password to
something else, but then the user won't know what is going on.
Confused users mean more work.
• A simple way to create the special programs is to write `tail scripts':
• #!/usr/bin/tail +2
This account has been closed due to a security breach.
Please call 555-1234 and wait for the men in black to arrive.
• The first two characters(#!) tells the kernel that the rest of the line is a command
that needs to be run to interpret this file. The tail command in this case outputs
everything except the first line to the standard output.
• Tail scripts should be kept in a separate directory, so that their names
don't interfere with normal user commands.
 Creating and Mounting File System
• Creating a file system writes information to the device and creates
order of the empty space.
• Disk drive is split into consistently sized segments called blocks.
• Linux supports a number of file system types, some of which are
described as follows:
Filesystem Description

ext2 High performance for fixed disk and removable media

ext3 Journaling version of ext2

ext4 Supports larger files and file system sizes

vfat MS-DOS file system useful when sharing files between

Windows and Linux
 Creating File systems
• The command to build Linux file system on a device,or hard
disk partition,is mkfs.
• The syntax for the command is:
• #mkfs [ option ] device
• The mkfs command is actually a front end for the different
file system builder utilities such as mkfs.ext2 and mkfs.
ext4. These utilities are executable directly from the
command line. When using the mkfs wrapper, include the -t
fstype option to specify the type of file system to be built. If
not specified, the default file system type, ext2, is created.
 Mounting File systems
• Most of the hard disk partitions created when you install Linux are
mounted automatically when the system boots.
• When you boot Linux, usually all the Linux partitions on your hard disk
are listed in your /etc/fstab file and are mounted.
• The mount command is used not only to mount local storage devices,
but also to mount other kinds of file systems on your Linux system.
• Ex: Mount can be used to mount directories over the network from
NFS or samba servers.
• It can be used to mount file systems from a new hard drive or USB
flash drive that is not configured to automount.
• It can also mount file system image files using loop devices.
Checking and monitoring System
Performance
 Monitoring system performance
• 1. Top – Linux Process Monitoring
Linux Top command is a performance monitoring program which
is used frequently by many system administrators to monitor
Linux performance and it is available under many Linux/Unix like
operating systems. The top command used to display all the
running and active real-time processes in ordered list and
updates it regularly. It display CPU usage, Memory usage, Swap
Memory, Cache Size, Buffer Size, Process PID, User, Commands
and much more. It also shows high memory and CPU utilization
of a running processes.
 Monitoring system performance
2. VmStat-Virtual Memory Statistics
Linux VmStat command is used to display statistics of virtual memory,
kernel threads, disks, system processes, I/O blocks, interrupts, CPU
activity and much more.
3. Lsof- List open Files
Lsof command used in many Linux like system that is used to display
list of all the open files and the processes. The open files include are
disk files, network sockets, pipes, devices and processes.
4. Tcpdump- Network Packet Analyzer
One of the most widely used command-line network packet analyser
or packet sniffer program that is used to capture or filter TCP/IP
packets that received or transferred on a specific interface over a
network.
 Monitoring system performance
5. Netstat-Network Statistics
Netstat is a command line tool for monitoring incoming and
outgoing network packets statistics as well as interface statistics.
It is very useful tool for every system administrator to monitor
network performance and troubleshoot network related problems.
 File Security
• In Linux, every file and every directory are owned by a single user on that
system.  Each file and directory also has a security group associated with it
that has access rights to the file or directory.  If a user is not the directory
or file owner nor assigned to the security group for the file, that user is
classified as other and may still have certain rights to access the file.
• Each of the three file access categories, owner, group, and other, has a set
of three access permissions associated with it.  The access permissions
are read, write, and execute. 
• A user may belong to more than one group.  Regardless of how many
groups a user belongs to if permissions are granted on a file or directory to
one of the user's groups they will have the granted level of access.  You can
check what groups a user belongs to with the groups command.
• $ groups student
student : college schools
 File Security
• The groups command is called with one argument, the username you want
to investigate. The output lists the username and all the groups they belong
to.  In this output student belongs to the groups college and schools.
• From the information previously presented about file and directory
commands,  using the -l option with the ls command will display the file and
directory permissions as well as the owner and group as demonstrated
below:
• File Permissions, Owner, & Group
• $ ls -l
total 12
-rw-rw-r--    1 tclark   authors      2229 Jan 13 21:35 declaration.txt
-rw-rw-r--    1 tclark   authors      1310 Jan 13 17:48 gettysburg.txt
-rw-rw-r--    1 tclark   authors       360 Jan 13 17:48 preamble.txt
• The  ls -l command is the best way to view file and directory ownership and
permissions. 
 Ownership of Linux files
• Every file and directory on your Unix/Linux system is assigned 3 types of owner, given
below.
User
• A user is the owner of the file. By default, the person who created a file becomes its owner.
Hence, a user is also sometimes called an owner.
Group
• A user- group can contain multiple users. All users belonging to a group will have the same
access permissions to the file. Suppose you have a project where a number of people
require access to a file. Instead of manually assigning permissions to each user, you could
add all users to a group, and assign group permission to file such that only this group
members and no one else can read or modify the files.
Other
• Any other user who has access to a file. This person has neither created the file, nor he
belongs to a usergroup who could own the file. Practically, it means everybody else. Hence,
when you set the permission for others, it is also referred as set permissions for the world.
 File Permissions
• Every file and directory in your Linux system has following 3 permissions
defined for all the 3 owners discussed above.
• Read: This permission give you the authority to open and read a file. Read
permission on a directory gives you the ability to lists its content.
• Write: The write permission gives you the authority to modify the contents of
a file. The write permission on a directory gives you the authority to add,
remove and rename files stored in the directory. Consider a scenario where
you have to write permission on file but do not have write permission on the
directory where the file is stored. You will be able to modify the file contents.
But you will not be able to rename, move or remove the file from the
directory.
• Execute: In Windows, an executable program usually has an extension ".exe"
and which you can easily run. In Linux, you cannot run a program unless the
execute permission is set. If the execute permission is not set, you might still
be able to see/modify the program code(provided read & write permissions
are set), but not run it.
 File Permissions
• Refer slides 31-37
 Becoming super user using su
• From any Terminal window or shell, you can simply type the following:
• $ su
• Password: ******
•#
• When you are prompted, type in the root user's password. The prompt for the
regular user ($) will be changed to the super user prompt (#). At this point, you
have full permission to run any command and use any file on the system.
However, one thing that the su command doesn't do when used this way is
read in the root user's environment. As a result, you may type a command that
you know is available and get the message "command not found." To fix this
problem, you can use the su command with the dash (-) option instead, as
follows:
• $ su -
• Password: ******
•#
 Becoming super user using su
• You still need to type the password, but after you do that, everything that normally
happens at login for the root user will happen after the su command is completed.
Your current directory will be root's home directory (probably /root), and things like
the root user's PATH variable will be used. With the other way of running root, you
would not have changed directories or the environment of the current login session.
• You can also use the su command to become another user than root. For example,
to have the permissions of a user named sara, you could type the following:
• $ su - sara
• Even if you were root user before you typed this command, you would only have the
permission to open files and run programs that are available to sara. As root user,
however, after you type the su command to become another user, you don't need a
password to continue. If you type that command as a regular user, you must type the
new user's password.
• When you are finished using super user permissions, return to the previous shell by
exiting the current shell. Do this by pressing Ctrl+D or by typing exit. If you are the
administrator for a computer that is accessible to multiple users, don't leave a root
shell open on someone else's screen.
 Getting System Information with uname
• The uname command within Linux allows you to view system information
about your Linux environment.
• The uname command on its own isn't particularly useful.
• The uname command shows the type of system you are running (Linux).
When you add -a, you also can see the hostname, kernel release, and kernel
version.
•  $ uname
• Linux
• $ uname –a
• Linux unused 3.10.0-121.el7.x86_64 #1 SMP Tue Oct 21 10:48:19 EDT 2014
x86_64 x86_64 x86_64 GNU/Linux
• $ uname -s
• This command shows the kernel name on its own. (output same as uname)
 Other options with uname
options output

--kernel - Displays Kernel name

name
-n Displays computer’s hostname(hostname- same result)
--nodename Displays node name which is same as host name for all Linux
systems.
-r Displays kernel release(--kernel-release- same output)
-v Displays Linux kernel version(--kernel-version- same output)
-m Displays machine Architecture(--machine-same output)
-p Displays processor type(--processor)
-i Displays hardware platform(--hardware-platform)
-o Displays operating system
 Getting System Information with hostname
• The hostname command shows or sets the system hostname.

• hostname is used to display the system's DNS name, and to display or

set its hostname or NIS (Network Information Services) domain
name.

• When called without any arguments, hostname will display the name

of the system as returned by the gethostname function.
 Other options with hostname
Options Output

-a, --alias Display the alias name of the host (if used). This option is deprecated and should not be used anymore.

-A, --all-fqdns Displays every FQDN of the machine. This option enumerates all configured network addresses on all
configured network interfaces, and translates them to DNS domain names. Addresses that cannot be
translated (i.e. because they do not have an appropriate reverse DNS entry) are skipped. Note that different
addresses may resolve to the same name, therefore the output may contain duplicate entries. Do not make
any assumptions about the order of the output.
-b, --boot Always set a hostname; this allows the file specified by -F to be non-existant or empty, in which case the
default hostname localhost will be used if none is yet set.

-d, --domain Display the name of the DNS domain. Don't use the command domainname to get the DNS domain name
because it will show the NIS domain name and not the DNS domain name. Use dnsdomainname instead.

-f, --fqdn, --long Display the FQDN (Fully Qualified Domain Name). A FQDN consists of a short host name and the DNS domain
name.
-F, --file file name Read the host name from the specified file. Comments (lines starting with a `#') are ignored.

-i, --ip-address Display the network address(es) of the host name. Note that this works only if the host name can be resolved.
Avoid using this option if at all possible; use hostname --all-ip-addresses instead.

-I, --all-ip-addressesDisplay all network addresses of the host. This option enumerates all configured addresses on all network
interfaces. The loopback interface and IPv6 link-local addresses are omitted. Contrary to option -i, this option
 Disk Partitions and sizes
• Linux provides several tools for managing your hard disk partitions. You need to
know how to partition your disk if you want to add a disk to your system or change
your existing disk configuration.
• PC architecture computers have traditionally used Master Boot Record (MBR)
partition tables to store information about the sizes and layouts of the hard disk
partitions. There are many tools for managing MBR partitions that are quite stable
and well known. In the past few years, however, a new standard called Global Unique
Identifiers (GUID) partition tables began being used on systems as part of the UEFI
(unified extensible Firmware Interface-first program that runs when a computer is
turned on) computer architecture to replace the older BIOS method of booting the
system.
 Disk partitions
Viewing disk partitions
To view disk partitions, use the fdisk command with the -l option. The
following is an example of partitioning on a 160GB fixed hard drive on
a Red Hat Enterprise Linux 7 system:
•fdisk -l /dev/sda
Disk /dev/sda: 160.0 GB, 160000000000 bytes, 312500000 sectors Units =
sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos          
Disk identifier: 0x0008870c          
Device Boot Start End Blocks Id System

/dev/sda1 * 2048 1026047 512000 83 Linux  

/dev/sda2   1026048 304281599 151627776 8e Linux LVM

 Viewing Disk Partitions
• When a USB flash drive is inserted, it is assigned to the next available
sd (secure digital)device. The following shows the partitioning on a
USB drive from a RHEL system, where /dev/sdc is assigned as the
device name (the third disk on the system). Use the -c option with fdisk
to turn off DOS compatibility mode and -u to show the size in sectors
instead of cylinders, because partitions may not fall on cylinder
boundaries (default options changed recently, so the -c and -u options
are no longer needed in the latest RHEL or Fedora releases):
• fdisk -cul /dev/sdc
• Disk /dev/sdc: 8059 MB, 8059355136 bytes
• 248 heads, 62 sectors/track, 1023 cylinders, total 15740928 sectors
Disk /dev/sda: 500.1 GB, 500107862016 bytes       
255 heads, 63 sectors/track, 60801 cylinders, total 976773168 sectors
Units = sectors of 1 * 512 = 512 bytes          
Sector size (logical/physical): 512 bytes / 512 bytes    
I/O size (minimum/optimal): 512 bytes / 512 bytes     
Disk identifier: 0x000ebb20              
Device Boot Start  End  Blocks Id System  
/dev/sda1 * 2048  411647  204800 83 Linux  
 Primary, Extended, and Logical Partitions
• When partitioning, you’ll need to be aware of the difference between
primary, extended, and logical partitions.
• A disk with a traditional partition table can only have up to four partitions.
• Extended and logical partitions are a way to get around this limitation.
• Each disk can have up to four primary partitions or three primary
partitions and an extended partition. If you need four partitions or less,
you can just create them as primary partitions.
• However, let’s say you want six partitions on a single drive. You’d have to
create three primary partitions as well as an extended partition.
• The extended partition effectively functions as a container that allows
you to create a larger amount of logical partitions.
• So, if you needed six partitions, you’d create three primary partitions, an
extended partition, and then three logical partitions inside the extended
partition.
• You could also just create a single primary partition, an extended partition,
and five logical partitions — you just can’t have more than four primary
partitions at a time.
 Users
• What is a user account?
A user account is a systematic approach to track and monitor the usage of
system resources. Each user account contains two unique identifiers;
username and UID.
• When a user account is created, its username is mapped to a unique UID.
• Username is flexible. It can be changed as per requirement.
• It must be unique in system. Two users can’t use the same username.
• UID is fixed. It cannot be changed. Once assigned, it always remains the
same for that user account.
• Username is used to access the user account. Username is also known as
login name. UID is used to authenticate, track and monitor the activity of
user account. Username is used by the user while the UID is used by the
system.
 Types of users
• There are three types of user in Linux: - root, regular and service.
• The root user account
This is the main user account in Linux system. It is automatically created during the
installation. It has the highest privilege in system. It can do any administrative work and
can access any service. This account is intended for system administration and should
be used only for this purpose. It should not be used for routine activities. It can’t be
deleted. But if require, it can be disabled.
• The regular user account
This is the normal user account. During the installation, one regular user account is
created automatically. After the installation, we can create as many regular user
accounts as we need. This account has moderate privilege. This account is intended for
routine works. It can perform only the tasks for which it is allowed and can access only
those files and services for which it is authorized. As per requirement, it can be disabled
or deleted.
• The service account
Service accounts are created by installation packages when they are installed. These
accounts are used by services to run processes and execute functions. These accounts
are neither intended nor should be used for routine work.
 Kernel
• A kernel is the lowest level of easily replaceable software that interfaces
with the hardware in your computer. It is responsible for interfacing all
of your applications that are running in “user mode” down to the
physical hardware, and allowing processes, known as servers, to get
information from each other using inter-process communication (IPC).

• Different Types of Kernels

• In general, most kernels fall into one of three types: monolithic,

microkernel, and hybrid. Linux is a monolithic kernel while OS X (XNU)
and Windows 7 use hybrid kernels.
 Microkernel
• A microkernel takes the approach of only managing what it has to: CPU, memory,
and IPC. Pretty much everything else in a computer can be seen as an accessory
and can be handled in user mode. Microkernels have an advantage of portability
because they don’t have to worry if you change your video card or even your
operating system so long as the operating system still tries to access the hardware
in the same way. Microkernels also have a very small footprint, for both memory
and install space, and they tend to be more secure because only specific
processes run in user mode which doesn’t have the high permissions as supervisor
mode.
Pros Cons
Portability Hardware is more abstracted through drivers
Small install footprint Hardware may react slower because drivers are in user
Small memory mode
footprint Processes have to wait in a queue to get information
Security Processes can’t get access to other processes without
 Monolithic Kernel
• Monolithic kernels are the opposite of microkernels because they
encompass not only the CPU, memory, and IPC, but they also include
things like device drivers, file system management, and system server
calls. Monolithic kernels tend to be better at accessing hardware and
multitasking because if a program needs to get information from memory
or another process running it has a more direct line to access it and doesn’t
have to wait in a queue to get things done. This however can cause
problems because the more things that run in supervisor mode, the more
things that can bringPros
down your system if one doesn’t behave
Cons properly.
More direct access to hardware for programs Large install footprint
Easier for processes to communicate Large memory footprint
between each other Less secure because
If your device is supported, it should work everything runs in
with no additional installations supervisor mode
Processes react faster because there isn’t a
 Hybrid Kernel
• Hybrid kernels have the ability to pick and choose what they want to
run in user mode and what they want to run in supervisor mode. Often
times things like device drivers and file system I/O will be run in user
mode while IPC and server calls will be kept in the supervisor mode.
This give the best of both worlds but often will require more work of
the hardware manufacturer because all of the driver responsibility is
up to them. It also can have some of the latency problems that is
inherent with microkernels.
Pros Cons
Developer can pick and choose what Can suffer from same process lag as
runs in user mode and what runs in microkernel
supervisor mode Device drivers need to be managed by
Smaller install footprint than user (typically)
monolithic kernel
More flexible than other models
 Installing and Removing packages
with RPM Command
There is a wealth of information about installed packages in the
local RPM database. The rpm command contains dozens of
options to enable you to find information about each package,
such as the files it contains, who created it, when it was installed,
how large it is, and many other attributes. Because the database
contains fingerprints (md5sums) of every file in every package,
it can be queried with RPM to find out if files from any package
 Installing a package
• To install a package with the rpm command, type this:
• rpm -i zsh-5.0.7-4.fc21.x86_64.rpm
• Here, the entire package name is given to install with rpm, not just the
package base name. If an earlier version of zsh were installed, you could
upgrade the package using -U. Often, people use -h and -v options to get
hash signs printed and more verbose output during the upgrade:
• rpm -Uhv zsh-5.0.7-4.fc21.x86_64.rpm
•  Preparing… ####################[100%]
• 1:zsh ####################[100%]
• Although an install (-i) only installs a package if the package is not already
installed, an upgrade (-U) installs the package even if it is already installed. A
third type of install called freshen (-F) installs a package only if an existing,
earlier version of a package is installed on the computer. For example:
 Installing a package
• # rpm -Fhv *.rpm
• You could use the previous freshen command if you were in a
directory containing thousands of RPMs but only wanted to
update those that were already installed (in an earlier version)
on your system and skip those that were not yet installed. You
can add a few interesting options to any of your install options.
The --replacepkgs option enables you to reinstall an existing
version of a package (if, for example, you had mistakenly
deleted some components), and the --oldpackage enables you
to install an earlier version of a package.
• # rpm -Uhv --replacepkgs emacs-common-24.4-3.fc21.x86_64.
rpm # rpm -Uhv --oldpackage zsh-4.3.10-7.el6.x86_64.rpm
 Removing Packages
• You can remove a package with the -e option. You only need the
base name of a package to remove it. For example:

• # rpm -e emacs

• The rpm –emacs command would be successful because no other

packages are dependent on emacs. However, it would leave
behind emacs – common, which was installed as a dependency to
emacs. If you had tried to remove emacs-common first that
command would fail with a “Failed Dependencies” message.
 Querying RPM Information
• After the package is installed, you can query for information about the package.
Using the -q option, you can see information about the package, including a
description (-qi), list of files (-ql), documentation (-qd), and configuration files (-
qc).
• rpm -ql zsh
• Name : zsh
• Version : 5.0.7
• Release :4.fc21
•…
• --query format(different tags information)
• --query tags(all available tags)
• By adding a -p to those query options, you can query an RPM file sitting in your
local directory instead. The -p option is a great way to look inside a package
that someone gives you to investigate what it is before you install it on your
system.
 Querying RPM Information
• If you haven’t already, get the zsh package and put it in your local directory
(yumdown-loader zsh). Then run some query commands on the RPM file.
• rpm -qip zsh-5.0.2-7.el7.x86_64.rpm View info about the RPM file

• rpm -qlp zsh-5.0.2-7.el7.x86_64.rpm List all files in RPM file

• rpm -qdp zsh-5.0.2-7.el7.x86_64.rpm Show docs in the RPM file

• rpm -qcp zsh-5.0.2-7.el7.x86_64.rpm List config files in RPM file

 Verifying RPM Package
• Using the -V option, you can check the packages installed on your
system to see if the components have been changed since the
packages were first installed. Although it is normal for configuration
files to change over time, it is not normal for binaries (the commands
in /bin, /sbin, and so on) to change after installation. Binaries that are
changed are probably an indication that your system has been cracked.
• rpm -V zsh
• Good practice is to back up your RPM database (from /var/lib/rpm)
and copy it to some read-only medium (such as a CD). Then, when you
go to verify packages that you suspect were cracked, you know you
aren’t checking it against a database that has also been cracked.
The End