Cheatsheets
LPIC 101-102
[top] Accounts
useradd -d /home/[username] -m /etc/skel [username] - add a user
usermod - modify user
userdel - delete user
passwd - sets a user password
chage - set account expiration policy
groupadd [groupname] - add a group
groupmod - modify group
groupdel - delete group
gpasswd - sets a group password
newgrp - switch between groups
/etc/profile - global shell settings
/etc/skel - skeleton home directories
chmod - change permissions (can only be run by root or owner of file)
chown - change ownership
chown .[group] filename - change group
chgrp - change group [top] Apache
# /etc/init.d/apache reload - same as apachectl restart [top] Backups
cpio -
dump -
restore - used to restore dump archives
dd - makes an exact copy of a partition [top] Boot Loaders
LILO (Linux Loader)
/etc/lilo.conf
- if changed type "lilo" to re-install boot sector
- type "lilo -u" to uninstall lilo from the bootsector
GRUB (Grand Unified Boot Loader)
/boot/grub/grub.conf OR /boot/grub/menu.lst
- no need to re-install once changes are made, only after installing GRUB
- hd0,0 = first partition on first disk (hda1)
- hd0,4 = first logical partition on first disk (hda5)
- fd0 = floppy drive [top] Clocks
/etc/localtime
rm /etc/localtime
ln -s /usr/share/zoneinfo/US/Eastern localtime
hwclock --set --date "" - set hardware clock
hwclock --hctosys - set software clock to hardware clock
hwclock --systohc OR hwclock -w - set hardware clock to software clock
date MMDDhhmmYYYY - set software clock
NTP -
/etc/ntp.conf
/etc/init.d/ntpd restart
ntpq - verify an NTP server is functioning properly
ntpdate [ntp host] (deprecated) instead use ntpq -g [top] Cron
anacron - keeps a record of programs it should run & how frequently
if a time interval greater than a program's executation interval has passed, it
runs
/var/spool/cron/tabs - user crons are stored here
/etc/cron.allow
/etc/cron.deny
/etc/crontab - system cron jobs
format: minute hour dom month dow (0 or 7 = Sunday) user command
/etc/cron.interval - scripts run at certain intervals
crontab - utility to create user cron jobs
at - run a job once at a specified time
at [command] [MMDDYY/noon/teatime (4pm)/midnight] [top] DNS
named - program for BIND
/etc/named.conf - config for BIND
# /etc/init.d/named reload - do if changes are made to BIND [top] Documentation
http://www.tldp.org - The Linux Documentation Project[top] /etc
/etc/issue - displays message above login: prompt
/etc/issue.net - same as above but for telnet clients
/etc/motd - message of the day (GUIs do not display typically)
/etc/services - service ports [top] Filesystems
fsck - check a filesystem for errors
/etc/fstab - filesystem table
tuning
------
dumpe2fs - retreive info about current config. for filesystems
tune2fs - change filesystem parameters reported by dumpe2fs
debugfs - dumpe2fs, tune2fs plus others all rolled into one
journaling filesystems
----------------------
ext3fs, ReiserFS, XFS, JFS
disk quotas
-----------
/etc/fstab - add usrquota OR grpquota options
edquota - edits user quotas
quotacheck - verifies & updates quota information (run as a cron job)
repquota - summarizes quota info
quota - similar to repquota
od - used to view binary data
ln -s - if file removed link points to, link becomes a broken link
ln - if file is removed so is hard link
create an ext3 filesystem:
--------------------------
mkfs -t ext3 /dev/hda1
mke2fs -j /dev/hda1 (the -j option adds the journalling required for ext3)
mkfs.ext3 /dev/hda1
Must reside on root:
--------------------
/etc, /lib, /root, /sbin
Would NOT want in backups:
--------------------------
/dev, /tmp, /proc[top] Firewalls
ipfwadm
ipchains
iptables (Newer, prefered) [top] Hardware
BIOS (Basic Input/Output System) - provides config tools and initiates booting process
/proc/ioports - IO addresses used
/proc/interrupts - IRQs used (0 - 15)
/proc/dma - DMA channels used
/proc/bus/usb/devices
OHCI (1.x, ohci-hcd.ko) - Compaq, non-Intel, non-VIA chipsets, add on cards
UHCI (1.x, uhci-hcd.ko) - Intel, VIA chipsets
EHCI (2.0, ehci-hcd.ko) - newer devices
/proc/scsi/scsi - attached SCSI devices
setserial - displays/configures serial modem settings (/dev/ttyS0)
pnpdump - displays current configurations for isa pnp devices (pnpdump > isapnp.conf)
isapnp - makes changes to isapnp.conf and then issues this command to put changes input af
fect (isapnp isapnp.conf, must be done at every boot)
setpci - configures a pci device
lspci - list pci device settings
lsusb - list usb device settings
usbmodules --device /proc/bus/usb/005/004 - displays what driver is associated w/ a specif
ic usb device
usbmgr (/etc/usbmgr, /etc/usbmgr/usbmgr.conf) \__ manages usb dev
ices
hotplug (/etc/hotplug, /etc/hotplug/usb.usermap, 2.4.x kernel support) /
SCSI ids (8 bit) - 0-7 (7 high , 0 low priority) ( 7->0 )
SCSI ids (16 bit) - 0-15 (7 high , 8 low priority) ( 7->0, 15->8 )
sndconfig - configure sound cards
hda1 - master, primary, channel 1
hdb1 - slave, primary, channel 1
hdc5 - master, logical, channel 2
hdd5 - slave, logical, channel 2 [top] Hot Keys
CTRL+ALT+F1 - exit X-Windows to command prompt
CTRL+ALT+F7 or F8 - return to X-Windows
CTRL+ALT+BACKSPACE - restart X-Windows (ps ax | grep X ; kill PID - Debian) [top] Kernel
uname -a - get all kernel info
lsmod - list installed kernel modules
depmod - rebuilds the module dependancies file (/lib/modules/kernel-version/modules.dep)
for the modules in the current kernel's module's directory
insmod - insert a single module into the kernel
rmmod - unload a single kernel module
modinfo - get module info.
modprobe - loads a module into the kernel + any depended upon modules (/etc/modprobe.conf)
/etc/modules.conf - holds module aliases
module-update (Debian) - using /etc/modules.d rebuilds /etc/modules.conf
make config - executes a command line oriented view allows you to respond interactively du
ring the kernel build
make xconfig - can be used to load an X-based interface for interacting with during the ke
rnel build.
make dep - dependencies for the kernel can be created using this command
create a custom kernel
----------------------
1) goto www.kernel.org
2) download linux-version.tar.bz2
download linux-version.tar.bz2.sign
3) verify authneticity
gpg --keyserver wwwkeys.pgp.net --recv-keys 0x517D0F0E
gpg --verify linux.2.6.11.10.tar.bz2.sign linux.2.6.11.10.tar.bz2
4) unpack
cd /usr/src
tar -xvjf linux.2.6.11.10.tar.bz2
rm linux
ln -s linux.2.6.11.10 linux
5) configure
cd /usr/src/linux.2.6.11.10
a) adapt old configuration (best method)
cp old_kernel_dir/.config .
make oldconfig
b) text-mode config (tedious, last ditch method)
make config
c) text-mode menu config
make menuconfig
d) GUI config
make xconfig (functionally same as make menuconfig)
6) compile
make --> /usr/src/linux/arch/i386/boot/bzImage
7) put files in place
cp /usr/src/linux/arch/i386/boot/bzImage /boot/bzImage-2.6.11.10
cp /usr/src/linux/System.map /boot ; make modules_install (optional)
8) configure boot loader
LILO
vi /etc/lilo.conf
copy new working stanza in for new kernel section
modify label= line to give copy a new name
modify image= line to point to new kernel
type lilo -> MBR
GRUB
vi /boot/grub/menu.lst (grub.conf on RH)
grub-install /dev/hda OR '(hd0)' -> MBR
grub-install /dev/hda1 OR '(hd0,0)' -> boot sector
dmesg - /var/log/dmesg [top] Libraries
/etc/ld.so.conf - edit this file to make system wide changes to library configurations and
then type ldconfig
ldd - check which libraries a program uses
ldconfig - updates the /etc/ld.so.cache. ld.so or ld-linux.so reads this when trying to l
oad libraries
reads the /etc/ld.so.conf file
processes /lib & /usr/lib only[top] Login Files
LOGIN
=====
1) /etc/profile
2) ~/.bash_profile OR ~/.bash_login OR ~/.profile
LOGOUT
======
1) ~/.bash_logout
LOGIN (SHELL)
=============
1) ~/.bashrc
2) ~/.inputrc (keybindings) [top] Logs
syslogd - log daemon
/etc/syslog.conf
priority codes - debug, info, notice, warning (warn), error (err), crit, alert, panic (eme
rg)
logrotate - rotates logs
/etc/logrotate.conf [top] Mail
sendmail
--------
/etc/mail/sendmail.cf - config file (very hard to understand)
/etc/mail/sendmail.mc - used to generate the sendmail.cf file
/etc/aliases - holds username translations
newaliases - creates aliases.db from /etc/aliases (aliases.mc)
/etc/mail/access - controls mail relaying
# m4 < myconfig.mc > sendmail.cf - configure sendmail (edit myconfig.mc first)
# /etc/init.d/sendmail reload
/etc/mail/local-host-names - add hostnames to accept email from here
mailq - check mail queue
sendmail -q - force sendmail to send all messages in the mail queue
/var/spool/mqueue - mail queue [top] Man
man [section] topic
/etc/man.conf
MANPATH [top] Miscellaneous Commands
tee
nl
pr
nice - starts a process at a certain priority level
renice - changes the priority of a running process ("top" can too)
cat - display file
tac - display file in reverse order
sed
tr
file - indicates what type of file
su - switch user
sudo - run command as another user [top] Networking
nmap - does a basic check for open ports
nmap -sT [host]
nslookup - does dns lookups (deprecated)
host - replaces nslookup
dig - more flexible than host
whois - lookup domain name information
/etc/hosts - set
/etc/hostname - set computer name
/etc/resolv.conf - specify name servers
setup a static IP (what you need)
---------------------------------
- new IP Address
- netmask
- 1-3 DNS server IPs
- gateway (router) address
DHCP
pump
dhcpclient
dhcpcd
PPP
pppd - deamon
/etc/ppp/pap-secrets
/etc/ppp/chap-secrets
/usr/share/doc/ppp-2.4.2/scripts
ppp-on - start connection
ppp-on-dialer - start connection
ppp-off - break connection
/etc/ppp/options - pppd options
/etc/ppp/ip-up \__ executed by pppd behind the scenes
/etc/ppp/ip-down /
wvdial - tex mode front end to pppd
/etc/wvdial.conf
~/.wvdialrc
ifconfig - display/set network hardware settings
ifconfig wlan0
ifconfig wlan0 up 192.168.1.105 netmask 255.255.255.0
ping -c 4 xavier - send 4 packets to xavier
route - setup route for traffic beyond your network
route add default gw [ip]
traceroute -n xavier - sends 3 packets between your system and target system
netstat - swiss army knife
netstat -ap
netstat -i - interface such as ifconfig
netstat -r - routing table similar to route
netstat -M - NAT
netstat -p - programs using network connections
/etc/protocols - service protocols
/etc/services - ports numbers for service types
tcpdump - packet sniffer
/etc/services - common services & ports
20 - FTP (data)
21 - FTP (control)
23 - Telnet
25 - SMTP (Simple Mail Transfer Protocol)
53 - DNS (Domain Name Service)
80 - HTTP (HyperText Transfer Protocol)
110 - POP3 (Post Office Protocol version 3)
119 - NNTP (Network News Transport Protocol)
143 - IMAP (Internet Message Access Protocol)
161 - SNMP (Simple Network Management)
DHCP - can be used to automatically issue IP addresses, or you can enter them manually.
IP addresses - are 32-bit entities given as four octets separated by periods. The first oc
tet identifies the class of the network:
* 1-126 is Class A
* 128-191 is Class B
* 192-223 is Class C
The IP addresses must be unique within the world in which they communicate. If the host is
connected only to two other computers, then the address need only be unique among the oth
er computers; if the computer is connected to the Internet, the address needs to be unique
within the world.
There are a number of private IP addresses set aside for use by private networks. One priv
ate range exists within each class, and these include:
* 10.x.x.x for Class A
* 172.16.x.x - 172.31.x.x for Class B
* 192.168.x.x for Class C
The subnet mask, also known as the netmask, identifies whether a host to be reached is loc
al or on a remote network, The default subnet mask for Class A addresses is 255.0.0.0; for
Class B is 255.255.0.0; for Class C is 255.255.255.0.
225.0.0.0 (172.16.10.1/8)
225.225.0.0 (172.16.10.1/16)
225.225.225.0 (172.16.10.1/24)
225.225.225.225 (172.16.10.1/32) [top] NFS
/etc/exports - shared directories and the list of hostnames that may access it
# mnt -t nfs challenger.luna.edu:/opt /share/opt [top] Package Managers
RPM
rpm - installs, upgrades or uninstalls RPMs (typically red hat)
rpm -V [package] - does package verification
rpm --nodeps - do not perform dependancy checks
rpm -F - update package only if any earlier version exists
Debian
dpkg - installs a single or group of packages (typically debian)
apt-get - retrieves installation software from internet or media drives. Can update en
tire system.
dselect - menu driven interface to apt-get
apt-get update - updates packages
apt-get dist-upgrade - upgrades system
dpkg --configure [pkg].deb - configures package
alien - converts between package types (rpm, deb, stampede, tarballs)
rpm2cpio - converts rpm -> cpio acrhive. Enables users of non-rpm systems to access files
in an RPM. [top] Partitions
primary partitions (4)
extended partition - single partition
logical partitions - partitions contained within the extended partition
0x82 (82) = linux swap partition
0x83 (83) = linux filesystem partition
0x0f, ox05 = linux extended partitions
fdisk - used to partition/examine disks
mkfs - creates a filesystem
mkswap - creates swap space [top] Passwords
/etc/passwd
/etc/group
pwconv ; grpconv - creates shadow passwords
/etc/shadow
/etc/gshadow
pwunconv ; grpunconv - undoes shadow passwords [top] Printing
lp commands
lpr - submits a printing job
lpq - display print queue info
lprm - remove print jobs from queue
lpc - starts, stops and re-orders job within print queue
cups commands
lpc - basically same as above but more limited
lpmove - move one a print job from one queue to another
/var/spool/lpd - lp queue
/var/spool/cups - CUPS queue
lpd - lp print deamon
lpd.perms - sets permissions for lpd service
lpd.conf - used to configure the lpd service
cupsd - cups priont daemon
/etc/rc.d/init.d/lpd restart
ghostscript - takes postscript input, parses it and produces output in dozens of bitmap fo
rmats
smart filter - determines type of output (such as postscript) and sends it through the app
ropriate programs (such as ghostscript)
/etc/printcap - lp define printers file here, read once at startup by lpd
/etc/cups - cups define printers directory
/etc/cups/printers.conf - cups define printers file
/etc/cups/cupsd.conf - cups server config[top] Runlevels
/sbin/init <- /etc/inittab
0 - shutdown system
1 - single user mode
2 - full X multi-user (Debian)
3 - full console multi-user (Others)
4 - undefined
5 - full X multi-user (Others)
6 - reboot
- chkconfig --list OR chkconfig --list [service name] - checks runlevel status
- ntsysv - menu to configure current runlevels
- runlevel - determine current runlevel (first char is prev. run level, second is current)
- init [runlevel] - immediately change runlevel
- telinit [runlevel] - same as init but given the [qQ] option will re-read /etc/inittab fo
r any changes
(init will accept this as well, since telinit is usually just a symbolic link)
- shutdown now - puts system into single user mode immediately (better for multi-user syst
ems than using init 1)
- halt
reboot
poweroff [top] Samba
/etc/samba
/etc/samba/smb.conf
SWAT - Samba Web Administration Tool (launched from super server)
# /etc/initd.d/xinetd reload - do if changes are made to SWAT [top] Search
(s)locate [string]Works from a database (updatedb used to update database).
find . -name [string]
find . -name -exec grep blah {} \;whereis [string] A quick way to find executables, documentation or config files.
which [string] [top] Security
tripwire - records info about all important files on computer
/etc/tripwire/twcfg.txt
/etc/tripwire/twpol.txt
/etc/tripwire/tw.cfg
/etc/tripwire/tw.pol
/etc/tripwire/twinstall.sh
tripwire --init (create binaries)
tripwire --check (check current state of system against db)
tripwire --update (update db, incase package is upgraded)
chkrootkit - scans for viruses
chkrootkit
/etc/security/limits.conf - system PAM limits
/etc/nologin - if present only root can login [top] Shell
set -o noclobber - prevent overwriting of files
$PS1 - environmental variable which holds the prompt[top] Signals
HUP 1 exit hangup or death of process
INT 2 exit interrupt from keyboard
KILL 9 exit this signal may not be blocked, kill process
TERM 15 exit teminate process [top] SSH
/etc/ssh/ssh_config - ssh configuration file
/etc/init.d/ssh reload
# ssh-keygen -q -t rsal -f /etc/ssh/ssh_host_key -C '' -N ''
# ssh-keygen -q -t rsa -f /etc/ssh/ssh_host_rsa_key -C '' -N ''
# ssh-keygen -q -t rsal -f /etc/ssh/ssh_host_dsa_key -C '' -N ''
- do only if computer does not have these keys already
~/.ssh/authorized_keys - put public keys here so won't have to login from remote server
# ssh-keygen -t rsa - create a rsa key pair
# ssh-keygen -t dsa - create a dsa key pair [top] Super Server
inetd
TCP Wrappers - called by inetd
o checks for client authorization (/etc/host.allow, /etc/host.deny)
o then calls server program once auth. established
xinetd - /etc/xinetd.conf -> /etc/xinetd.d
/etc/rc.d/init.d/inetd restart
/etc/rc.d/init.d/xinetd restart [top] SysV Startup Scripts
- /etc/init.d/rc [0-6] - runs the respective scripts in /etc/rc.d/rc[0-6].d
- S scripts start
K scripts stop
- scripts are run in numeric order based on numeric script name
- chkconfig
- /etc/rc.d/init.d/server [start/stop/restart] [top] SUID/SGID/Sticky Bit Values
4000 = SUID \__ 6000 = SUID + SGID \
2000 = SGID / |--- 7000 = SUID + SGID + sticky bit
1000 = sticky bit /[top] VI
Modes:
insert mode
command mode
ex mode
Commands:
k - up
j - down
h - left
l - right
^ - beginning of line
$ - end of line
1G OR :0 - goto start of file
G OR :$ - goto end of file
nG - goto line #
a - append here
A - append at end of line
J - join 2 lines
i - insert here
I - insert at start of line
R - overstrike
o - open line below current line
O - open line above current line
p - put yanked line below current line
u - undeo last change
U - undo all changes
x - delete character
yy - yank line
:%s/str1/str2/g - substitute string str1 to string str2 globally
/pattern - search pattern
n - repeat previous search
N - repeat previous search in reverse
n1,n2tn3 - copy lines from line n1-n2 and put after line n3
n1,n2mn3 - move lines from line n1-n2 and put after line n3
:q - quit
:q! - quit w/o save
:x OR :wq - save & quit Files:
~/.exrc
~/.vimrc
Settings:
set number - sets numbering[top] X-Windows
xf86config - crude & text based to create X configuration (XFree86)
XF86Setup - GUI used to adjust settings (XFree86)
Xconfigurator - text based menu to create X configuration (
xorgcfg - (X.org)
config files
------------
XFree86 <= 3.36 - /etc/X11/XF86Config or /etc/XF86Config
XFree86 >= 4.x - /etc/X11/XF86Config-4 or /etc/XF86Config-4
X.org-X11 - /etc/X11/xorg.conf
xdm - /etc/X11/xdm/xdm-config
- /etc/X11/xdm/Xresources (greeting)
user selection - gui, ~/.xinitrc OR ~/.xsession
- display bar:0 - set a display parameter for an application
- export DISPLAY=192.168.4.5:0 - output display on machine 192.168.4.5
telinit 3 - runlevel 3 (X does not start automatically at boot)
telinit 5 - runlevel 5 (/etc/init.d/xdm start - Debian)
startx - start X windows 
