Foundational Linux Commands

Posted on 12 Jan 2022

Command Description
echo Output to the screen
whoami Display logged in user
cd ~ Change directory into current users home directory
cat concatenate
pwd Print working directory (current directory)
ls <folder> -a list all folder contents (including hidden files)
<CTRL + L> Clear terminal
find <location> -name <filename> Find the file with the name <filename> in the <location> specified.
grep “SearchString*” <filename> Search the filename file for the searchstring specified
& Run command in background
&& combine multiple commands into one line, if command one fails, command two won’t run
> Redirector
» appends the redirect, rather than overwriting
man <command> Display the manual for the command
touch file1 file2 create two blank files in the current directory. One called file1 one called file2
mkdir Make a directory
cp copy a file or folder
mv move a file or folder
rm -R <directoryname> remove a file or folder called <directoryname> and all its sub-folder contents
file <filename> determine the type of a file (e.g., ASCII)
su -l <user> substitute to user using their login variables (including their home directory and environmental variables). You need to know the users password to substitute the user
VIM Vi Improved
wget download files from the web using http
scp <Source> <Destination> Secure copy files from <source> to <destination>
python3 -m http.server Start the python web server to serve the current directory and contents via http
ps aux Show processes run by other users and those that don’t run from a session like system processes
htop highlighted view of top
kill <processID> Kill the process with the ID of <processID>
SIGTERM <processID> Cleanly kill a process with ID of <processID>
SIGKILL <processID> Kill the process without cleanup
SIGSTOP <processID> Stop/suspend the process without killing it
systemctl [option] [service] System Control of services, options include start, stop, enable (start on boot), and disable (disable boot option)
<CTRL+Z> Background a running process, like a script. Shows as T^Z in the terminal
fg bring background running process to foreground
crontab -e Edit crontab. Crontab is a text file responsible for managing cron jobs

When creating a new user, a new group with the same name is also created.

Permissions

Permissions are displayed like the following.
-rwxrwxrwx
These are split into permission sets.

File Type (- file) (d directory) File Owner Set Group Owner Set All Other Users Set
- rwx rwx rwx

Common Directories

/etc - System configuration data.
/var - Variable data, frequent data writes like logs.
/root - Home for the root system user.
/tmp - Temporary directory, when the computer is restarted, the contents is deleted. Accessible for everyone on the system.

Cron jobs

Cron jobs are used to execute commands at a particular time. Using the table below you can map the hour, minute etc. to the correct position when creating the entires in the crontab file.

Value Description
MIN What minute to execute at
HOUR What hour to execute at
DOM What day of the month to execute at
MON What month of the year to execute at
DOW What day of the week to execute at
CMD The actual command that will be executed.

You can use * as a wildcard.

Example
0 *12 * * * cp -R /home/<username>/Documents /var/backups/

This will copy the contents and subfolders of /home/user/Documents to the /var/backups/ directory on the hour, every 12 hours, every day of the month, every month, every day of the week.

Useful Crontab generators
https://crontab-generator.org
https://crontab.guru

apt

apt is used to install, update and remove software. apt repositories are used to manage the source of the software.
To verify the integrity of the software, use GPG (Gnu Privacy Guard) keys. Add the GPG key before you add the repository.

Example
Download the sublimetext GPG key and then add it to the apt-key repository.
wget -qO - https://download.sublimetext.com/sublimehq-pub.gpg | sudo apt-key add -
Now add the sublimetext repository to the apt sources list.
touch /etc/apt/sources.list.d/sublime-text.list
Now edit the sublime-text.list file.
vi /etc/apt/sources.list.d/sublime-text.list
Add the following to the file.
deb https://download.sublimetext.com/ apt/stable/
Update apt to recognise the new entry.
apt update
Now install it.
apt install sublime-text

To remove
add-apt-repository --remove ppa:PPA_NAME/ppa
Or delete the .list file created.
Once deleted, remote the software.
apt remove <SoftwareName>

find

Use the find command to search for items.
Find syntax is find where what
If nowhere is specified, find will search the current working directory and all its subdirectories.

Flags
The following flags can be used with find to make searching easier.
-type <d> (directories) or <f> (files)
-name case sensitive name search
-iname case insensitive name search
-size Size of the file. Use with -n smaller than n, +n greater than n, n on its own is exactly n sized. Size also requires a suffix, c for bytes, k for KiBs and m for MiB. Putting these together, to find one with is larger than 1 MiB use, +1M.
-perm permissions flag. Can specify symbolic form u=r or octal form 644.
Time based searches are performed with a word min for minutes or time for days, used together with a prefix of a for accessed, m for modified or c for changed. Example -mmin -5 will find files that were modified in the last 5 minutes and -ctime -2 will find all files changed in the last 2 days.
To find files with SUID permissions set use the flag -perm /u=s.
Exmaple.
find /usr/bin -type f -user root -perm /u=s

Hiding Permission denied messages

When performing a find, you will see permission denied messages when trying to access files and directories that the user runnning the command does not have permission to access. To hide these permission denied messages from the search, use this command.
find / -type f -user <username> 2>&1 | grep -v "Permission denied"

This will find all files owned by the user specified and hide Permission denied from the output. It uses the standard error (stderr) code 2 and combines it into the same output as the standard output (stdout) code 1, then filters with grep, performing an invert-match to select non-matching lines using -v to hide all “Permission denied” messages.
An alternative way is to suppress all errors by redirecting to /dev/null. Example.
find / -type f -user <username> 2> /dev/null
The disadvantage of this is that it will output all errors encountered running the command and not just the permission denied ones.

Useful guides
Bash Scripting - https://tryhackme.com/room/bashscripting
Regular Expressions - https://tryhackme.com/room/catregex

Tagged with: Command Line

The VCDX Defence

Posted on 05 Jan 2022

Overview

A few weeks ago, in late 2021, I sat and passed the VMware Certified Design Expert on Datacenter Virtualization (VCDX-DCV). The purpose of this post is to serve as an overview of what specific actions and tactical steps I took that I believe helped me pass the defence stage of the process.

To pass the VCDX, regardless of technology track you need to complete some specific steps. They are:-

  • Prepare and submit a production design package consisting of a design written to conform with business goals and business requirements, including risk management, and information on how to implement, operate, and validate said design.
  • Following submission, the design package is reviewed by a panel of experts to ensure it complies with the VCDX framework and meets the key objectives outlined in the VCDX blueprint.
  • Part 1 of the defence - Defend the design in a live panel review where you have 75 minutes to present your design to the panel and then defend your design decisions against the questions from the panel.
  • Part 2 of the defence - After a short break you are given a scenario by the panel and you have 45 minutes to question the panelists and deduce some specific requirements, identify any key risks and constraints and turn these into a logical design which forms the foundations of an entire solution design.

Tagged with: vSphere

Run Jekyll Static Content Website on Raspberry Pi

Posted on 11 Dec 2021

Overview

I run this static content website on Jekyll from files that are stored on GitHub.

To edit posts or add new content I would normally run a dev copy of the site locally on my laptop with Jekyll installed and modify it with Visual Studio Code then upload the changes to the live site on GitHub using git command line tools.
This works well except for those times I am not sat in front of my laptop, like now where I am sat on my iPad writing this. I wanted a solution where it could be hosted at home somewhere and then access it from mulitple locations and devices. My first thought was a VM (obviously, I am a VMware nerd after all!). This is ok if you don’t mind running a server 24/7 to host the VM, but I wanted something less power (and money) hungry, like my Raspberry Pi I use to run my home network tools, which uses a tiny amount of power and runs exceptionally quitely.

There are a few different blog posts out there with guidance on how to do this, but I wasn’t able to easily find one that was recent and with information that worked for my deployment. My Pi is a Raspberry Pi 4 with a default out of the box Raspberry Pi OS GUI installed, and a bunch of other software like Office applications, Scratch, browser and a few others. It also includes some of the prerequiste software like Ruby, however my version of Ruby didn’t work with the guides, and when I updated to a new version I ran into challenges as well, so this is what I did to successfully install and run my static site on Jekyll and then publish to GitHub, for your enjoyment!

First things first, check your version and if you are on an old version, we will update it to v3.x a bit later on.
ruby --version
Find out where its installed.
which ruby
Check you have gem, gcc, g++ and make installed. These are required to run Jekyll.

gem -v  
gcc -v  
g++ -v  
make -v  

Make a directory to store your static content website.
mkdir website
Go into the directory.
cd website/
Prepare your bashrc variables for the upcoming installs.

echo '# Install Ruby Gems to ~/gems' >> ~/.bashrc
echo 'export GEM_HOME="$HOME/gems"' >> ~/.bashrc
echo 'export PATH="$HOME/gems/bin:$PATH"' >> ~/.bashrc  

Reload bashrc
source ~/.bashrc

Prepare the website directory with your existing static content site by cloning the remote public site to your local website directory.
git clone https://github.com/USERNAME/blog
Initialize the local repository.
git init
Add the remote origin copy, which in my instance is in my master fork on GitHub.
git remote add origin https://github.com/USERNAME/blog
Verify its set correctly.
git status
Pull the origin copy, just to make sure you have a synchronous copy of what’s on GitHub.
git pull origin master
Verify status again.
git status

Now’s the time to update Ruby to v3.x.
Add the script to install the latest Ruby instance.
wget https://gist.githubusercontent.com/blacktm/8302741/raw/install_ruby_rpi.sh
Run the install script (This takes a little while to install).
bash install_ruby_rpi.sh
Reload the bashrc.
source ~/.bashrc
Verify the installed Ruby version, checking its now updated.
which ruby
ruby --version
Install bundler using Gem
gem install bundler
Install Jekyll
bundle install
If the install fails, update it first then install.
Update the bundle
bundle update
bundle install
Finally serve the Jekyll site. Note: If you want to access it from a remote session, like an iPad or Phone browser, specify the --host IP_ADDPRESS variable at the end.
bundle exec jekyll serve --host 192.168.2.61

Now you have the site up and running you can use the Git command line tools to upload updated content.

git status
git add -A
git status
git commit -m "New Comments on why updated or added"
git status
git push origin master
git status

Tagged with: Command Line

About MΣ

1 of 19 Next