You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
|`netstat -i`| Stats about the network interfaces |
752
-
|`netstat -l`| Lists listening sockets |
753
-
|`netstat -s`| Summary for each protocol |
754
-
|`netstat -r`| Equivalent to `route`|
755
-
756
-
757
-
## <spanid="security"></span>Basic security and user types
758
-
759
-
### <spanid="root-std-users"></span>Root and standard users
760
-
- Only the user and root can access the user's files.
761
-
-`finger $username` gives info on a user (login, directory, name, and shell)
762
-
-`id $username` gives user ID, group ID, group memberships
763
-
-__/etc/passwd__ has list of users who can authenticate locally. Each line indicates the user, the user's pw (legacy field), UID, GID for default group, full name or comment, home dir, and default shell
764
-
-__/etc/shadow__ has list of user passwords. Each line has the username, hashed pw, last modified field in Unix epoch, max days before a password must be changed, days ahead of max when the user will be prompted to change the password, the days to wait to disable the account if the password remains expired, and the expired field.
765
-
-__/etc/sudoers__ has a list of sudoers
766
-
-__/etc/group__ shows the group, password for the group, GID, and list of users who are members
767
-
-`pwck` checks whether passwd and shadow are in sync.
768
-
-`pwconv` adds any missing users from etc to shadow.
769
-
- Root exists to perform administrative tasks and can therefore access all files.
770
-
-`su` or `su -` let’s you become Root. `su - username` gives us a shell as that user, with their PATH var.
771
-
-`sudo $cmd` is a per-command way to elevate privileges.
772
-
-`who` = who is logged in
773
-
-`W` shows logged in users and their processes.
774
-
-`who -b` last boot time
775
-
-`who -m` whostname and user associated with it
776
-
-`who -r` our current run level
777
-
-`who -q` number of users logged in
778
-
-`who -a` all of the above
779
-
-`last [$username]` who logged in, when, and how, in reverse chronological order
780
-
781
-
782
-
## <spanid="users-groups"></span>Creating users and groups
783
-
- Every user acct has a UID and a textual username.
784
-
- Different users could have the same UID and therefore identical rights to the same files. You should never do this.
785
-
-`id` will show the current user’s UID and GID. You can also type `id $username`
786
-
-`groups $username` shows the group memberships.
787
-
-`groupadd <grp-name>` = add a new group
788
-
-`useradd [-G $GID] -m -c "John Doe" jdoe` = add a new user. This command pulls defaults from __/etc/default/useradd__
-`chmod` = change mode of a file or directory, affecting permissions
818
-
+`chmod u=rwx,g=rw,o=r $file_name`
819
-
+`chmod o-rx daily.sh` = remove read and execute permissions from others
820
-
+`chmod -R o-rx shell-scripting/*` = recursively alter permissions for files in a directory, but not the directory itself
821
-
* Applying the command to the directory instead of including `/*` also alters the directory.
822
-
+`chmod 600 test1.txt` = modify permissions on the file with rw permissions for the user and no permissions for the group or others
823
-
-`chown $file_or_dir` = change ownership of a file/directory
824
-
+`chown $username:$group $file`
825
-
* You can omit the colon and the group if you're only changing the user. `chown $username $file`
826
-
* You can omit the user if you're changing the group membership: `chown :$group $file`
827
-
* Only root can change the user who owns a file
828
-
-`chgrp` = change group ownership of a file/directory
829
-
830
-
831
-
## <spanid="special"></span>Special directories and files
832
-
833
-
### <spanid="symlinks"></span> Symbolic links
834
-
- Symlinks are similar to windows shortcuts. They reference the path to a file, not the file itself.
835
-
- If the original file/dir is moved, the symlink breaks.
836
-
-`ln -s $src_name $link_name` one convention is to append `.lnk` to the end of the symlink name
837
-
-`unlink $link_name` removes the symlink
838
-
- Symlinks display an __l__ in the file descriptor column of the `ls -l` output.
839
-
- Hard links are another pointer to the exact data on the hard disk. Deleting only one doesn't delete the file.
840
-
+`ln $src_file $link_name`
841
-
842
-
### <spanid="special-files-dirs"></span> Special files and directories, and the sticky bit
843
-
-__/var/tmp:__ Has temp files that do __not__ get deleted on reboot
844
-
-__/tmp:__ Has files that get deleted upon reboot
845
-
+ Files in this directory have the sticky bit set, meaning that only users who created a file can delete that file even if everything has rwx permissions for this directory. This cam be seen via `ls -ld /tmp`, which gives `drwxrwxrwt. 8 root root 211 May 23 18:22 /tmp`
846
-
- There are two ways to apply the sticky bit to a directory:
847
-
+`chmod o+t $dir_name`
848
-
+`chmod 1777 $dir_name` the `1` denotes the sticky bit. To remove it, use `chmod 777 $dir_name`, where the absence of the `1` implies a zero (`chmod 0777 $dir_name`)
0 commit comments