Introduction to Linux Welcome SANOG IV Workshop 2004 Introduction ¡ ¡ Instructors: Helpers: Hervey Allen Kishor Panth Joe Abley July 2004 Philip Hazel Presented by Hervey Allen Network Startup Resource Center At what level are we? How the class runs What we'll do today 1 2 Schedule How the workshop runs Morning Evening sessions With your participation! ¡ Optional. Around 08:45-10:45 Class Please ask questions. If you don't understand ¡ 19:30-21:00. 10:45-11:00 Break something due to language, ask us to clarify. ¡ 11:00-13:00 Class Labs We are sharing workstations. This is good. You'll Lunch Open after dinner learn more working in groups. ¡ 13:00-14:00 (19:30) until around At the end of the week we'll have a written test. Afternoon 21:00. If there is class you ¡ 14:00-16:00 Class can use machines not in A Certificate of Attendance will be given as well. ¡ 16:00-16:15 Break/Tea use by those attending ¡ 16:15-18:15 Class class. 3 4 How the workshop runs – practical Outline Part 1 What distribution? We have a server in use for the workshop. IP and Red Hat Fedora Core 2 installation and Kickstart Notes server name will be given in class. System commands (cp, ls, cd, rm, etc.). Basic editor usage with vi. The PCs have Internet access, but during class Create and remove user accounts. we'll often work outside of XWindows. Discuss /etc/passwd, /etc/group, /etc/shadow. Commands, programs, shells and paths. The root password on your machine is Use of 'su' command for 'root', and /etc/sudoers. “SANOG2K4”. Download RPM packages using FTP and install them. We have several people assisting during the week Directory structures – what's where. Learn how to shutdown and restart the server. Initialization levels. to help with language issues and during Discuss /etc/ and /etc/rc.d/init.d/ (services). exercises. Practice what we've learned if there is time. 5 6 What distribution? Fedora Core 2 and Kernel 2.6.x Red Hat, Fedora, SuSE, Debian, Conectiva, Turbolinux, Fedora Core 2 uses Kernel version 2.6.5-1.358 Mandrake, United Linux, Gentoo, Slackware, other? etc? (see /proc/version). There are some changes (refer, also, to /usr/src/linux/Documentation/Changes): Or, do we use FreeBSD, Solaris, OpenBSD, NetBSD, HP/UX, AIX, Mac OS X, SCO, etc? ¡ mount has more options and supports more filesystems. What do you run? ¡ Modules work differently (/etc/modprobe.conf) Our response: ¡ Kernel building is a bit different. ¡ Currently Red Hat 9 appeared almost to be a standard ¡ Larger disk (TB) and memory (64GB) support. ¡ If you know Red Hat Linux using commands and text file, then you know enough to use other distributions. ¡ Pcmcia support partially built in to kernel. ¡ ¡ Lots of local as others are likely running RH/Fedora. Updates to NFS support and Quota support. ¡ We want to teach how to scale services and “good ¡ More... 7 network practices” using a reasonable system. 8 Installing Fedora Core 2 Basic Commands How can you install? Upgrade? cp, cd*, ls, mv, rm y man ¡ (*built in command shell commands). ¡ Using CD/DVD. Where are commands located? ¡ Hard drive partition /bin, /usr/bin, /usr/local/bin, /sbin, /usr/sbin ¡ Floppy/CD/DVD and an ftp/tftp/http/nfs server. ¡ The difference between “sbin”, “bin” and “ /usr” ¡ Floppy/CD/DVD and Kickstart file. If you know DOS: ¡ ¡ NIC PXE boot. cp = copy ¡ cd/chdir = cd/chdir Install options using the Kickstart graphicl tool. ¡ ls = dir ¡ We might install at the end of the workshop. mv = move (before it was copy and delete/erase ¡ rm = del[ete] and/or erase 9 10 Basic commands continued Some more commands... ¡ ¡ ¡ ¡ ¡ bg groupadd* man tail apropos ¡ ¡ ¡ ¡ Not a command, but we'll practice starting a ¡ bzip groupdel* mount* tar “ctrl-u” ¡ ¡ ¡ ¡ ¡ cat gzip more telinit* date* ¡ ¡ ¡ ¡ detached process. ¡ chgroup* history netstat top hexdump ¡ ¡ ¡ ¡ ¡ chmod ifconfig* nmap touch hwclock* ¡ ¡ To do this you use the “&” symbol the ¡ ¡ after ¡ clear info ping traceroute mkisofs ¡ ¡ ¡ ¡ command you wish to run that opens a separate chown* init* printenv uname ¡ tcpdump ¡ ¡ ¡ window. ¡ exec insmod* ps unset ¡ ¡ ¡ ¡ df kill pwd unzip ¡ ¡ ¡ For example, to open another terminal from within ¡ dmesg ln route* usermod* ¡ ¡ ¡ ¡ du locate rpm* users ¡ ¡ ¡ your terminal under XWindows type: ¡ export lsmod rmdir watch ¡ ¡ ¡ /usr/bin/gnome-terminal & ¡ find lsof rmmod* whereis ¡ ¡ * = root ¡ ¡ gcc mkdir set which ¡ ¡ ¡ ¡ grep “|” (pipe) su whoami 11 12 Looking for more information The vi editor Not only can you use commands to find information about Why use vi? Why not emacs, xemacs, joe, pico, your system, but you can look inside several files, and you can explore the /proc directory, as well. etc.? (Make note of “pico -w”) Example of files with useful information: vi exists in almost all distributions of /etc/motd Linux/Unix/BSD. /etc/issue /etc/resolve.conf If you have to work on a new machine, then vi /etc/services will almost always be available to you. /etc/X11/XF86Config In reality, you are likely to use a different editor /etc/modules.conf and with Kernel 2.6 /etc/modprobe.conf for more complex editing, but let's see what we /etc/fstab can do with vi --> 13 14 Basic vi commands Create and eliminate user accounts Impress your friends... /etc/passwd, /etc/group, /etc/shadow, /etc/sudoers /usr/sbin/adduser --> /usr/sbin/useradd vi fn, vi -r fn, vi + fn, vi +n fn, vi +/pat fn Open: /usr/sbin/userdel Close: :w, :wq, :q, :q! /etc/default/useradd Movement: h,j,k,l y w, W, b, B, :n (+arrow /etc/skel keys) /etc/login.defs Edit: i, o, x, D, dd, yy, p /etc/profile chsh, passwd, groupadd*, groupdel*, groupmod*, Search: /pattern, ?pattern, n, N usermod* Note: vi is alias to vim, and view is link to /usr/bin/vim under Fedora 15 16 Note: * requires root/admin access /etc/passwd /etc/shadow The /etc/password file has the following format: This file is used to hide encoded user passwords. hervey:x:500:500:Hervey Allen:/home/hervey:/bin/bash Only root can (or should) read this file. i.e.: /etc/shadow has the following format: userid:pw:UID:GID:name:directory:shell hervey:$1$w!@F62adfk3$LCYjTI3udsd/tGP1pux1:12452:0:99999:7::: Using /etc/shadow the “pw” is represented by an i.e.: “x”. If the user entry is actually something like a userid: password encoded with crypt: service, then the “shell” is represented with Days after Jan. 1, 1970 on which the password was last “/sbin/nologin”. changed: Days until the user can change the password: Number of days before a password expires: 17 18 /etc/shadow continued /etc/group In this file group names are specified (no more hervey:$1$w!@F62adfk3$LCYjTI3udsd/tGP1pux1:12452:0:99999:7::: than 8 characters), password, the Group Days before a password expires that a user is notified: IDentifying number (GID), and a list of group Days after a password expires that an account is members separated by commas: deactivated: Days since Jan. 1, 1970 that a user has been deactivated: For example: Reserved: mail:x:12:mail,postfix The “x” - If there is a group password, then it is stored in encoded format in /etc/shadow. What are groups used for? 19 20 Commands - programs – shell – path Using the su command What's a “command” and a “program”? The “su” command is used to become a different Why can't you always run all commands and userid, like root, without having to logout and programs on a system? log back in. How do you “fix” this? To use “su” to become root your userid has to be How do you see how things are configured for a given permission to do this in “/etc/sudoers”. user? You can allow users to run specific privileged ¡ /etc/skel commands using “/etc/sudoers” and “sudo”. ¡ /etc/profile ¡ /home/user/.bashrc You can assign users to the “wheel” group and ¡ /home/user/.bash_profile using “/etc/sudoers” you can allow them to run ¡ set, printenv, export all or some commands. 21 22 More uses for the su command Package installation using RPM Instead of having to open a root shell, you can run RPM stands for “Red Hat Package Manager” a privileged command like this: There are several systems to control and install sudo command software (rpm, dpackage/apt-get, yum, source). For example: Each one has its advantages and disadvantages. sudo less /etc/shadow RPM allows you to install and remove software And, if you wish to open a different user shell and on your server. You can, also, see the files run their login scripts do: associated with a package and where they install. su – userid RPM, however, cannot resolve software What happens if you don't use the “-”? dependencies between software packages. 23 24 Using RPM Usando RPM continued You can do quite a few things with RPM, but People use RPM differently. See the difference typically you install like this: between “rpm -Uvh” and “rpm -ivh”. Is it rpm -Uvh package-name.rpm really necessary to use the “-h” option? rpm -ivh package-name.rpm The key for anything that trys to organize your Found out if something is already installed: software is does it really function? RPM helps, rpm -qa | grep package-name but it does not solve the problems of knowing what you have installed, where, and what belongs Get more information about an already installed to what software package. RPM: rpm -qi package-name If you don't believe me see how many times you end up using “rpm –nodeps” in the future..