UNIX System Fundamentals – how to be a power user

* What are files?
* Permissions/users
* What are user accounts?
* User management
* Root vs. normal
* Groups
* What are packages?
* How to use package managers
* Differences between Linux Distributions
* Other package managers
What are users?
===============
* You, right now
.. code-block:: bash
$ whoami    # your username
$ who       # who is logged in?
$ w         # who is here and what are they doing?
$ id        # user ID, group ID, and groups you're in
* Not just people: Apache, Mailman, ntp
Users have
==========
* Username
* UID
* Group
* Usually (but not always) password
* Usually (but not always) home directory
Managing users
==============
.. code-block:: bash
$ cat /etc/passwd
# username:x:UID:GID:GECOS:homedir:shell
$ useradd $USER # vs adduser, the friendly Ubuntu version
$ userdel $USER
$ passwd
.. figure:: /static/xkcd215.png
:align: center
.. code-block:: bash
# GECOS: full name, office number and building, office phone extension, 
# home phone number (General Electric Comprehensive Operating System)
$ chfn # change GECOS information; only works sometimes
$ finger # tells you someone's GECOS info
Passwords
=========
* ``/etc/shadow``, not ``/etc/passwd``
.. code-block:: bash
test@x230 ~ $ ls -l /etc/ | grep shadow
-rw-r-----  1 root shadow   1503 Nov 12 17:37 shadow
$ sudo su -
$ cat /etc/shadow
daemon:*:15630:0:99999:7:::
bin:*:15630:0:99999:7:::
sys:*:15630:0:99999:7:::
mail:*:15630:0:99999:7:::
# name:hash:time last changed: min days between changes: max days 
#    between changes:days to wait before expiry or disabling:day of
#    account expiry
$ chage # change when a user's password expires
Root/Superuser
==============
* UID 0
* ``sudo``
.. figure:: /static/xkcd149.png
:align: center
Acting as another user
======================
.. code-block:: bash
$ su $USER          # become user, with THEIR password
$ su                # become root, with root's password
$ sudo su -         # use user password instead of root's
$ sudo su $USER     # become $USER with your password
.. figure:: /static/xkcd838.png
:scale: 80%
If someone has permissions errors:
* Check that they or their group owns the files
* Check that they have the flag +x to execute
What are groups?
================
* Manage permissions for groups of users
.. code-block:: bash
$ groupadd
$ usermod
$ groupmod
$ cat /etc/group
root:x:0:
daemon:x:1:
bin:x:2:
sys:x:3:
adm:x:4:
tty:x:5:
# group name:password or placeholder:GID:member,member,member
Hands-On: Users and Groups
==========================
.. note:: To give yourself sudo powers do the following:
#. Add your user to the ``wheel`` group using ``gpasswd``.
#. As the root user, use ``visudo`` and uncomment this line::
%wheel  ALL=(ALL)   ALL
#. Save the file and now you should have sudo!
*We'll cover sudo in more depth at a later time.*
* Create a user on your system for yourself, with your preferred username
* Give your user sudo powers
* Use use su to get into your user account
* Change your password
* Create a directory called bootcamp in your home directory
* Create a group called devops 
What are files?
===============
* Nearly everything
* Files have:
* Owner
* Permissions
* inode
* Size
* Filename
.. code-block:: bash
test@x230 ~ $ ls -il
total 8
2884381 drwxrwxr-x 5 test test 4096 Nov  6 11:46 Documents
2629156 -rw-rw-r-- 1 test test    0 Nov 13 14:09 file.txt
2884382 drwxrwxr-x 2 test test 4096 Nov  6 13:22 Pictures
File extensions
===============
* ``.jpg``, ``.txt``, ``.doc``
* Really more of a recommendation
* File contains information about its encoding
.. code-block:: bash
$ file $FILENAME # tells you about the filetype
test@x230 ~ $ file file.txt
file.txt: ASCII text
test@x230 ~ $ file squirrel.jpg 
squirrel.jpg: JPEG image data, JFIF standard 1.01
ls -l
======
* First bit: type
* Next 3: user
* Next 3: group
* Next 3: world
* user & group
.. code-block:: bash
$ ls -l
drwxrwxr-x 5 test test 4096 Nov  6 11:46 Documents
-rw-rw-r-- 1 test test    0 Nov 13 14:09 file.txt
drwxrwxr-x 2 test test 4096 Nov  6 13:22 Pictures
chmod and octal permissions
---------------------------
.. code-block:: bash
+=====+========+=======+
| rwx | Binary | Octal |
+=====+========+=======+
| --- | 000    | 0     |
| --x | 001    | 1     |
| -w- | 010    | 2     |
| -wx | 011    | 3     |
| r-- | 100    | 4     |
| r-x | 101    | 5     |
| rw- | 110    | 6     |
| rwx | 111    | 7     |
+=====+========+=======+
* u, g, o for user, group, other
* -, +, = for remove, add, set
* r, w, x for read, write, execute
chown, chgrp
------------
user & group
.. code-block:: bash
# Change the owner of myfile to "root".
$ chown root myfile
# Likewise, but also change its group to "staff".
$ chown root:staff myfile
# Change the owner of /mydir and subfiles to "root".
$ chown -hR root /mydir
# Make the group devops own the bootcamp dir
$ chgrp -R devops /home/$yourusername/bootcamp
Types of files
==============
.. code-block:: bash
drwxrwxr-x      5 test    test      4096    Nov  6 11:46 Documents
-rw-rw-r--      1 test    test         0    Nov 13 14:09 file.txt
drwxrwxr-x      2 test    test      4096    Nov  6 13:22 Pictures
----------     -------  -------  -------- ------------ -------------
|             |        |         |         |             |
|             |        |         |         |         File Name
|             |        |         |         +---  Modification Time
|             |        |         +-------------   Size (in bytes)
|             |        +-----------------------        Group
|             +--------------------------------        Owner
+----------------------------------------------   File Permissions
``-`` is a normal file
``d`` is a directory
``b`` is a block device
ACLs
====
* Access control lists
* Not recommended; hard to maintain
* Typically how other OSes manage permissions
* Support depends on OS and filesystem
Hands-On: Files and Permissions
===============================
.. code-block:: bash
$ touch foo # create empty file called foo
* As root, create a file in /home/$yourusername/bootcamp
* Who can do what to the file? 
* Make the devops group own the file
* Make a file called allperms and give user, group, and world +rwx 
* Make more files and practice changing their permissions
Package Management
==================
*Take care of installation and removal of software*
**Core Functionality:**
* Install, Upgrade & uninstall packages easily
* Resolve package dependencies
* Install packages from a central repository
* Search for information on installed packages and files
* Pre-built binaries (usually)
**Popular Linux Package Managers**
* .deb / APT (used by Debian, Ubuntu)
* .rpm / YUM (used by RedHat, CentOS, Fedora)
RPM & yum (RedHat, CentOS, Fedora)
==================================
.. image:: /static/rpm.png
:align: right
:width: 30%
**RPM**
Binary file format which includes metadata about the package and the
application binaries as well.
.. image:: /static/yum.png
:align: right
:width: 30%
**Yum**
RPM package manager used to query a central repository and resolve RPM
package dependencies.
Yum Commands (Redhat, CentOS, Fedora)
-------------------------------------
We'll use the ``tree`` package as an example below.
.. code-block:: bash
# Searching for a package
$ yum search tree
# Information about a package
$ yum info tree
# Installing a package
$ yum install tree
# Upgrade all packages to a newer version
$ yum upgrade
# Uninstalling a package
$ yum remove tree
# Cleaning the RPM database
$ yum clean all
RPM Commands
------------
Low level package management. No dependency checking or central repository.
.. code-block:: bash
# Install an RPM file
$ rpm -i tree-1.5.3-2.el6.x86_64.rpm
# Upgrade an RPM file
$ rpm -Uvh tree-1.5.3-3.el6.x86_64.rpm
# Uninstall an RPM package
$ rpm -e tree
# Querying the RPM database
$ rpm -qa tree
# Listing all files in an RPM package
$ rpm -ql tree
DPKG & Apt (Debian, Ubuntu)
===========================
**Deb**
Binary file format which includes metadata about the package and the
application binaries as well.
.. image:: /static/debian.png
:align: right
**DPKG**
Low level package installer for the .deb file format. Does no package
dependency resolution.
**Apt**
DPKG package manager used to query a central repository and resolve Deb
package dependencies. Considered mostly a front-end to dpkg.
Apt Commands (Debian, Ubuntu)
-----------------------------
.. note:: You can also use aptitude as a front-end to dpkg instead of apt-get.
.. code-block:: bash
# Update package cache database
$ apt-get update
# Searching for a package
$ apt-cache search tree
# Information about a package
$ apt-cache show tree
# Installing a package
$ apt-get install tree
# Upgrade all packages to a newer version
$ apt-get upgrade
$ apt-get dist-upgrade
# Uninstalling a package
$ apt-get remove tree
$ apt-get purge tree
Dpkg Commands
-------------
Low level package management. No dependency checking or central repository.
.. code-block:: bash
# Install or upgrade a DEB file
$ dpkg -i tree_1.6.0-1_amd64.deb
# Removing a DEB package
$ dpkg -r tree
# Purging a DEB package
$ dpkg -P tree
# Querying the DPKG database
$ dpkg-query -l tree
# Listing all files in a DEB package
$ dpkg-query -L tree
Language-specific Package Managers
==================================
* Languages sometimes have their own package management suite
* Can be useful for using newer versions of packages
* **Examples**
* pip (Python)
* rubygems (Ruby)
* CPAN (Perl)
* cabal (Haskell)
* npm (NodeJS)
* *... and so on forever ...*
Other Package Managers
======================
They each fill a specific niche and have their own pros and cons.
* Portage (Gentoo) -- Source based package installer
* pacman (Arch Linux)
* ZYpp / Zypper (SUSE) -- Yet another RPM package manager
Installing from source
======================
* Download source tarball, run build scripts and install in a local directory.
* RPM/DEB packages do this for you
* Not for the faint of heart ... **Not recommended!**
* Using ``grep`` as an example
.. code-block:: bash
$ wget http://mirrors.kernel.org/gnu/grep/grep-2.15.tar.xz
$ tar -Jxvf grep-2.15.tar.xz
$ cd grep-2.15
$ ./configure
$ make
$ make install
Hands-on: Package Management
============================
* Install the ``git`` package
* Query the RPM/APT database for installed packages
* List the files in an installed package
* Remove the ``git`` package
Questions:
==========
* read example output of ls -al
* read output of yum or aptitude search
* install a package on their VM/partition (Vim, Git)
* explain what dependencies it also installed

Leave a Reply

Your email address will not be published. Required fields are marked *