Linux for Beginners Bahador Bakhshi bakhshi@gmail.com 1 Agenda Introduction Linux Distributions Quick Start Files Process Shell & Programming Networking Security 2 Introduction This course is for beginners What you learn General introduction to GNU/Linux OS Basic operations in Text Mode A little about administration What you don't learn learn In depth Linux structure Kernel Internal System programming … 3 Introduction Security perspectives OS role Govern any things in computer Has privilege Insecure OS insecure machine 4 Introduction Why Linux? Free Open Source, Freedom, GPL (GNU Public License) No charge More secure OS for computer scientists Open source You see what happen, no hidden things You need it 5 History 1960 1974 in AT&T Free Unix Free BSD POSIX MULTICS, Multiplex Computing System Unix is commercial MINIX Simple and free UNIX liked OS, by Tanenbaum 6 History 1991 Linus Torvalds Free kernel for i386 5 Oct 1991 in newsgroup of minix 1994 Linux 0.0.2 Linux 1.0 Linux Logo TUX 7 Now linux-2.6.26, www.kernel.org Multitasking, SMP, multi-user Wide range of CPUs Popular OS in universities and academic research Platform of network services Open source Wide range of network protocols and services Platform for embedded development 8 Linux Distributions What required OS, kernel, kernel-space Applications, user-space Interfaces and basic commands Applications Services Kernel by Linus and world wide developers Most of applications by GNU project GNU : GNU is Not Unix Our operating system: GNU/Linux 9 Linux Distributions Red Hat & Fedora SuSE Most updated and user friendly Supported by Novel UBUNTU Stable and commercial support New fast growing user friendly Debian based Debian Most complete distribution, the Sarge 10 Linux Distributions Bluecat LinuxPPC Linux to run on PowerPC machines Astaro Linux for embedded systems Security applaince, Firewall, Antivirus Live CD KNOPPIX, PHLAK, Karamad, ... 11 Quick Start Access to Linux Remote Local Remote Through network Telnet, insecure and disabled now SSH, Secure Shell Protocol Local Linux installation or Live CDs 12 Quick Start System powered on BIOS POST Bootloader, Grub or LiLo Initialize Hardware Kernel extraction Kernel Initialize Hardware Kernel data structures initialization 13 Quick Start System Services Configured Services network and network services User interface Graphical Called as X window system, it is a service KDE, GNOME Text, Shells Switch between them: ALT-F? and CTRL-ALT-F? Screen 7 is the X 14 Text vs. X Contrary to MS Windows X isn't integrated into OS X is just an application Shell Interactive program, interface between user and kernel Real power of Linux, specially for hackers and administrators Bash (Brown Again Shell), tsh, csh We study Linux Text Mode and just applications not Kernel 15 Bash After successful login, you get shell prompt $ : user # : root There are two privilege in user space reset: reinitialize your screen Linux is case sensitive Autocomplete: commands and file names Commands in $PATH File name in specified path 16 Bash Linux is multiprocess, even in command line Process can be run in background Widecards * : string ?: a char []: regular expression IO redirection to file > : overwrite, >> : append < : Read input 2> : overwrite by stderror 17 Bash IO redirection to a process | : pass output of command as input to other command One of the main features in UNIX-like systems Simple commands which are piped together Some short-cuts CTRL-D: Logout, End of file CTRL-L: Clear Screen CTRL-C: Stop CTRL-Z: Suspend CTRL-E: cut to end of line CTRL-U: cut to start of line 18 Bash History for each user Use arrow keys !# : # command !<start_of_command>: last command started with ... CTRL-R: search history history: see command history .bash_history: saved $HISTSIZE number of command 19 Linux/shell vs. Windows/cmd Path separator: / not \ File extensions have NOT any meaning Hidden file started by ., .bashrc, .bash_history End of file is CTRL-D New line is \n not \n\r Options are passed by - or -- All system configurations are saved in text files 20 Help & Doc Command's builtin helps: -h or --help Man pages Info pages Documents in /usr/share/doc Info pages are NOT complete Easy to use info <command name> or pinfo <command name> whatis 21 Help & Doc Man pages Most complete documentation in Linux Very technical Title, description, see also and files man <man-category> file/command/function searched in <MANPATH> manpath : find out the <MANPATH> configuration file: /etc/manpath.conf man -k topic : search topic in titles = apropos man -K topic: search topic in body 22 Mans /usr/share/man man1: User commands man2: System libraries man3: Programming libraries man4: Special files man5: File formats man7: Misc. network protocols, ... man8: System administration Other mans: Application man pages 23 Internet documents The Linux Documentation Project: www.tldp.org Tutorials HOWTOs Software home pages Mailing lists Everything is googlized 24 Files Everything in Linux is file, if it is NOT process Files can be Regular file Directory Links device named pipe, ... Uniform interface, open, read/write, close You should fully understand the Linux file structure 25 Files Files system User Space, a tree structure Kernel Space, VFS and file system depended drivers What file systems in Linux Kernel configuration depended ext2, ext3, jfs, nfs, fat, ntfs, ... man fs mkfs.ext2, mkfs.ext3, mkfs.fat, ... make file systems 26 File system structure /boot /bin Binary files, basic utilities, required for boot /sbin Bootloader, bootloader config and kernel images System binary, system management tools /lib Shared libraries and kernel modules 27 File system structure /etc /home Home directory of users /root System configuration, passwords, service config Home directory of root /var log files, message files, lock files, www root, ... 28 File system structure /tmp /usr Like the /, /usr/include additional directories bin, sbin, /opt temporary files, socket files, pipe files Additional softwares /proc Virtual file system, process and system information Kernel Interface in user space 29 File system structure /dev /sys Device files, block devices, character devices Kernel interface for hardwares info and management /mnt and /media Add new media and file system into your file system New media has its own file system (kernel level driver) mount -t vfat /dev/sdb1 /mnt/flash 30 File System Navigation List directories ls Options: -a -l -h -R Walking in file system Absolute vs. Relative path cd <path> cd , cd –, cd ~ pushd popd 31 File System Navigation & Modification Find where are you, absolute name Make directory pwd mkdir <directory path> Remove empty directory rmdir <directory path> 32 File System Navigation & Modification Remove file rm <file name> rm -r <directory> -i: ask you, -f: force Secure remove shred -n: number, -z: fill zero shred -n 10 -z -v /tmp/xxx 33 File System Navigation & Modification move file and directories mv <source> <destination> copy file and directories cp <source file> <destination file> cp -r <source directory> <destination directory> What is the rename? 34 File System Navigation & Modification Links (like windows short-cuts) Two Types Hard ln <target file> <link name> Soft Hard (only for files) and soft (files & directories) ln -s <target name> <link name> View Links readlink <link name>, ls -l 35 File Commands Commands File as an object File content Alert timestamp of file Creation, access and modification touch <file name> : update mod. time to now -a : access time, -m : modification time -t : set time create new file 36 File Commands Find files and directories find <path> <regular expression> name, size, time, type, permission, ... find /etc/ -name *.conf -exec cp '{}' /home/backup ';' Where are commands and man pages whereis <command name> Which command is executed which <command name> 37 File Commands Archive Create: tar -cf <archive name> <directory> Extract: tar -xf <archive name> File Compression gzip <file name>, gunzip <zipped file name> best compress: -9 bzip2 <file name>, bunzip2 <zipped file> z* commands zcat, zdiff, zless 38 File Security File permissions ls -l -rwxrwxrwx: -(user)(group)(other) In binary format -421421421 r: read, w: write, x: execute 39 File Security More file permissions t: sticky bit. Others can not delete your file even with “w” permission Chang permissions s & g: Set User/Group ID. Change process id to file owner chmod [ugo][+-=][rwx/binary] file Attributes: undelete, fill zero, append only, ... lsattr, chattr 40 File Security Default permission umask: Invert of your permission umask 077: no one else can do anything Chang owner and group (only root) chgrp <group> file chown <user> file 41 File Commands Most important file type in Linux: Text Config files Log files Source codes File type file <file name> Binary files xpdf, gimp, openoffice2, firefox, konqueror, xdiv, kde, ... 42 File Commands What is in a file cat <file name> tac <file name> View large files more <file name> or pipe: ls -l | more less <file name> or pipe: cat test.txt | less View not all of file tail -# <file name>, -f is continues head -# <file name> 43 File Commands Search content of file grep <regular expression> <file name> -i: ignore case, -v: invert result, -r: recursive Count file words wc <file name> -l: Lines, -w: words, -c: characters Difference between files diff <file 1> <file 2> -Nu : create patch 44 Editors Again Text editor Text Editors X editors text mode editors Again text mode editors X editors gedit, kwrite kate 45 Editors emacs Old and very user friendly Menu based, F10 mcedit A part of the midnight commander Menu based, easy to use vi & vim (vi improved) Difficult Editor for programmers 46 vim Three modes Input mode: edit your document Command mode: simple commands Line input mode: special and advance commands Input mode Go from command mode by i or a Type what you want Arrow keys, del, home, ... are workings 47 vim Command mode, the default mode Go from input mode by: Esc Navigation commands home : start of line end : end of line b : previous word w : next work :# : go to line # 48 vim Edit commands x : cut a char #dw : cut # of words #dd : cut # of lines d$ : cut to end of line, d^ : cut to start of line #yw : copy # of words #yy: copy # of lines p : past u : undo 49 vim Line Input mode Go from command mode by : :w : save file, :w! : force to save :e <filename> : open file :q : quit, :q! : force to quit :! <any command>: run shell command /<str> : search str :#1,#2 s/<str1>/<str2> /[c,g]: replace 50 Process In Linux, every things is file, if it is NOT a process Linux is multi-user, multi-process, time-sharing OS Each process has a unique id and a parent (tree) Process can be run in Foreground Background Foreground is default 51 Process Background & at end of command suspend (CTRL-Z), send resume signal (bg <job id>) Process id is NOT job id fg <job id> : Job come from background to foreground jobs : list of jobs 52 Process Scheduling, running in background at time -f <file name>, atq, atrm <id> cron, crontab, man crontab nohup <command> & : Leave job running Priority less nice is better nice -# <command> : priority is decreased by # renice # <process id> : Change process priority 53 Process Monitoring ps : list of your process ps aux : all running process, with command Lines top : top processes ksysgaurd : Graphical monitor, more than process moni pstree : tree of running processes /proc/process-id : kernel information about processes 54 Process Process and Signal Signals are notifiers Kernel and users can send signals skill -<signal number> <process id>: user send signal skill -L : List of signals man 7 signal : Full description of signals kill <procees-id>, kill -9 <process-id> : Kill the process killall -9 <process name> : kill the process 55 System Information uname -a, -r : Kernel name dmesg : Kernel messages /var/log/ : system logs (syslogd) and application's messages date : date of system uptime : How long time your system is alive? iostat <device name>: usage of cpu and device users, who, w : list of on-line users finger <user-name>/@<computer name>: remote users info 56 Shell Executable applications Binary programs: usually in developed in C Scripts: shell, perl, awk, python, ... Shell (Bash) After login, your shell executes (/etc/passwd) .bash_profile /etc/bashrc .bashrc 57 Bash Environment Variables Save, parameters and some configurations Some important variables $PATH: Path of commands $HOME: Your home directory $SHELL: Your shell address $PS1: Bash prompt $USER: Your login name 58 Bash Define a variable View variable content echo $ABC Define variable for subsequent shells ABC=“This is test” export AAA=“This is test” View all variables printenv 59 Bash Script Bash programming language Variables User defined variables Built in variables: $0, $?, ... All commands 60 Bash Script Control statements for <name> in <word>; do <commands>; done case <variable> in x) <command>;; y) <commands>;; esac if <condition>; then <commands>; elif <condition> then <command>; fi while <condition>; do <commands>; done Example vim test.sh #!/bin/bash for file in *; do if grep -q $1 $file; then echo “Found in file: “ $file fi; done; exit 0 chmod +x test.sh ./test.sh test 62 C programming GCC: GNU Compiler Collection C, C++, Java, ADA, Fortran, ... Tools to build C or C++ program cpp: C preprocessor cc: C Compiler c++: C++ Compiler as: The assembler ld: Linker gdb: GNU debugger 63 C programming All steps altogether gcc -o <output name> <input C> Intermediate results -c : Just compile, with out linking -S: Produce assembly code -E: Just process the file -g: Add debugging options 64 C programming (make & Makefile) Open source world Automate compiling large packages: make & Makefile target : req1 req2 .... Rule1 to make target Rule2 to make target req1 : req11 req12 Rule11 to make req1 .... 65 Installing programs Binary format Distribution depended Red Hat & Fedora: rpm & yum Debian based (Ubuntu): apt-get Source code ./configure make make install Networking Most of network protocols are implemented in Linux Application layer: bind, apache, sendmail, ssh, ftp, NFS Transport layer: TCP, UDP Network Layer: IP, IPX, ATM Physical layer: PPP, Ethernet, 802.11 Configurations On line Config files 67 Networking Network interface (Ethernet) ifconfig eth0 10.10.10.1 netmask 255.255.255.0 up Red Hat: /etc/sysconfig/network & networking Ubuntu: /etc/network/interfaces Routing route add -net 192.168.0.0/24 gw 10.10.10.2 dev eth0 /etc/sysconfig/networking & network 68 Networking DNS /etc/resolve.conf /etc/hosts Host Name hostname /etc/hostname IP suit: ip route, ip address, ip route .... 69 Networking Monitoring and Troubleshooting List of all connections: netstat -an Find route and its MTU: tracepath, traceroute Check liveness: ping Your machine ip traffic: iptraf Sniffer: tcpdum, ethereal Scanners: nmap, amap, ... 70 Using from Network Remote shell: telnet, ssh Remote file transfer: ftp, lftp, sftp, scp Web: lynx, firefox Download: wget, crul, prozilla Mail: fetchmail, mail DNS resolver: nslookup, dig Windows NetBIOS: smb* commands 71 Services Linux services Network services: web, mail, ... Local services: udev, alsa Startup scripts /etc/init.d/<sevice name>, /etc/init.d/apache2 Configuration files /etc, /etc/apache2 72 Security Security Local: File security, Process security Network SELinux: role-based access control and sandboxing Each user Has its own unique ID, /etc/passwd Belong to some groups, /etc/group 73 Security Process security Each process has its own user id You can kill only your processes, root can do anythings 74 Network Security Statefull Firewall: iptables IDS: snort VPNs IPSec: openswan SSL: stunnel, openswan Secure services SSH, SSL, Tunneling 75 Now is the end time of my presentation But it is the start of your Linux learning