Linux MIT

MỤC LỤC
Chương 1. HĐH Linux ...................................................................................... 8

1.1 Linux Foundation ..................................................................................... 8
1.1.1 About The Linux Foundation ............................................................ 8
1.1.2 The Linux Foundation Training......................................................... 9
1.1.3 Training That Builds Skills................................................................ 9
1.1.4 The Linux Foundation Events ......................................................... 10
1.2 Course Software Requirements .......................................................... 11
1.2.1 Focus on Three Major Linux Distribution Families ......................... 12
1.2.2 The Linux Kernel Distribution Families and Individual Distributions
................................................................................................................. 13
1.2.3 The Red Hat Family ........................................................................ 14
1.2.4 The SUSE Family ........................................................................... 14
Key Facts About the SUSE Family .......................................................... 15
1.2.5 The Debian Family .......................................................................... 15
Chương 2. Giới thiệu HĐH Linux .................................................................... 17
2.1 Linux History ......................................................................................... 17
2.2 Linux Philosophy ................................................................................... 19
2.3 Linux Community .................................................................................. 19
2.4 Linux Terminology ................................................................................ 20
2.5 Linux Distributions ................................................................................ 20
2.5.1 Services Associated with Distributions ............................................... 22
Chương 3. Linux Basic and System Startup ..................................................... 23
3.2 Tiến trình khởi động HĐH LINUX ........................................................ 23
3.2.1 The Boot Process............................................................................. 23
3.2.2 BIOS - The First Step ...................................................................... 23
3.2.3 Master Boot Record (MBR) and Boot Loader ................................. 24
3.2.4 Boot Loader in Action ..................................................................... 25
3.2.5 Initial RAM Disk............................................................................. 26
3.2.6 Text-Mode Login ............................................................................ 27
3.2.7 The Linux Kernel ............................................................................ 27
3.2.8 /sbin/init and Services ..................................................................... 28
3.3 Một số phương thức khởi động khác ...................................................... 29
3.3.1 Upstart............................................................................................. 29
3.3.2 systemd ........................................................................................... 29
3.3.3 systemd Features ............................................................................. 29
3.4 Linux Filesystems .................................................................................. 30
3.4.1 Phân vùng và hệ thống tập tin Partitions and Filesystems ................ 31
3.4.2 The Filesystem Hierarchy Standard ................................................. 32
3.4.3 More About the Filesystem Hierarchy Standard .............................. 33
3.5 Choosing a Linux Distribution ............................................................... 33
3.5.1 Tiêu chí lựa chọn ấn bản.................................................................. 34
3.5.2 Linux Installation: Planning ............................................................ 34
3.5.3 Linux Installation: Software Choices............................................... 35
3.5.4 Linux Installation: Install Source ..................................................... 36
3.5.5 Linux Installation: The Process ....................................................... 37
3.5.6 Linux Installation: The Warning...................................................... 37
Chương 4. Giao diện đồ họa ............................................................................ 39
4.1 Graphical Desktop.................................................................................. 39
4.2 X Window System ................................................................................. 40
4.3 GUI Startup ............................................................................................ 42
4.4.1 GNOME Desktop Environment....................................................... 42
4.4.2 Session management ....................................................................... 44
4.6 Basic Operations .................................................................................... 48
4.6.1 Locating Applications ..................................................................... 48
4.6.2 Default Applications ....................................................................... 49
4.6.3 File Manager ................................................................................... 50
4.6.4 Home Directories ............................................................................ 51
4.6.5 Viewing Files .................................................................................. 52
4.6.6 Searching for Files .......................................................................... 53
4.6.7 Tìm kiếm ......................................................................................... 54
4.6.8 Editing a File ................................................................................... 55
4.6.9 Removing a File .............................................................................. 56
Chương 5. Cấu hình hệ thống từ Giao diện đồ họa ........................................... 59
5.1 System/ Display/ DateTime Settings ...................................................... 59
5.2 System Settings Menus .......................................................................... 60
5.3 Display Settings ..................................................................................... 62
5.3.1 Setting Resolution and Configuring Multiple Screens ..................... 62
5.4 Date and Time Settings .......................................................................... 63
5.5 Network Time Protocol .......................................................................... 64
5.6 Network Configuration .......................................................................... 66
5.6.1 Wired and Wireless Connections ..................................................... 67
5.6.2 Configuring Wireless Connections .................................................. 67
5.6.3 Mobile Broadband and VPN Connections ....................................... 70
5.7 Installing and Updating Software ........................................................... 71
5.7.1 Debian Packaging............................................................................ 71
5.7.2 Red Hat Package Manager (RPM)................................................... 72
5.7.3 openSUSE’s YaST Software Management ...................................... 72
Chương 7. Command Line Operations ............................................................. 74
7.1 Introduction to the Command Line......................................................... 74
7.2 Using a Text Terminal on the Graphical Desktop................................... 74
7.3 Launching Terminal Windows ............................................................... 75
7.4 Some Basic Utilities ............................................................................... 76
7.4.1 The Command Line ......................................................................... 77
7.4.2 sudo................................................................................................. 78
7.4.3 Steps for Setting Up and Running sudo ........................................... 78
7.5 Switching Between the GUI and the Command Line ............................. 79
7.6 Virtual Terminals ................................................................................... 80
7.7 Turning Off the Graphical Desktop ........................................................ 81
7.8 Basic Operations .................................................................................... 83
7.8.1 Logging In and Out ......................................................................... 83
7.8.2 Rebooting and Shutting Down......................................................... 84
7.8.3 Locating Applications ..................................................................... 85
7.8.5 Accessing Directories ...................................................................... 86
7.8.6 Viewing Files .................................................................................. 92
7.9 Standard File Streams ............................................................................ 96
7.9.1 I/O Redirection ................................................................................ 97
7.9.2 Pipes................................................................................................ 97
7.9.3 Searching for Files .......................................................................... 98
7.9.4 locate ............................................................................................... 99
7.9.5 Wildcards and Matching File Names ............................................. 100
7.10 The find Program ........................................................................... 101
7.10.1 Using find.................................................................................... 101
7.10.2 Finding Files Based on Time and Size ......................................... 103
7.11 Install Software .................................................................................. 104
7.11.1 Package Management Systems on Linux ..................................... 104
7.11.2 Package Managers: Two Levels .................................................. 105
7.11.3 Working With Different Package Management Systems ............. 106
Chapter 9. Process Management .................................................................... 109
9.1 Introduction to Processes and Process Attributes ................................. 109
9.1.1 Processes ....................................................................................... 109
9.1.2 Process Types ................................................................................ 110
9.1.3 Process Scheduling and States ....................................................... 111
9.1.4 Process and Thread IDs ................................................................. 111
9.1.5 Terminating a Process ................................................................... 112
9.1.6 User and Group IDs....................................................................... 113
9.1.7 More About Priorities .................................................................... 113
9.2 Process metrics and Process Control .................................................... 114
9.2.1 Load Averages .............................................................................. 114
9.2.2 Interpreting Load Averages ........................................................... 115
9.2.3 Background and Foreground Processes ......................................... 116
9.2.4 Managing Jobs .............................................................................. 117
9.3 Listing Process: ps and top ................................................................... 119
9.3.1 The ps Command (System V Style)............................................... 119
9.3.2 The ps Command (BSD Style) ...................................................... 120
9.3.3 The Process Tree ........................................................................... 121
9.3.4 top ................................................................................................. 121
9.3.5 First Line of the top Output ........................................................... 122
9.3.6 Second Line of the top Output ....................................................... 123
9.3.7 Third Line of the top Output.......................................................... 124
9.3.8 Fourth and Fifth Lines of the top Output ....................................... 124
9.3.10 Process List of the top Output...................................................... 125
9.3.11 Interactive Keys with top ............................................................. 125
9.4 Scheduling Future Processes Using at .................................................. 126
9.5 cron ...................................................................................................... 126
9.6 sleep ..................................................................................................... 127
Chương 10. File Operations ........................................................................... 131
10.1 Filesystems ........................................................................................ 131
10.1.1 Introduction to Filesystem ........................................................... 131
10.1.2 Filesystem Varieties .................................................................... 132
10.1.3 Linux Partitions ........................................................................... 133
10.1.4 Mount Points ............................................................................... 133
10.1.5 Mounting and Unmounting ......................................................... 134
10.1.6 NFS and Network Filesystems .................................................... 135
10.1.7 NFS on the Server ....................................................................... 136
10.1.8 NFS on the Client ........................................................................ 137
10.2 FileSystem Architecture ..................................................................... 139
10.2.1 Overview of User Home Directories ........................................... 139
10.2.2 The /bin and /sbin Directories...................................................... 140
10.2.3 /bin Directory .............................................................................. 141
10.2.4 /sbin Directory............................................................................. 141
10.2.5 The /proc Filesystem ................................................................... 142
10.2.6 The /dev Directory ...................................................................... 143
10.2.7 The /var Directory ....................................................................... 144
10.2.8 The /var Directory ....................................................................... 145
10.2.9 The /etc Directory........................................................................ 145
10.2.10 The /boot Directory ................................................................... 146
10.2.11 The /lib and /lib64 Directories ................................................... 147
10.3 Removable media: the /media, /run and /mnt Directories ................... 148
10.4 Additional Directories Under /: .......................................................... 149
10.4.1 The /usr Directory Tree ............................................................... 150
10.5 Comparing Files with diff .................................................................. 151
10.5.1 Using diff3 and patch .................................................................. 151
10.5.2 Using diff3 .................................................................................. 152
10.5.3 Using patch ................................................................................. 153
10.5.4 Using the file Utility .................................................................... 153
10.6 Backing Up and Compressing Data .................................................... 155
10.6.1 Backing Up Data ......................................................................... 155
10.6.2 Using rsync ................................................................................. 156
10.6.3 Compressing Data ....................................................................... 157
10.6.4 Compressing Data Using gzip ..................................................... 158
10.6.5 Compressing Data Using bzip2 ................................................... 158
10.6.5 Compressing Data Using xz ........................................................ 158
10.6.6 Archiving and Compressing Data Using tar................................. 159
10.6.7 Relative Compression Times and Sizes ....................................... 160
10.7 Disk-to-Disk Copying (dd) ................................................................. 161
10.8 Archiving (Backing Up) the Home Directory ..................................... 162
Chapter 14. Network Operations .................................................................... 164
14.1 Introduction to Networking ................................................................ 164
14.2 IP Addresses ...................................................................................... 165
14.3 IPv4 and IPv6..................................................................................... 165
14.4 Decoding IPv4 Addresses .................................................................. 166
14.4.1 Class A Network Addresses ........................................................ 167
14.4.2 Class B Network Addresses......................................................... 168
14.4.3 Class C Network Addresses......................................................... 169
14.4.4 IP Address Allocation.................................................................. 169
14.5 Name Resolution ................................................................................ 170
14.6 Network Configuration Files .............................................................. 171
14.7 Network Interfaces ............................................................................. 172
14.8 The ip Utility...................................................................................... 172
14.9 ping .................................................................................................... 173
14. 10 route ................................................................................................ 174
traceroute ....................................................................................................... 175
Transfering Files ............................................................................................ 176
FTP (File Transfer Protocol) .......................................................................... 176
FTP Clients .................................................................................................... 177
SSH: Executing Commands Remotely ........................................................... 178
Copying Files Securely with scp .................................................................... 179
Lab 14.1: Network Troubleshooting .............................................................. 179
Lab: Network Troubleshooting ................................................................... 180
Chapter 18. Local Security............................................................................. 188
User Accounts................................................................................................ 188
Types of Accounts ......................................................................................... 189
Understanding the root Account..................................................................... 191
Operations Requiring root Privileges ............................................................. 191
Operations Not Requiring root Privileges ...................................................... 192
Comparing sudo and su .................................................................................. 193
sudo Features ................................................................................................. 193
The sudoers File............................................................................................. 194
Command Logging ........................................................................................ 195
Process Isolation ............................................................................................ 196
Hardware Device Access ............................................................................... 197
Keeping Current ............................................................................................ 198
Lab 18.1: sudo ............................................................................................... 199
How Passwords Are Stored ............................................................................ 200
Password Algorithm ...................................................................................... 201
Good Password Practices ............................................................................... 202
Lab 18.2: Password Aging ............................................................................. 203
Lab Solution: Password Aging ....................................................................... 203
Note: The example solution works in the US. chage -E uses the default date
format for the local keyboard setting. ......................................................... 203
Requiring Boot Loader Passwords ................................................................. 203
Hardware Vulnerability ................................................................................. 204
Software Vulnerability ................................................................................... 205
Chương 1. HĐH Linux
Nội dung
By the end of this chapter, you should be able to:
 Discuss the role of The Linux Foundation.

 Appreciate the learning opportunities provided by The Linux Foundation's
training program.
 Describe the software environment required for this course.
 Describe the three major Linux distribution families.
1.1 Linux Foundation
1.1.1 About The Linux Foundation
The Linux Foundation provides a neutral, trusted hub for developers to code,
manage, and scale open technology projects. Founded in 2000, The Linux
Foundation is supported by more than 1,000 members and is the world’s leading
home for collaboration on open source software, open standards, open data and
open hardware. The Linux Foundation’s methodology focuses on leveraging best
practices and addressing the needs of contributors, users and solution providers
to create sustainable models for open collaboration.
The Linux Foundation hosts Linux, the world's largest and most pervasive open
source software project in history. It is also home to Linux creator Linus Torvalds
and lead maintainer Greg Kroah-Hartman. The success of Linux has catalyzed
growth in the open source community, demonstrating the commercial efficacy of
open source and inspiring countless new projects across all industries and levels
of the technology stack.
As a result, the Linux Foundation today hosts far more than Linux; it is the
umbrella for many critical open source projects that power corporations today,
spanning virtually all industry sectors. Some of the technologies we focus on
include big data and analytics, networking, embedded systems and IoT, web
tools, cloud computing, edge computing, automotive, security, blockchain, and
many more.
1.1.2 The Linux Foundation Training
Although we believe in individual initiative and creativity, learning Linux and
open source technologies need not be intimidating. You can leverage the power
of collaboration to jump start your learning. Our classes build the critical skills
that individuals and organizations need to get the most out of Linux and open
source technologies and continue with self-directed learning.
The Linux Foundation offers several types of training:
 Classroom
 Online
 On-Site
 Events-based.
1.1.3 Training That Builds Skills
The Linux Foundation training is for the community and is designed by members
of the community. To get more information about specific courses offered
by The Linux Foundation visit our catalogue:
 System Administration courses

 Cloud & Containers courses
 Networking courses
 Blockchain courses
 Linux Kernel Development courses
 IoT & Embedded Development courses
 System Engineering courses
 DevOps & Site Reliability courses
 Open Source Best Practice courses
 AI/Machine Learning courses.
The Linux Foundation training is distribution-flexible, technically advanced, and

created with the actual leaders of the open source development community
themselves. Most courses are more than 50% focused on hands-on labs and
activities to build real world skills.
1.1.4 The Linux Foundation Events

Over 85,000 open source technologists and leaders worldwide gather at Linux
Foundation events annually to share ideas, learn and collaborate. Linux
Foundation events are the meeting place of choice for open source maintainers,
developers, architects, infrastructure managers, and sysadmins and technologists
leading open source program offices, and other critical leadership functions.
These events are the best place to gain visibility within the open source
community quickly and advance open source development work by forming
connections with the people evaluating and creating the next generation of
technology. They provide a forum to share and gain knowledge, help
organizations identify software trends early to inform future technology
investments, connect employers with talent, and showcase technologies and
services to influential open source professionals, media, and analysts around the
globe.
The Linux Foundation hosts an increasing number of events each year, including:
 Open Source Summit North America, Europe, and Japan

 Embedded Linux Conference North America and Europe
 Open Networking & Edge Summit
 KubeCon + CloudNativeCon North America, Europe, and China
 Automotive Linux Summit
 KVM Forum
 Linux Storage Filesystem and Memory Management Summit
 Linux Security Summit North America and Europe
 Linux Kernel Maintainer Summit
 The Linux Foundation Member Summit
 Open Compliance Summit
 And many more.
To learn more about The Linux Foundation events and to register, click here.
1.2 Course Software Requirements

In order to fully benefit from this course, you will need to have at least one
Linux distribution installed (if you are not already familiar with the term
distribution, as it relates to Linux, you soon will be!).
On the next page, you will learn some more details about the many available
Linux distributions and the families they can be considered to belong to. Because
there are literally hundreds of distributions, we have not covered them all in this
course. Instead, we have decided to focus on the three major distribution families,
and we have chosen distributions from within each family to use for illustrations,
examples, and exercises. This is not meant to suggest that we endorse these
specific distributions; they were simply chosen because they are fairly widely
used and each is broadly representative of its respective family.
The families and representative distributions we are using are:

 Red Hat Family Systems (including CentOS and Fedora)
 SUSE Family Systems (including openSUSE)
 Debian Family Systems (including Ubuntu and Linux Mint).
Ubuntu, CentOS, and openSUSE Desktops
1.2.1 Focus on Three Major Linux Distribution Families

In the next chapter, you will learn about the components that make up a Linux
distribution.
For now, what you need to know is that this course focuses on the three major
Linux distribution families that currently exist. However, as long as there are
talented contributors, the families of distributions and the distributions within
these families will continue to change and grow. People see a need, and develop
special configurations and utilities to respond to that need. Sometimes that effort
creates a whole new distribution of Linux. Sometimes, that effort will leverage
an existing distribution to expand the members of an existing family.
For a rather long list of available distributions, see The LWN.net Linux
Distribution List.
1.2.2 The Linux Kernel Distribution Families and Individual Distributions
Red Hat Enterprise Linux (RHEL) heads the family that
includes CentOS, CentOS Stream, Fedora and Oracle Linux.
Fedora has a close relationship with RHEL and contains significantly more
software than Red Hat's enterprise version. One reason for this is that a diverse
community is involved in building Fedora, with many contributors who do not
work for Red Hat. Furthermore, it is used as a testing platform for future RHEL
releases.
1.2.3 The Red Hat Family
We will use CentOS Stream and CentOS more often for activities,
demonstrations, and labs because there is no cost to the end user, and there is a
longer release cycle than for Fedora (which releases a new version every six
months or so).
The basic version of CentOS is also virtually identical to RHEL, the most popular
Linux distribution in enterprise environments. However, CentOS 8 has no
scheduled updates after 2021. The replacement is CentOS 8 Stream. The
difference between the two versions is CentOS Stream gets
updates before RHEL, while CentOS gets them after. For most purposes this
matters very little and not at all for this course. While there are alternatives to
CentOS Stream that look more like the older CentOS, for this course we find
CentOS 8 Stream to works just fine. From time to time you will see examples and
screenshots from CentOS 7 that have not been changed as they would be invariant
in newer distribution versions.
Some of the key facts about the Red Hat distribution family are:
 Fedora serves as an upstream testing platform for RHEL.

 CentOS is a close clone of RHEL, while Oracle Linux is mostly a copy with some
changes (in fact, CentOS has been part of Red Hat since 2014).
 A heavily patched version 3.10 kernel is used in RHEL/CentOS 7, while version
4.18 is used in RHEL/CentOS 8.
 It supports hardware platforms such as Intel x86, Arm, Itanium, PowerPC, and
IBM System z.
 It uses the yum and dnf RPM-based yum package managers (covered in detail
later) to install, update, and remove packages in the system.
 RHEL is widely used by enterprises which host their own systems.
1.2.4 The SUSE Family
The relationship between SUSE (SUSE Linux Enterprise Server, or
SLES) and openSUSE is similar to the one described between
RHEL, CentOS, and Fedora.
We use openSUSE as the reference distribution for the SUSE family, as it is
available to end users at no cost. Because the two products are extremely similar,
the material that covers openSUSE can typically be applied to SLES with few
problems.
Key Facts About the SUSE Family

Some of the key facts about the SUSE family are listed below:
 SUSE Linux Enterprise Server (SLES) is upstream for openSUSE.

 Kernel version 4.12 is used in openSUSE Leap 15.
 It uses the RPM-based zypper package manager (we cover it in detail later) to
install, update, and remove packages in the system.
 It includes the YaST (Yet Another Setup Tool) application for system
administration purposes.
 SLES is widely used in retail and many other sectors.
1.2.5 The Debian Family
The Debian distribution is upstream for several other distributions, including
Ubuntu. In turn, Ubuntu is upstream for Linux Mint and a number of other
distributions. It is commonly used on both servers and desktop computers. Debian
is a pure open source community project (not owned by any corporation) and has
a strong focus on stability.
Debian provides by far the largest and most complete software repository to its
users of any Linux distribution.
Ubuntu aims at providing a good compromise between long term stability and
ease of use. Since Ubuntu gets most of its packages from Debian’s stable branch,
it also has access to a very large software repository. For those reasons, we will
use Ubuntu LTS (Long Term Support) as the reference to Debian
family distributions for this course.
Key Facts About the Debian Family

Some key facts about the Debian family are listed below:
 The Debian family is upstream for Ubuntu, and Ubuntu is upstream for Linux
Mint and others.
 Kernel version 5.8 is used in Ubuntu 20.04 LTS.
 It uses the DPKG-based APT package manager (using apt, apt-get, apt-cache,
etc., which we cover in detail later) to install, update, and remove packages in the
system.
 Ubuntu has been widely used for cloud deployments.
 While Ubuntu is built on top of Debian and is GNOME-based under the hood, it
differs visually from the interface on standard Debian, as well as other
distributions.
Chương 2. Giới thiệu HĐH Linux
Mục tiêu
 Discuss the history and philosophy of Linux.

 Describe the Linux community.
 Define the common terms associated with Linux.
 Discuss the components of a Linux distribution.
2.1 Linux History
Linux is an open source computer operating system, initially developed on and
for Intel x86-based personal computers. It has been subsequently ported to an
astoundingly long list of other hardware platforms, from tiny embedded
appliances to the world's largest supercomputers.
In this section, we follow the surprising history of how Linux evolved from a
project of one Finnish college student, into a massive effort with an enormous
impact on today's world.
Linus Torvalds was a student in Helsinki, Finland, in 1991, when he started a

project: writing his own operating system kernel. He also collected together
and/or developed the other essential ingredients required to construct an
entire operating system with his kernel at the center. It wasn't long before this
became known as the Linux kernel.
In 1992, Linux was re-licensed using the General Public License (GPL)
by GNU (a project of the Free Software Foundation or FSF, which promotes
freely available software), which made it possible to build a worldwide
community of developers. By combining the kernel with other system
components from the GNU project, numerous other developers created complete
systems called Linux distributions in the mid-90’s.
More About Linux History

The Linux distributions created in the mid-90s provided the basis for fully free
(in the sense of freedom, not zero cost) computing and became a driving force in
the open source software movement. In 1998, major companies like IBM and
Oracle announced their support for the Linux platform and began major
development efforts as well.
Today, Linux powers more than half of the servers on the Internet, the majority
of smartphones (via the Android system, which is built on top of Linux), more
than 90 percent of the public cloud workload, and all of the world’s most powerful
supercomputers.
2.2 Linux Philosophy

Every successful project or organization needs an implicit or explicit philosophy
that frames its objectives and projects its growth path. This section contains a
description of the "Linux philosophy" and how it has impacted Linux's amazing
evolution.
Linux is constantly enhanced and maintained by a network of developers from all

over the world collaborating over the Internet, with Linus Torvalds at the head.
Technical skill, a desire to contribute, and the ability to collaborate with others
are the only qualifications for participating.
Linux borrows heavily from the well-established UNIX operating system. It was
written to be a free and open source system to be used in place of UNIX, which
at the time was designed for computers much more powerful than PCs and was
quite expensive. Files are stored in a hierarchical filesystem, with the top node of
the system being the root or simply "/". Whenever possible, Linux makes its
components available via files or objects that look like files. Processes, devices,
and network sockets are all represented by file-like objects, and can often be
worked with using the same utilities used for regular files. Linux is a fully
multitasking (i.e. multiple threads of execution are performed simultaneously),
multiuser operating system, with built-in networking and service processes
known as daemons in the UNIX world.
NOTE: Linux was inspired by UNIX, but it is not UNIX.
2.3 Linux Community

Suppose that, as part of your job, you need to configure a Linux file server, and
you run into some difficulties. If you are not able to figure out the answer yourself
or get help from a co-worker, the Linux community might just save the day!
There are many ways to engage with the Linux community:
 Post queries on relevant discussion forums.

 Subscribe to discussion threads.
 Join local Linux groups that meet in your area.
The Linux community is a far-reaching ecosystem consisting of developers,
system administrators, users and vendors who use many different forums to
connect with one another. Among the most popular are:
 Internet Relay Chat (IRC) software (such as WeeChat, HexChat, Pidgin and
XChat)
 Online communities and discussion boards including Linux User Groups (both
local and online)
 Many collaborative projects hosted on services such as GitHub and GitLab
 Newsgroups and mailing lists, including the Linux Kernel Mailing List
 Community events, e.g. Hackathons, Install Fests, Open Source Summits and
Embedded Linux Conferences.
A portal to one of the most powerful online user communities can be found
at linux.com. This site is hosted by The Linux Foundation and serves over one
million unique visitors every month. It has active sections on:
 News
 Community discussion threads
 Free tutorials and user tips.
We will refer several times in this course to relevant articles or tutorials on this
site.
2.4 Linux Terminology

When you start exploring Linux, you will soon come across some terms which
may be unfamiliar, such as distribution, boot loader, desktop environment, etc.
Before we proceed further, let's stop and take a look at some basic terminology
used in Linux to help you get up to speed.
2.5 Linux Distributions

Suppose you have been assigned to a project building a product for a Linux
platform. Project requirements include making sure the project works properly
on the most widely used Linux distributions. To accomplish this, you need to
learn about the different components, services, and configurations associated with
each distribution. We are about to look at how you would go about doing exactly
that.
So, what is a Linux distribution and how does it relate to the Linux kernel?
The Linux kernel is the core of the operating system. A full Linux distribution
consists of the kernel plus a number of other software tools for file-related
operations, user management, and software package management. Each of these
tools provides a part of the complete system. Each tool is often its own separate
project, with its own developers working to perfect that piece of the system.
While the most recent Linux kernel (and earlier versions) can always be found
in The Linux Kernel Archives, Linux distributions may be based on different
kernel versions. For example, the very popular RHEL 8 distribution is based on
the 4.18 kernel, which is not new, but is extremely stable. Other distributions may
move more quickly in adopting the latest kernel releases. It is important to note
that the kernel is not an all or nothing proposition, for example, RHEL/CentOS
have incorporated many of the more recent kernel improvements into their older
versions, as have Ubuntu, openSUSE, SLES, etc.
Examples of other essential tools and ingredients provided by distributions

include the C/C++ and Clang compilers, the gdb debugger, the core system
libraries applications need to link with in order to run, the low-level interface for
drawing graphics on the screen, as well as the higher-level desktop environment,
and the system for installing and updating the various components, including the
kernel itself. And all distributions come with a rather complete suite of
applications already installed.
Distribution Roles
2.5.1 Services Associated with Distributions
The vast variety of Linux distributions are designed to cater to many different
audiences and organizations, according to their specific needs and tastes.
However, large organizations, such as companies and governmental institutions
and other entities, tend to choose the major commercially-supported distributions
from Red Hat, SUSE, and Canonical (Ubuntu).
CentOS and CentOS Stream are popular free (as in no cost) alternatives to Red
Hat Enterprise Linux (RHEL) and are often used by organizations that are
comfortable operating without paid technical support. Ubuntu and Fedora are
widely used by developers and are also popular in the educational realm.
Scientific Linux is favored by the scientific research community for its
compatibility with scientific and mathematical software packages.
Both CentOS variants are binary-compatible with RHEL; i.e. in most cases,
binary software packages will install properly across the distributions.
Note that CentOS is planned to disappear at the end of 2021 in favor of CentOS
Stream. However, there are at least two new RHEL-derived substitutes: Alma
Linux and Rocky Linux which are establishing a foothold.
Many commercial distributors, including Red Hat, Ubuntu, SUSE, and Oracle,
provide long term fee-based support for their distributions, as well as hardware
and software certification. All major distributors provide update services for
keeping your system primed with the latest security and bug fixes, and
performance enhancements, as well as provide online support resources.
Services Associated with Distributions

Chương 3. Linux Basic and System Startup
Mục tiêu
 Identify Linux filesystems.

 Identify the differences between partitions and
filesystems.
 Describe the boot process.
 Install Linux on a computer.
3.2 Tiến trình khởi động HĐH LINUX
3.2.1 The Boot Process
The Linux boot process is the procedure for
initializing the system. It consists of everything
that happens from when the computer power is
first switched on until the user interface is fully
operational.
Having a good understanding of the steps in the

boot process may help you with troubleshooting
problems, as well as with tailoring the computer's
performance to your needs.
On the other hand, the boot process can be rather

technical, and you can start using Linux without
knowing all the details.
NOTE: You may want to come back and study

this section later, if you want to first get a good
feel for how to use a Linux system.
3.2.2 BIOS - The First Step

Starting an x86-based Linux system involves a
number of steps. When the computer is powered on,
the Basic Input/Output System (BIOS) initializes the hardware, including the
screen and keyboard, and tests the main memory. This process is also
called POST (Power On Self Test).
BIOS
The BIOS software is stored on a ROM chip on the motherboard. After this, the
remainder of the boot process is controlled by the operating system (OS).
3.2.3 Master Boot Record (MBR) and Boot Loader

Once the POST is completed, the system control passes from the BIOS to
the boot loader. The boot loader is usually stored on one of the hard disks in the
system, either in the boot sector (for traditional BIOS/MBR systems) or
the EFI partition (for more recent (Unified) Extensible Firmware Interface
or EFI/UEFI systems). Up to this stage, the machine does not access any mass
storage media. Thereafter, information on date, time, and the most important
peripherals are loaded from the CMOS values (after a technology used for the
battery-powered memory store which allows the system to keep track of the date
and time even when it is powered off).
A number of boot loaders exist for Linux; the most common ones
are GRUB (for GRand Unified Boot loader), ISOLINUX (for booting from
removable media), and DAS U-Boot (for booting on embedded
devices/appliances). Most Linux boot loaders can present a user interface for
choosing alternative options for booting Linux, and even other operating systems
that might be installed. When booting Linux, the boot loader is responsible for
loading the kernel image and the initial RAM disk or filesystem (which contains
some critical files and device drivers needed to start the system) into memory.
Master Boot Record
3.2.4 Boot Loader in Action

The boot loader has two distinct stages:
For systems using the BIOS/MBR method, the boot loader resides at the first
sector of the hard disk, also known as
the Master Boot Record (MBR). The
size of the MBR is just 512 bytes. In this
stage, the boot loader examines
the partition table and finds a bootable
partition. Once it finds a bootable
partition, it then searches for the second
stage boot loader, for example GRUB,
and loads it into RAM (Random Access
Memory). For systems using the
EFI/UEFI method, UEFI firmware
reads its Boot Manager data to
determine which UEFI application is to
be launched and from where (i.e. from
which disk and partition the EFI
partition can be found). The firmware
then launches the UEFI application, for
example GRUB, as defined in the boot
entry in the firmware's boot manager.
This procedure is more complicated, but
more versatile than the older MBR
methods.
The second stage boot loader resides under /boot. A splash screen is displayed,
which allows us to choose which operating system (OS) to boot. After choosing
the OS, the boot loader loads the kernel of the selected operating system into
RAM and passes control to it. Kernels are almost always compressed, so its first
job is to uncompress itself. After this, it will check and analyze the system
hardware and initialize any hardware device drivers built into the kernel.
3.2.5 Initial RAM Disk

The initramfs filesystem image contains programs and binary files that perform
all actions needed to mount the proper root filesystem, like providing kernel
functionality for the needed filesystem and device drivers for mass storage
controllers with a facility called udev (for user device), which is responsible for
figuring out which devices are present, locating the device drivers they need to
operate properly, and loading them. After the root filesystem has been found, it
is checked for errors and mounted.
The mount program instructs the operating system that a filesystem is ready for
use, and associates it with a particular point in the overall hierarchy of the
filesystem (the mount point). If this is successful, the initramfs is cleared from
RAM and the init program on the root filesystem (/sbin/init) is executed.
init handles the mounting and pivoting over to the final real root filesystem. If
special hardware drivers are needed before the mass storage can be accessed, they
must be in the initramfs image.
The Initial RAM Disk

3.2.6 Text-Mode Login
Near the end of the boot process, init starts a number of text-mode login prompts.
These enable you to type your username, followed by your password, and to
eventually get a command shell. However, if you are
running a system with a graphical login interface, you
will not see these at first.
As you will learn in Chapter 7: Command Line

Operations, the terminals which run the command
shells can be accessed using the ALT key plus
a function key. Most distributions start six
text terminals and one graphics terminal
starting with F1 or F2. Within a graphical environment,
switching to a text console requires pressing CTRL-
ALT + the appropriate function key
(with F7 or F1 leading to the GUI).
Text-Mode Logins
Usually, the default command shell is bash (the GNU Bourne Again Shell), but
there are a number of other advanced command shells available. The shell prints
a text prompt, indicating it is ready to accept commands; after the user types the
command and presses Enter, the command is executed, and another prompt is
displayed after the command is done.
3.2.7 The Linux Kernel

The boot loader loads both the kernel and an initial RAM–based file system
(initramfs) into memory, so it can be used directly by the kernel.
The Linux Kernel

When the kernel is loaded in RAM, it immediately initializes and configures the
computer’s memory and also configures all the hardware attached to the system.
This includes all processors, I/O subsystems, storage devices, etc. The kernel also
loads some necessary user space applications.
3.2.8 /sbin/init and Services

Once the kernel has set up all its hardware and mounted the root filesystem, the
kernel runs /sbin/init. This then becomes the initial process, which then starts
other processes to get the system running. Most other processes on the system
trace their origin ultimately to init; exceptions include the so-called kernel
processes. These are started by the kernel directly, and their job is to manage
internal operating system details.
Besides starting the system, init is responsible for keeping the system running
and for shutting it down cleanly. One of its responsibilities is to act when
necessary as a manager for all non-kernel processes; it cleans up after them upon
completion, and restarts user login services as needed when users log in and out,
and does the same for other background system services.
/sbin/init and Services
Traditionally, this process startup was done using conventions that date back to
the 1980s and the System V variety of UNIX. This serial process had the system
passing through a sequence of runlevels containing collections of scripts that
start and stop services. Each runlevel supported a different mode of running the
system. Within each runlevel, individual services could be set to run, or to be shut
down if running.
However, all major distributions have moved away from this sequential runlevel
method of system initialization, although they usually emulate many System V
utilities for compatibility purposes. Next, we discuss the new methods, of
which systemd has become dominant.
3.3 Một số phương thức khởi động khác

SysVinit viewed things as a serial process, divided into a series of sequential
stages. Each stage required completion before the next could proceed. Thus,
startup did not easily take advantage of the parallel processing that could be done
on multiple processors or cores.
Furthermore, shutdown and reboot was seen as a relatively rare event; exactly
how long it took was not considered important. This is no longer true, especially
with mobile devices and embedded Linux systems. Some modern methods, such
as the use of containers, can require almost instantaneous startup times. Thus,
systems now require methods with faster and enhanced capabilities. Finally, the
older methods required rather complicated startup scripts, which were difficult to
keep universal across distribution versions, kernel versions, architectures, and
types of systems. The two main alternatives developed were:
3.3.1 Upstart
 Developed by Ubuntu and first included in 2006

 Adopted in Fedora 9 (in 2008) and in RHEL 6 and its clones
3.3.2 systemd
 Adopted by Fedora first (in 2011)

 Adopted by RHEL 7 and SUSE
 Replaced Upstart in Ubuntu 16.04
While the migration to systemd was rather controversial, it has been adopted by
all major distributions, and so we will not discuss the older System V method
or Upstart, which has become a dead end. Regardless of how one feels about the
controversies or the technical methods of systemd, almost universal adoption has
made learning how to work on Linux systems simpler, as there are fewer
differences among distributions. We enumerate systemd features next.
3.3.3 systemd Features

Systems with systemd start up faster than those with earlier init methods. This is
largely because it replaces a serialized set of steps with aggressive parallelization
techniques, which permits multiple services to be initiated simultaneously.
Complicated startup shell scripts are replaced with simpler configuration files,
which enumerate what has to be done before a service is started, how to execute
service startup, and what conditions the service should indicate have been
accomplished when startup is finished. One thing to note is that /sbin/init now
just points to /lib/systemd/systemd; i.e. systemd takes over the init process.
One systemd command (systemctl) is used for most basic tasks. While we have
not yet talked about working at the command line, here is a brief listing of its use:
 Starting, stopping, restarting a service (using httpd, the Apache web server, as an
example) on a currently running system:
$ sudo systemctl start|stop|restart httpd.service
 Enabling or disabling a system service from starting up at system boot:
$ sudo systemctl enable|disable httpd.service
In most cases, the .service can be omitted. There are many technical differences
with older methods that lie beyond the scope of our discussion.
3.4 Linux Filesystems

Think of a refrigerator that has multiple shelves that can be used for storing
various items. These shelves help you organize the grocery items by shape, size,
type, etc. The same concept applies to a filesystem, which is the embodiment of
a method of storing and organizing arbitrary collections of data in a human-usable
form.
Different types of filesystems supported by Linux:
 Conventional disk filesystems: ext3, ext4, XFS, Btrfs, JFS, NTFS, vfat, exfat,
etc.
 Flash storage filesystems: ubifs, jffs2, yaffs, etc.
 Database filesystems
 Special purpose filesystems: procfs, sysfs, tmpfs, squashfs, debugfs, fuse, etc.
This section will describe the standard filesystem layout shared by most Linux
distributions.
3.4.1 Phân vùng và hệ thống tập tin Partitions and Filesystems
A partition is a physically contiguous section of a disk, or what appears to be so
in some advanced setups.
A filesystem is a method of storing/finding files on a hard disk (usually in a

partition).
One can think of a partition as a container in which a filesystem resides, although

in some circumstances, a filesystem can span more than one partition if one uses
symbolic links, which we will discuss much later.
A comparison between filesystems in Windows and Linux is given in the

accompanying table:
Windows Linux
Partition Disk1 /dev/sda1
Filesystem Type NTFS/VFAT EXT3/EXT4/XFS/BTRFS...
Mounting Parameters DriveLetter MountPoint
Base Folder (where C:\ /

OS is stored)
3.4.2 The Filesystem Hierarchy Standard
Linux systems store their important files according to a standard layout called
the Filesystem Hierarchy Standard (FHS), which has long been maintained by
the Linux Foundation. For more information, take a look at the following
document: "Filesystem Hierarchy Standard" created by LSB Workgroup.
Having a standard is designed to ensure that users, administrators, and developers
can move between distributions without having to re-learn how the system is
organized.
Linux uses the ‘/’ character to separate paths (unlike Windows, which uses ‘\’),
and does not have drive letters. Multiple drives and/or partitions are mounted as
directories in the single filesystem. Removable media such as USB drives and
CDs and DVDs will show up as mounted
at /run/media/yourusername/disklabel for recent Linux systems, or
under /media for older distributions. For example, if your username is student a
USB pen drive labeled FEDORA might end up being found
at /run/media/student/FEDORA, and a file README.txt on that disc would
be at /run/media/student/FEDORA/README.txt.
The Filesystem Hierarchy Standard

3.4.3 More About the Filesystem Hierarchy Standard
All Linux filesystem names are case-sensitive, so /boot, /Boot,

and /BOOT represent three different directories (or folders). Many distributions
distinguish between core utilities needed for proper system operation and other
programs, and place the latter in directories under /usr (think user). To get a sense
for how the other programs are organized, find the /usr directory in the
diagram from the previous page and compare the subdirectories with those that
exist directly under the system root directory (/).
3.5 Choosing a Linux Distribution

Suppose you intend to buy a new car. What factors do you need to consider to
make a proper choice? Requirements which need to be taken into account include
the size needed to fit your family in the vehicle, the type of engine and gas
economy, your expected budget and available financing options, reliability record
and after-sales services, etc.
Similarly, determining which distribution to deploy also requires planning. The

figure shows some, but not all choices. Note that many embedded Linux systems
use custom crafted contents, rather than Android or Yocto.
Choosing a Linux Distribution
3.5.1 Tiêu chí lựa chọn ấn bản

Some questions worth thinking about before deciding on a distribution include:
 What is the main function of the system (server or desktop)?

 What types of packages are important to the organization? For example, web
server, word processing, etc.
 How much hard disk space is required and how much is available? For example,
when installing Linux on an embedded device, space is usually constrained.
 How often are packages updated?
 How long is the support cycle for each release? For example, LTS releases have
long-term support.
 Do you need kernel customization from the vendor or a third party?
 What hardware are you running on? For example, it might be X86, ARM, PPC,
etc.
 Do you need long-term stability? Can you accept (or need) a more volatile cutting
edge system running the latest software?
3.5.2 Linux Installation: Planning
The partition layout needs to be decided at the time of installation; it can be
difficult to changer later. While Linux systems handle multiple partitions by
mounting them at specific points in the filesystem, and you can always modify
the design later, it is always easier to try and get it right to begin with.
Partitions in the Linux Hard Disk
Nearly all installers provide a reasonable default layout, with either all space
dedicated to normal files on one big partition and a smaller swap partition, or with
separate partitions for some space-sensitive areas like /home and /var. You may
need to override the defaults and do something different if you have special needs,
or if you want to use more than one disk.
3.5.3 Linux Installation: Software Choices

All installations include the bare minimum software for running a Linux
distribution.
Most installers also provide options for adding categories of software. Common
applications (such as the Firefox web browser and LibreOffice office suite),
developer tools (like the vi and emacs text editors, which we will explore later in
this course), and other popular services, (such as the Apache web server tools or
MySQL database) are usually included. In addition, for any system with a
graphical desktop, a chosen desktop (such as GNOME or KDE) is installed by
default.
All installers set up some initial security features on the new system. One basic
step consists of setting the password for the superuser (root) and setting up an
initial user. In some cases (such as Ubuntu), only an initial user is set up; direct
root login is not configured and root access requires logging in first as a normal
user and then using sudo, as we will describe later. Some distributions will also
install more advanced security frameworks, such as SELinux or AppArmor. For
example, all Red Hat-based systems including Fedora and CentOS always
use SELinux by default, and Ubuntu comes with AppArmor up and running.
Linux Installation Software Choices
3.5.4 Linux Installation: Install Source

Like other operating systems, Linux distributions are provided on removable
media such as USB drives and CDs or DVDs. Most Linux distributions also
support booting a small image and downloading the rest of the system over the
network. These small images are usable on media, or as network boot images, in
which case it is possible to perform an install without using any local media.
Many installers can do an installation completely automatically, using a

configuration file to specify installation options. This file is called a Kickstart file
for Red Hat-based systems, an AutoYAST profile for SUSE-based systems, and
a Preseed file for Debian-based systems.
Each distribution provides its own documentation and tools for creating and
managing these files.
3.5.5 Linux Installation: The Process
The actual installation process is pretty similar for all distributions.
After booting from the installation media, the installer starts and asks questions
about how the system should be set up. These questions are skipped if an
automatic installation file is provided. Then, the installation is performed.
Finally, the computer reboots into the newly-installed system. On some

distributions, additional questions are asked after the system reboots.
Most installers have the option of downloading and installing updates as part of
the installation process; this requires Internet access. Otherwise, the system uses
its normal update mechanism to retrieve those updates after the installation is
done.
NOTE: We will be demonstrating the installation process in each of the three

Linux distribution families we cover in this course. You can view a demonstration
for the distribution type of your choice.
3.5.6 Linux Installation: The Warning

IMPORTANT!
The demonstrations show how to install Linux directly on your machine, erasing
everything that was there. While the demonstrations will not alter your
computer, following these procedures in real life will erase all current data.
The Linux Foundation has a document: "Preparing Your Computer for Linux
Training" (see below) that describes alternate methods of installing Linux
without over-writing existing data. You may want to consult it, if you need to
preserve the information on your hard disk.
These alternate methods are:
1. Re-partitioning your hard disk to free up enough room to permit dual boot (side-
by-side) installation of Linux, along with your present operating system.
2. Using a host machine hypervisor program (such as VMWare's products or Oracle
Virtual Box) to install a client Linux Virtual Machine.
3. Booting off of and using a Live CD or USB stick and not writing to the hard disk
at all.
The first method is sometimes complicated and should be done when your
confidence is high and you understand the steps involved. The second and third
methods are quite safe and make it difficult to damage your system.
Tổng kết chương 3

You have completed Chapter 3. Let’s summarize the key concepts covered:
 A partition is a logical part of the disk.

 A filesystem is a method of storing/finding files on a hard disk.
 By dividing the hard disk into partitions, data can be grouped and separated as
needed. When a failure or mistake occurs, only the data in the affected partition
will be damaged, while the data on the other partitions will likely survive.
 The boot process has multiple steps, starting with BIOS, which triggers the boot
loader to start up the Linux kernel. From there, the initramfs filesystem is
invoked, which triggers the init program to complete the startup process.
 Determining the appropriate distribution to deploy requires that you match your
specific system needs to the capabilities of the different distributions.
Chương 4. Giao diện đồ họa
Mục tiêu
 Manage graphical interface sessions.

 Perform basic operations using the graphical interface.
 Change the graphical desktop to suit your needs.
4.1 Graphical Desktop
You can use either a Command Line Interface (CLI) or
a Graphical User Interface (GUI) when using Linux. To work at the CLI, you
have to remember which programs and commands are used to perform tasks, and
how to quickly and accurately obtain more information about their use and
options. On the other hand, using the GUI is often quick and easy. It allows you
to interact with your system through graphical icons and screens. For repetitive
tasks, the CLI is often more efficient, while the GUI is easier to navigate if you
do not remember all the details or do something only rarely.
We will learn how to manage sessions using the GUI for the three Linux
distribution families that we cover the most in this course: Red Hat (CentOS,
Fedora), SUSE (openSUSE), and Debian (Ubuntu, Mint). Since we are using
the GNOME-based variant of openSUSE rather than the KDE-based one, all are
actually quite similar. If you are using KDE (or other Linux desktops such as
XFCE), your experience will vary somewhat from what is shown, but not in any
intrinsically difficult way, as user interfaces have converged to certain well-
known behaviors on modern operating systems. In subsequent sections of this
course we will concentrate in great detail on the command line interface, which
is pretty much the same on all distributions.
Ubuntu, CentOS, and openSUSE Desktops
4.2 X Window System

Generally, in a Linux desktop system, the X Window System is loaded as one of
the final steps in the boot process. It is often just called X.
A service called the Display Manager keeps track of the displays being provided
and loads the X server (so-called, because it provides graphical services to
applications, sometimes called X clients). The display manager also handles
graphical logins and starts the appropriate desktop environment after a user logs
in.
X is rather old software; it dates back to the mid 1980s and, as such, has certain
deficiencies on modern systems (for example, with security), as it has been
stretched rather far from its original purposes. A newer system, known
as Wayland, is gradually superseding it and is the default display system for
Fedora, RHEL 8, and other recent distributions. For the most part, it looks just
like X to the user, although under the hood it is quite different.
Display Manager
A desktop environment consists of a session manager, which starts and maintains

the components of the graphical session, and the window manager, which
controls the placement and movement of windows, window title-bars, and
controls.
Although these can be mixed, generally a set of utilities, session manager, and
window manager are used together as a unit, and together provide a seamless
desktop environment.
If the display manager is not started by default in the default runlevel, you can
start the graphical desktop different way, after logging on to a text-mode console,
by running startx from the command line. Or, you can start the display manager
(gdm, lightdm, kdm, xdm, etc.) manually from the command line. This differs
from running startx as the display managers will project a sign in screen. We
discuss them next.
Desktop Environment
4.3 GUI Startup
When you install a desktop environment, the X display manager starts at the end
of the boot process. It is responsible for starting the graphics system, logging in
the user, and starting the user’s desktop environment. You can often select from
a choice of desktop environments when logging in to the system.
The default display manager for GNOME is called gdm. Other popular display
managers include lightdm (used on Ubuntu before version 18.04 LTS)
and kdm (associated with KDE).
4.4.1 GNOME Desktop Environment

GNOME is a popular desktop environment with an easy-to-use graphical user
interface. It is bundled as the default desktop environment for most Linux
distributions, including Red Hat Enterprise Linux (RHEL), Fedora, CentOS,
SUSE Linux Enterprise, Ubuntu and Debian. GNOME has menu-based
navigation and is sometimes an easy transition to accomplish for Windows users.
However, as you will see, the look and feel can be quite different across
distributions, even if they are all using GNOME.
Another common desktop environment very important in the history of Linux and
also widely used is KDE, which has often been used in conjunction with SUSE
and openSUSE. Other alternatives for a desktop environment include Unity
(present on older Ubuntu, but still based on GNOME), XFCE and LXDE. As
previously mentioned, most desktop environments follow a similar structure to
GNOME, and we will restrict ourselves mostly to it to keep things less complex.
Lab 4.1: Customizing the Desktop

Despite the length of this section, we will not do very elaborate step-by-step lab
exercises, because of the diversity of Linux distributions and versions, and
because they each customize their desktops, even if the underlying code base is
the same. Trying to give exact instructions is an exercise in futility; not only are
there many variations, they are susceptible to change every time a new version of
a Linux distribution is released.
For the most part, this is not a problem. Graphical interfaces are designed to be
easy to navigate and figure out, and they really do not vary very much, not only
from one distribution to another, but even between operating systems. So, the
only way you can get more adept at working efficiently on your desktop is to
simply explore, play, and modify. The same points will apply to the next chapter,
on graphical system configuration.
Linux is so customizable that very few people who use it stay with the default
look and feel of the desktop. You may as well get started now in making your
desktop reflect your likes and personality.
 Start by changing the desktop background to something that better suits yours
tastes; perhaps one of the provided backgrounds, a solid color of your choice, or
a personal picture that you can transfer onto your Linux environment.
 Next, select a theme from the available themes for your distribution that, again,
suits your tastes and personality. Have fun and explore with this exercise.
 The easiest way to customize your desktop is to right-click your desktop

which should open a menu. At this point, select Change Desktop
Background or Default Desktop Settings depending upon which
distribution of Linux you are running.
 This will open a window where you can then select available background
pictures, a solid color background, or use a picture of your own that you
Add to your Pictures folder in your home directory.
 To change your theme, you may have noticed a tab in the window where
you changed the background labeled Theme. If it is present, you can click
on this tab and select one of the available themes or click on Customize to
experiment with your own creations.
 However, for GNOME 3, you can no longer do anything this way except
to set the background. Instead you have to run gnome-tweaks (or gnome-
tweak-tool) and then scroll down to Theme or Appearance->Theme.
 Note that many other settings one might expect to actually be in
the Settings menu are now configurable only through gnome-tweaks.
This can cause a lot of hair-pulling until you discover this fact.
4.4.2 Session management

4.4.2.1 Logging In and Out
The next screen shows a demonstration for logging in and out on the major Linux
distribution families we concentrate on in this course. Note that evolution has
brought us to a stage where it little matters which distribution you choose, as they
are all rather similar.
Locking the Screen

It is often a good idea to lock your screen to prevent other people from accessing
your session while you are away from your computer.
NOTE: This does not suspend the computer; all your applications and
processes continue to run while the screen is locked.
There are two ways to lock your screen:
 Using the graphical interface: Clicking in the upper-right corner of the desktop,
and then clicking on the lock icon.
 Using the keyboard shortcut SUPER-L: (The SUPER key is also known as
the Windows key).
The keyboard shortcut for locking the screen can be modified by altering
keyboard settings, the exact prescription varying by distribution, but not hard to
ascertain.
To re-enter the desktop session you just need to provide your password again.
The screenshot below shows how to lock the screen for Ubuntu. The details vary
little in modern distributions.
Locking the Screen for Ubuntu
4.4.2.2 Switching Users

Linux is a true multi-user operating system, which allows more than one user to
be simultaneously logged in. If more than one person uses the system, it is best
for each person to have their own user account and password. This allows for
individualized settings, home directories, and other files. Users can take turns
using the machine, while keeping everyone's sessions alive, or even be logged in
simultaneously through the network.
NOTE: The next screens show a demonstration and Try-It-Yourself activity for
changing users on a Linux system.
4.4.2.3 Shutting Down and Restarting

Besides normal daily starting and stopping of the computer, a system restart may
be required as part of certain major system updates, generally only those
involving installing a new Linux kernel.
Initiating the shutdown process from the graphical desktop is rather trivial on all
current Linux distributions, with very little variation. We will discuss later how
to do this from the command line, using the shutdown command.
In all cases, you click on either a settings (gear) or a power icon and follow the
prompts.
4.4.2.4 Shutting Down and Restarting on GNOME

To shut down the computer in any recent GNOME-based Linux distribution,
perform the following steps:
1. Click either the Power or the Gear icon in the upper-right corner of the screen.
2. Click on Power Off, Restart, or Cancel. If you do nothing, the system will
shutdown in 60 seconds.
Shutdown, reboot, and logout operations will ask for confirmation before going
ahead. This is because many applications will not save their data properly when
terminated this way.
Always save your documents and data before restarting, shutting down, or
logging out.
Shutting Down and Restarting
4.4.2.5 Suspending
All modern computers support Suspend (or Sleep) Mode when you want to stop
using your computer for a while. Suspend Mode saves the current system state
and allows you to resume your session more quickly while remaining on, but uses
very little power in the sleeping state. It works by keeping your system’s
applications, desktop, and so on, in system RAM, but turning off all of the other
hardware. This shortens the time for a full system start-up as well as conserves
battery power. One should note that modern Linux distributions actually boot so
fast that the amount of time saved is often minor.
Suspending the System
To suspend the system, the procedure starts the same as that for shutdown or
locking the screen.
The method is quite simple and universal in most recent GNOME-based

distributions. If you click on the Power icon and hold for a short time and release,
you will get the double line icon displayed below, which you then click to
suspend the system. Some distributions, including Ubuntu, may still show a
separate Suspend icon instead of using the above method.
Suspending the System
NOTE: To wake your system and resume your session, move the mouse or
press any button on the keyboard. The system will wake up with the screen locked,
just as if you had manually locked it; type in your password to resume.
4.6 Basic Operations

Even experienced users can forget the precise command that launches an
application, or exactly what options and arguments it requires. Fortunately, Linux
allows you to quickly open applications using the graphical interface.
Applications are found at different places in Linux (and within GNOME):
 From the Applications menu in the upper-left corner.

 From the Activities menu in the upper-left corner.
 In some Ubuntu versions, from the Dash button in the upper-left corner.
 For KDE, and some other environments, applications can be opened from the
button in the lower-left corner.
On the following pages you will learn how to perform basic operations in Linux
using the graphical interface.
4.6.1 Locating Applications

Unlike other operating systems, the initial install of Linux usually comes with a
wide range of applications and software archives that contain thousands of
programs that enable you to accomplish a wide variety of tasks with your
computer. For most key tasks, a default application is usually already installed.
However, you can always install more applications and try different options.
For example, Firefox is popular as the default browser in many Linux

distributions, while Epiphany, Konqueror, and Chromium (the open source base
for Google Chrome) are usually available for install from software repositories.
Proprietary web browsers, such as Opera and Chrome, are also available.
Locating applications from the GNOME and KDE menus is easy, as they are
neatly organized in functional submenus.
Locating Applications
4.6.2 Default Applications

Multiple applications are available to accomplish various tasks and to open a file
of a given type. For example, you can click on a web address while reading an
email and launch a browser such as Firefox or Chrome.
To set default applications, enter the Settings menu (on all recent Linux
distributions) and then click on either Default Applications or Details > Default
Applications. The exact list will vary from what is shown here in the Ubuntu
screenshot according to what is actually installed and available on your system
Default Applications
4.6.3 File Manager

Each distribution implements the Nautilus (File Manager) utility, which is used
to navigate the file system. It can locate files and, when a file is clicked upon,
either it will run if it is a program, or an associated application will be launched
using the file as data. This behavior is completely familiar to anyone who has
used other operating systems.
To start the file manager you will have to click on its icon (a file cabinet) which
is easily found, usually under Favorites or Accessories. It will have the
name Files.
This will open a window with your Home directory displayed. The left panel of
the File Manager window holds a list of commonly used directories, such
as Desktop, Documents, Downloads and Pictures.
You can click the Magnifying Glass icon on the top-right to search for files or
directories (folders).
File Manager
4.6.4 Home Directories

The File Manager lets you access different locations on your computer and the
network, including the Home directory, Desktop, Documents, Pictures, and
other Other Locations.
Every user with an account on the system will have a home directory, usually
created under /home, and usually named according to the user, such
as /home/student.
By default, files the user saves will be placed in a directory tree starting there.
Account creation, whether during system installation or at a later time, when a
new user is added, also induces default directories to be created under the user's
home directory, such as Documents, Desktop, and Downloads.
In the screenshot shown for Ubuntu, we have chosen the list format and are also
showing hidden files (those starting with a period). See if you can do the same on
your distribution.
Home Directories
Other Locations
4.6.5 Viewing Files

The File Manager allows you to view files and directories in more than one way.
You can switch between the Icons and List formats, either by clicking the familiar
icons in the top bar, or you can press CTRL-1 or CTRL-2 respectively.
In addition, you can also arrange the files and directories by name, size, type, or
modification date for further sorting. To do so, click View and select Arrange
Items.
Another useful option is to show hidden files (sometimes imprecisely called

system files), which are usually configuration files that are hidden by default and
whose name starts with a dot. To show hidden files, select Show Hidden
Files from the menu or press CTRL-H.
The file browser provides multiple ways to customize your window view to
facilitate easy drag and drop file operations. You can also alter the size of the
icons by selecting Zoom In and Zoom Out under the View menu.
4.6.6 Searching for Files

The File Manager includes a great search tool inside the file browser window.
1. Click Search in the toolbar (to bring up a text box).

2. Enter the keyword in the text box. This causes the system to perform a recursive
search from the current directory for any file or directory which contains a part
of this keyword.
To open the File Manager from the command line, on most systems simply
type nautilus.
The shortcut key to get to the search text box is CTRL-F. You can exit the search
text box view by clicking the Search button or CTRL-F again.
Another quick way to access a specific directory is to press CTRL-L, which will
give you a Location text box to type in a path to a directory.
4.6.7 Tìm kiếm

You can refine your search beyond the initial keyword by providing dropdown
menus to further filter the search.
1. Based on Location or File Type, select additional criteria from the dropdown.
2. To regenerate the search, click the Reload button.
3. To add multiple search criteria, click the + button and select Additional Search
Criteria.
For example, if you want to find a PDF file containing the word Linux in your
home directory, navigate to your home directory and search for the word
“Linux”. You should see that the default search criterion limits the search to
your home directory already. To finish the job, click the + button to add another
search criterion, select File Type for the type of criterion, and select PDF under
the File Type dropdown.
Searching for Files
4.6.8 Editing a File

Editing any text file through the graphical interface is easy in the GNOME
desktop environment. Simply double-click the file on the desktop or in the
Nautilus file browser window to open the file with the default text editor.
The default text editor in GNOME is gedit. It is simple yet powerful, ideal for
editing documents, making quick notes, and programming. Although gedit is
designed as a general purpose text editor, it offers additional features for spell
checking, highlighting, file listings and statistics.
You will learn much more about using text editors in a later chapter.
4.6.9 Removing a File

Deleting a file in Nautilus will automatically move the deleted files to
the .local/share/Trash/files/ directory (a trash can of sorts) under the user's
home directory. There are several ways to delete files and directories using
Nautilus.
1. Select all the files and directories that you want to delete.
2. Press CTRL-Delete on your keyboard, or right-click the file.
3. Select Move to Trash.
Note that you may have a Delete Permanently option which bypasses the trash
folder, and that this option may be visible all the time or only in list (rather than)
icon mode.
To permanently delete a file:
1. On the left panel inside a Nautilus file browser window, right-click on

the Trash directory.
2. Select Empty Trash.
Alternatively, select the file or directory you want to permanently delete and
press Shift-Delete.
As a precaution, you should never delete your Home directory, as doing so will
most likely erase all your GNOME configuration files and possibly prevent you
from logging in. Many personal system and program configurations are stored
under your home directory.
Lab 4.2: Viewing File Sort Options

Find the latest modified file in /var/log.
You will have to open the file browser window and navigate to
the /var/log directory. This will vary somewhat from distribution to distribution.
On most recent distributions you will click on Other Locations -> Computer.
Navigate to the /var/log directory. Set the view option to List rather than Icon,
and then click on the date.
Lab 4.3: Recovering Deleted Files

The basic operations will be the same here, whether you have a GNOME or KDE
desktop, although exact procedures and choices may differ slightly.
1. Create a new text file on the desktop named lab.txt, using the graphical file
manager.
2. Delete the file by sending it to Trash.
3. Verify the file is now in ~/.local/share/Trash, or a subdirectory thereof. NOTE:
You will have to get your file browser to show hidden files and directories, those
that start with a .).
4. Recover the file and make sure it is in its original location.
Click the link below to view a solution to the Lab exercise.
1. Open the file manager and navigate to your home directory. Once your user
configuration is set up for it this is as simple as right clicking in the
directory, and selecting Create New->Text File and giving it a name.
(You may see something other than Text File.)
With the GNOME file manager, there is no such option in the default
setup. You must create a file called new in your Templates directory first.
The easiest way to do this is to type Alt-F2 and then in the little window
that opens up
student:/tmp> touch ~/Templates/new
Once you have done that, you can either right click in the directory, or
somewhere on the right side of the title bar to open up a dialog where there
will be an option to create a new file of some type.
Why this feature is not on by default might be considered a mystery not

understood by modern science. However, the logic is that new files are
generally not created in a vaccuum (at least in GUIs); one expects to make
them in an application. Some distributions or versions of GNOME may
not need this stupid step.
2. This should be pretty obvious, either by dragging and dropping in

the Trash folder on the left, or through a right click on the file.
3. To navigate down through your .local directory, you have to make hidden
files visible. On GNOME systems, you can either just hit CTRL-H, or
you can click on the little down arrow next to the gear icon and toggle
showing hidden files on and off.
4. The easiest way is to click on the Trash icon and then pick Restore, which
will bring it back to its original location which you can easily verify.
Note that the GNOME File Manager does not include a Delete or Permanenly
Delete option by default. To enable this you have to go into preferences and turn
it on. You can enter the preferences menu by starting the File Manager and on the
top task bar on the desktop, click on its icon and get into the preference menus.
Another non-obvious step :( .
Chương 5. Cấu hình hệ thống từ Giao diện đồ họa
Mục tiêu
 Apply system, display, and date and time settings using the System Settings panel.
 Track the network settings and manage connections using Network Manager in
Linux.
 Install and update software in Linux from a graphical interface.
NOTE: We will revisit all these tasks later, when we discuss how to accomplish
them from the command line interface.
5.1 System/ Display/ DateTime Settings

The System Settings panel allows you to control most of the basic configuration
options and desktop settings, such as specifying the screen resolution, managing
network connections, or changing the date and time of the system.
For the GNOME Desktop Manager, one clicks on the upper right-hand corner
and then selects the tools image (screwdriver crossed with a wrench or a gear).
Depending on your distribution, you may find other ways to get into the settings
configuration as well. You will also find variation in the menu layout between
Linux distributions and versions, so you may have to hunt for the settings you
need to examine or modify.
System Settings Panel

5.2 System Settings Menus
To get deeper into configuration, one can click on the Devices on the previous
menu in order to configure items like the display, the keyboard, the printers, etc.
Configuring Applications on Ubuntu
One can also click on the Users icon (which may be under Details) to set values
for system users, such as their login picture, password, etc.
Configuring the User Attributes

gnome-tweaks
A lot of personalized configuration settings do not appear on the settings menus.
Instead, you have to launch a tool called either gnome-tweaks (or gnome-tweak-
tool on older Linux distributions). We have not really discussed working at the
command line yet, but you can always launch a program such as this by
doing Alt-F2 and typing in the command. Some distributions have a link to the
tweaks menus in the settings, but for some mysterious reason, many obscure this
tool's existence, and it becomes hard to discover how to modify even rather basic
desktop attributes and behavior.
Important things you can do with this tool include selecting a theme,
configuring extensions which you can get from your distribution or download
from the Internet, control fonts, modify the keyboard layout, and set which
programs start when you login.
The most recent GNOME versions have removed a lot of the functionality
of gnome-tweaks; extensions now have to be configured using a new app
called gnome-extensions-app. The reasoning for this is obscure.
The screenshot here is from a Red Hat system with quite a few extensions
installed, but not all being used.
Extensions Installed on RHEL

5.3 Display Settings
Clicking on Settings > Displays (or Settings > Devices > Displays) will expose
the most common settings for changing the desktop appearance. These settings
function independently of the specific display drivers you are running. The exact
appearance will depend enormously on how many monitors you have and other
factors, such as Linux distribution and particular version.
If your system uses a proprietary video card driver (usually

from nVidia or AMD), you will probably have a separate configuration program
for that driver. This program may give more configuration options, but may also
be more complicated, and might require sysadmin (root) access. If possible, you
should configure the settings in the Displays panel rather than with the
proprietary program.
The X server, which actually provides the GUI, uses /etc/X11/xorg.conf as its
configuration file if it exists; In modern Linux distributions, this file is usually
present only in unusual circumstances, such as when certain less common graphic
drivers are in use. Changing this configuration file directly is usually for more
advanced users.
Display Settings on an Older and Newer Ubuntu Systems
5.3.1 Setting Resolution and Configuring Multiple Screens

While your system will usually figure out the best resolution for your screen
automatically, it may get this wrong in some cases, or you might want to change
the resolution to meet your needs.
You can accomplish this using the Displays panel. The switch to the new
resolution will be effective when you click Apply, and then confirm that the
resolution is working. In case the selected resolution fails to work or you are just
not happy with the appearance, the system will switch back to the original
resolution after a short timeout. Once again, the exact appearance of the
configuration screen will vary a lot between distributions and versions,
but usually is rather intuitive and easy, once you find the configuration menus.
In most cases, the configuration for multiple displays is set up automatically as

one big screen spanning all monitors, using a reasonable guess for screen layout.
If the screen layout is not as desired, a check box can turn on mirrored mode,
where the same display is seen on all monitors. Clicking on a particular monitor
image lets you configure the resolution of each one, and whether they make one
big screen, or mirror the same video, etc.
Setting the Resolution and Configuring Multiple Screens
5.4 Date and Time Settings

By default, Linux always uses Coordinated Universal Time (UTC) for its own
internal timekeeping. Displayed or stored time values rely on the system time
zone setting to get the proper time. UTC is similar to, but more accurate than,
Greenwich Mean Time (GMT).
If you click on the time displayed on the top panel, you can adjust the format with
which the date and time is shown; on some distributions, you can also alter the
values.
The more detailed date and time settings can be selected from the Date &
Time window in the System Settings Menu.
Date and Time Settings
The "automatic" settings are referring to the use of Network Time

Protocol (NTP), which we discuss next.
5.5 Network Time Protocol

The Network Time Protocol (NTP) is the most popular and reliable protocol for
setting the local time by consulting established Internet servers. Linux
distributions always come with a working NTP setup, which refers to specific
time servers run or relied on by the distribution. This means that no setup, beyond
"on" or "off", is generally required for network time synchronization.
Lab 5.1: Getting and Setting Screen Resolution
Find out the current screen resolution for your desktop.
Change it to something else, and change it back to its original value.
NOTE: You can also ascertain your current resolution by typing at the command
line:
student:/tmp> $ xdpyinfo | grep dim

dimensions: 3200x1080 pixels (847x286 millimeters)
Click either the gear or tool icon in the top right corner, depending on your
distribution, and select System Settings.
Click on either Displays or Devices -> Displays. The resolution drop down
should be evident and inutitive to use.
Lab 5.2: Working with Time Settings

Change the time zone of your system to London time (or New York time, if you
are currently in London time). How does the displayed time change?
After noting the time change, change the time zone back to your local time zone.
On a GNOME desktop, click on System Settings -> Date & Time or System
Settings -> Details -> Date & Time, and Note the current Location settings.
You will either have to click on Unlock to give the root password, or will be
asked for it when you try to change the time zone, depending on
your GNOME version.
Use the Region and City drop-downs to switch the region to Europe and the city
to London, or type London into the Location widget and pick the proper location
from the list that appears. (You may also just be able to click at the right place on
a map of the world.)
Look at the clock, and note that the displayed time has changed. Now, set the time
zone back in the same way.
On KDE desktops, the details are somewhat different but it is not rocket science
to figure out how to do this, and it should take you less time to find the
configuration methods than it does to describe them.
5.6 Network Configuration

Linux distributions have network configuration files, but file formats and
locations can differ from one distribution to another. Hand editing of these files
can handle quite complicated setups, but is not very dynamic or easy to learn and
use. Network Manager was developed to make things easier and more uniform
across distributions. It can list all available networks (both wired and wireless),
allow the choice of a wired, wireless, or mobile broadband network, handle
passwords, and set up Virtual Private Networks (VPNs). Except for unusual
situations, it is generally best to let Network Manager establish your connections
and keep track of your settings.
Network Configuration
In this section, you will learn how to manage network connections, including
wired and wireless connections, and mobile broadband and VPN connections.
5.6.1 Wired and Wireless Connections

Wired connections usually do not require complicated or manual configuration.
The hardware interface and signal presence are automatically detected, and then
Network Manager sets the actual network settings
via Dynamic Host Configuration Protocol (DHCP).
For static configurations that do not use DHCP, manual setup can also be done
easily through Network Manager. You can also change the
Ethernet Media Access Control (MAC) address if your hardware supports it. The
MAC address is a unique hexadecimal number of your network card.
Wireless networks are usually not connected by default. You can view the list of
available wireless networks and see which one (if any) you are currently
connected to by using Network Manager. You can then add, edit, or remove
known wireless networks, and also specify which ones you want connected by
default when present.
5.6.2 Configuring Wireless Connections

To configure a wireless network in any recent GNOME-based distribution:
Click on the upper-right corner of the top panel, which brings up a settings and/or
network window. While the exact appearance will depend on Linux distribution
and version, it will always be possible to click on a Wi-Fi submenu, as long as
the hardware is present. Here is an example from a RHEL 8 system:
Configuring Wireless Connections
Select the wireless network you wish to connect to. If it is a secure network, the
first time it will request that you enter the appropriate password. By default, the
password will be saved for subsequent connections.
Selecting a Network
If you click on Wi-Fi Settings, you will bring up the third screenshot. If you click
on the Gear icon for any connection, you can configure it in more detail.
Configuring the Network of Your Choice
Older and other Linux distributions may look quite a bit different in detail, but
the steps and choices are essentially identical, as they are all running Network
Manager with perhaps somewhat different clothing.
5.6.3 Mobile Broadband and VPN Connections
You can set up a mobile broadband connection with Network Manager, which
will launch a wizard to set up the connection details for each connection.
Once the configuration is done, the network is configured automatically each time
the broadband network is attached.
Network Manager can also manage your VPN connections.
It supports many VPN technologies, such as native IPSec, Cisco OpenConnect

(via either the Cisco client or a native open source client), Microsoft PPTP, and
OpenVPN.
You might get support for VPN as a separate package from your distributor. You
need to install this package if your preferred VPN is not supported.
Lab 5.3: Managing Network Connections

Get the current networking configuration for your desktop.
Are you on a wired or a wireless connection? Or both?
If you have wireless hardware, see what wireless networks are available, if any.
Click the Network Manager icon in the upper right corner of your desktop.
(Appearance can vary by distribution.) This should bring up the wired and
wireless connection state, and which wireless networks are available.
5.7 Installing and Updating Software
Each package in a Linux distribution provides one piece of the system, such as
the Linux kernel, the C compiler, utilities for manipulating text or configuring
the network, or for your favorite web browsers and email clients.
Packages often depend on each other. For example, because your email client can
communicate using SSL/TLS, it will depend on a package which provides the
ability to encrypt and decrypt SSL and TLS communication, and will not install
unless that package is also installed at the same time.
All systems have a lower-level utility which handles the details of unpacking a
package and putting the pieces in the right places. Most of the time, you will be
working with a higher-level utility which knows how to download packages from
the Internet and can manage dependencies and groups for you.
In this section, you will learn how to install and update software in Linux using
the Debian packaging system (used by systems such as Ubuntu as well) and
RPM packaging systems (which is used by both Red Hat and SUSE family
systems). These are the main ones in use although there are others which work
well for other distributions which are less used.
5.7.1 Debian Packaging

Let’s look at the Package Management for the
Debian family system.
dpkg is the underlying package manager for these systems.

It can install, remove, and build packages. Unlike higher-
level package management systems, it does not
automatically download and install packages and satisfy
their dependencies.
Package Management in the Debian Family System
For Debian-based systems, the higher-level package management system is

the Advanced Package Tool (APT) system of utilities. Generally, while each
distribution within the Debian family uses APT, it creates its own user interface
on top of it (for example, apt and apt-get, synaptic, gnome-software, Ubuntu
Software Center, etc). Although apt repositories are generally compatible with
each other, the software they contain generally is not. Therefore, most
repositories target a particular distribution (like Ubuntu), and often software
distributors ship with multiple repositories to support multiple distributions.
Demonstrations are shown later in this section.
5.7.2 Red Hat Package Manager (RPM)

Red Hat Package Manager (RPM) is the other
package management system popular on Linux
distributions. It was developed by Red Hat, and
adopted by a number of other distributions,
including SUSE/openSUSE, Mageia, CentOS,
Oracle Linux, and others.
Red Hat Package Manager
The higher-level package manager differs between

distributions. Red Hat family distributions
historically use RHEL/CentOS and Fedora uses
dnf, while retaining good backwards compatibility
with the older yum program. SUSE family
distributions such as openSUSE also use RPM, but
use the zypper interface.
5.7.3 openSUSE’s YaST Software Management

The Yet another Setup Tool (YaST) software manager is similar to other
graphical package managers. It is an RPM-based application. You can add,
remove, or update packages using this application very easily. To access the
YaST software manager:
1. Click Activities
2. In the Search box, type YaST
3. Click the YaST icon
4. Click Software Management
You can also find YaST by clicking on Applications > Other-YaST, which is a
strange place to put it.
openSUSE's Software Management
openSUSE’s YaST software management application is similar to the graphical

package managers in other distributions. A demonstration of the YaST software
manager is shown later in this section.
Chương 7. Command Line Operations
Mục tiêu:
 Use the command line to perform operations in Linux.

 Search for files.
 Create and manage files.
 Install and update software.
7.1 Introduction to the Command Line
Linux system administrators spend a significant amount of their time at a
command line prompt. They often automate and troubleshoot tasks in this text
environment. There is a saying, "graphical user interfaces make easy tasks
easier, while command line interfaces make difficult tasks possible". Linux relies
heavily on the abundance of command line tools. The command line interface
provides the following advantages:
 No GUI overhead is incurred.

 Virtually any and every task can be accomplished while sitting at the command
line.
 You can implement scripts for often-used (or easy-to-forget) tasks and series of
procedures.
 You can sign into remote machines anywhere on the Internet.
 You can initiate graphical applications directly from the command line instead of
hunting through menus.
 While graphical tools may vary among Linux distributions, the command line
interface does not.
7.2 Using a Text Terminal on the Graphical Desktop

A terminal emulator program emulates (simulates) a standalone terminal within
a window on the desktop. By this, we mean it behaves essentially as if you were
logging into the machine at a pure text terminal with no running graphical
interface. Most terminal emulator programs support multiple terminal sessions by
opening additional tabs or windows.
By default, on GNOME desktop environments, the gnome-terminal application

is used to emulate a text-mode terminal in a window. Other available terminal
programs include:
 xterm
 konsole (default on KDE)
 terminator
$ ls -a
7.3 Launching Terminal Windows

To open a terminal on any system using a recent GNOME desktop
click on Applications > System Tools > Terminal or Applications > Utilities
> Terminal. If you do not have the Applications menu, you will have to install
the appropriate gnome-shell-extension package and turn on with gnome-
tweaks.
On any but some of the most recent GNOME-based distributions, you can always
open a terminal by right-clicking anywhere on the desktop background and
selecting Open in Terminal. If this does not work you will once again need to
install and activate the appropriate gnome-shell-extension package.
You can also hit Alt-F2 and type in either gnome-terminal or konsole,
whichever is appropriate.
Because distributions have had a history of burying opening up a command line

terminal, and the place in menus may vary in the desktop GUI, It is a good idea
to figure out how to "pin" the terminal icon to the panel, which might mean adding
it to the Favorites grouping on GNOME systems.
Opening a Terminal Using GNOME Desktop

7.4 Some Basic Utilities
There are some basic command line utilities that are used constantly, and it would
be impossible to proceed further without using some of them in simple form
before we discuss them in more detail. A short list has to include:
 cat: used to type out a file (or combine files).

 head: used to show the first few lines of a file.
 tail: used to show the last few lines of a file.
 man: used to view documentation.
The screenshot shows elementary uses of these programs. Note the use of the pipe
symbol (|) used to have one program take as input the output of another.
For the most part, we will only use these utilities in screenshots displaying various
activities, before we discuss them in detail.
Basic Command Line Utilities
7.4.1 The Command Line

Most input lines entered at the shell prompt have three basic elements:
 Command
 Options
 Arguments
The command is the name of the program you are executing. It may be followed
by one or more options (or switches) that modify what the command may do.
Options usually start with one or two dashes, for example, -p or --print, in order
to differentiate them from arguments, which represent what the
command operates on.
However, plenty of commands have no options, no arguments, or neither. In

addition, other elements (such as setting environment variables) can also appear
on the command line when launching a task.
7.4.2 sudo
All the demonstrations created have a user configured with sudo capabilities to
provide the user with administrative (admin) privileges when
required. sudo allows users to run programs using the security privileges of
another user, generally root (superuser).
On your own systems, you may need to set up and enable sudo to work correctly.
To do this, you need to follow some steps that we will not explain in much detail
now, but you will learn about later in this course. When running on Ubuntu and
some other recent distributions, sudo is already always set up for you during
installation. On other Linux distributions, you will likely need to set up sudo to
work properly for you after the initial installation.
Next, you will learn the steps to set up and run sudo on your system.
sudo ls -la /root
7.4.3 Steps for Setting Up and Running sudo

If your system does not already have sudo set up and enabled, you need to do
the following steps:
1. You will need to make modifications as the administrative or superuser, root.

While sudo will become the preferred method of doing this, we do not have it set
up yet, so we will use su (which we will discuss later in detail) instead. At the
command line prompt, type su and press Enter. You will then be prompted for
the root password, so enter it and press Enter. You will notice that nothing is
printed; this is so others cannot see the password on the screen. You should end
up with a different looking prompt, often ending with ‘#’. For example:
$ su Password:#
2. Now, you need to create a configuration file to enable your user account to use
sudo. Typically, this file is created in the /etc/sudoers.d/ directory with the name
of the file the same as your username. For example, for this demo, let’s say your
username is student. After doing step 1, you would then create the configuration
file for student by doing this:
# echo "student ALL=(ALL) ALL" > /etc/sudoers.d/student
3. Finally, some Linux distributions will complain if you do not also change
permissions on the file by doing:
# chmod 440 /etc/sudoers.d/student
That should be it. For the rest of this course, if you use sudo you should be
properly set up. When using sudo, by default you will be prompted to give a
password (your own user password) at least the first time you do it within a
specified time interval. It is possible (though very insecure) to configure sudo to
not require a password or change the time window in which the password does
not have to be repeated with every sudo command.
7.5 Switching Between the GUI and the Command Line

The customizable nature of Linux allows you to drop the graphical interface
(temporarily or permanently) or to start it up after the system has been running.
Most Linux distributions give an option during installation (or have more than
one version of the install media) to choose between desktop (with a graphical
desktop) and server (usually without one).
Linux production servers are usually installed without the GUI, and even if it is
installed, usually do not launch it during system startup. Removing the graphical
interface from a production server can be very helpful in maintaining a lean
system, which can be easier to support and keep secure.
Switching between the GUI and the Command Line
7.6 Virtual Terminals

Virtual Terminals (VT) are console sessions that use the entire display and
keyboard outside of a graphical environment. Such terminals are considered
"virtual" because, although there can be multiple active terminals, only one
terminal remains visible at a time. A VT is not quite the same as a command line
terminal window; you can have many of those visible at once on a graphical
desktop.
One virtual terminal (usually number one or seven) is reserved for the graphical
environment, and text logins are enabled on the unused VTs. Ubuntu uses VT 7,
but CentOS/RHEL and openSUSE use VT 1 for the graphical display.
An example of a situation where using VTs is helpful is when you run into
problems with the graphical desktop. In this situation, you can switch to one of
the text VTs and troubleshoot.
To switch between VTs, press CTRL-ALT-function key for the VT. For
example, press CTRL-ALT-F6 for VT 6. Actually, you only have to press
the ALT-F6 key combination if you are in a VT and want to switch to another
VT.
Switching between Virtual Terminals
7.7 Turning Off the Graphical Desktop

Linux distributions can start and stop the graphical desktop in various ways. The
exact method differs from distribution and among distribution versions. For the
newer systemd-based distributions, the display manager is run as a service, you
can stop the GUI desktop with the systemctl utility and most distributions will
also work with the telinit command, as in:
$ sudo systemctl stop gdm (or sudo telinit 3)
and restart it (after logging into the console) with:
$ sudo systemctl start gdm (or sudo telinit 5)

On Ubuntu versions before 18.04 LTS, substitute lightdm for gdm.
Turning Off the Graphical Desktop
Lab 7.1: Killing the Graphical User Interface

From within a graphical terminal (gnome-terminal, konsole, etc.), kill the current
graphical desktop.
Your method will depend on your distribution and your greeter program (gdm,
lightdm, kdm) and whether you have a systemd, SysVinit, or Upstart system.
Restart the GUI from the console.
Methods of bringing down the GUI:

student:/tmp> sudo systemctl stop gdm
student:/tmp> sudo systemctl stop lightdm
student:/tmp> sudo telinit 3
Methods of bringing the GUI back up:

student:/tmp> sudo systemctl start gdm
student:/tmp> sudo systemctl start lightdm
student:/tmp> sudo telinit 5
7.8 Basic Operations

In this section, we will discuss how to accomplish basic operations from the
command line. These include how to log in and log out from the system, restart
or shut down the system, locate applications, access directories, identify absolute
and relative paths, and explore the filesystem.
Basic Operations
7.8.1 Logging In and Out

An available text terminal will prompt for a username (with the string login:) and
password. When typing your password, nothing is displayed on the terminal (not
even a * to indicate that you typed in something), to prevent others from seeing
your password. After you have logged into the system, you can perform basic
operations.
Once your session is started (either by logging into a text terminal or via a
graphical terminal program), you can also connect and log into remote systems
by using Secure SHell (SSH). For example, by typing ssh student@remote-
server.com, SSH would connect securely to the remote machine (remote-
server.com) and give student a command line terminal window, using either a
password (as with regular logins) or cryptographic key to sign in without
providing a password to verify the identity.
Logging In and Out
7.8.2 Rebooting and Shutting Down

The preferred method to shut down or reboot the system is to use
the shutdown command. This sends a warning message, and then prevents
further users from logging in. The init process will then control shutting down or
rebooting the system. It is important to always shut down properly; failure to do
so can result in damage to the system and/or loss of data.
The halt and poweroff commands issue shutdown -h to halt the

system; reboot issues shutdown -r and causes the machine to reboot instead of
just shutting down. Both rebooting and shutting down from the command line
requires superuser (root) access.
When administering a multi-user system, you have the option of notifying all
users prior to shutdown, as in:
$ sudo shutdown -h 10:00 "Shutting down for scheduled maintenance."
NOTE: On recent Wayland-based Linux distributions, broadcast messages do

not appear on terminal emulation sessions running on the desktop; they appear
only on the VT console displays.
Rebooting and Shutting Down
7.8.3 Locating Applications

Depending on the specifics of your particular distribution's policy, programs and
software packages can be installed in various directories. In general, executable
programs and scripts should live in
the /bin, /usr/bin, /sbin, /usr/sbin directories, or somewhere under /opt. They
can also appear in /usr/local/bin and /usr/local/sbin, or in a directory in a user's
account space, such as /home/student/bin.
One way to locate programs is to employ the which utility. For example, to find
out exactly where the diff program resides on the filesystem:
$ which diff /usr/bin/diff
If which does not find the program, whereis is a good alternative because it looks
for packages in a broader range of system directories:
$ whereis diff diff: /usr/bin/diff /usr/share/man/man1/diff.1.gz

/usr/share/man/man1p/diff.1p.gz
as well as locating source and man files packaged with the program.
which and whereis Utilities

7.8.5 Accessing Directories
When you first log into a system or open a terminal, the default directory should
be your home directory. You can print the exact path of this by typing echo
$HOME. Many Linux distributions actually open new graphical terminals
in $HOME/Desktop. The following commands are useful for directory
navigation:
Command Result
pwd Displays the present working directory
cd ~ or cd Change to your home directory (shortcut name

is ~ (tilde))
cd .. Change to parent directory (..)
cd - Change to previous directory (- (minus))
http://linuxfoundation.s3-website-us-east-
1.amazonaws.com/TIY/usingcd/index.html
7.8.5.1 Understanding Absolute and Relative Paths

There are two ways to identify paths:
 Absolute pathname: An absolute pathname begins with the root directory and
follows the tree, branch by branch, until it reaches the desired directory or file.
Absolute paths always start with /.
 Relative pathname: A relative pathname starts from the present working
directory. Relative paths never start with /.
Multiple slashes (/) between directories and files are allowed, but all but one slash
between elements in the pathname is ignored by the system. ////usr//bin is valid,
but seen as /usr/bin by the system.
Most of the time, it is most convenient to use relative paths, which require less
typing. Usually, you take advantage of the shortcuts provided by: . (present
directory), .. (parent directory) and ~ (your home directory).
For example, suppose you are currently working in your home directory and wish
to move to the /usr/bin directory. The following two ways will bring you to the
same directory from your home directory:
 Absolute pathname method: $ cd /usr/bin
 Relative pathname method: $ cd ../../usr/bin
In this case, the absolute pathname method requires less typing.
Understanding Absolute and Relative Paths
7.8.5.2 Exploring the Filesystem

Traversing up and down the filesystem tree can get tedious. The tree command
is a good way to get a bird’s-eye view of the filesystem tree. Use tree -d to view
just the directories and to suppress listing file names.
Exploring the Filesystem
The following commands can help in exploring the filesystem:
Command Usage
cd / Changes your current directory to the root (/) directory (or path you
supply)
ls List the contents of the present working directory
ls –a List all files, including hidden files and directories (those whose name
start with . )
tree Displays a tree view of the filesystem

7.8.5.3 Hard Links
The ln utility is used to create hard links and (with the -s option) soft links, also
known as symbolic links or symlinks. These two kinds of links are very useful in
UNIX-based operating systems.
Suppose that file1 already exists. A hard link, called file2, is created with the
command:
$ ln file1 file2
Note that two files now appear to exist. However, a closer inspection of the file
listing shows that this is not quite true.
$ ls -li file1 file2
The -i option to ls prints out in the first column the inode number, which is a
unique quantity for each file object. This field is the same for both of these files;
what is really going on here is that it is only one, file but it has more than one
name associated with it, as is indicated by the 2 that appears in the ls output.
Thus, there was already another object linked to file1 before the command was
executed.
Hard links are very useful and they save space, but you have to be careful with
their use, sometimes in subtle ways. For one thing, if you remove
either file1 or file2 in the example, the inode object (and the remaining file name)
will remain, which might be undesirable, as it may lead to subtle errors later if
you recreate a file of that name.
If you edit one of the files, exactly what happens depends on your editor; most
editors, including vi and gedit, will retain the link by default, but it is possible
that modifying one of the names may break the link and result in the creation of
two objects.
Hard Links
7.8.5.4 Soft (Symbolic) Links
Soft (or Symbolic) links are created with the -s option, as in:
$ ln -s file1 file3
$ ls -li file1 file3
Notice file3 no longer appears to be a regular file, and it clearly points to file1 and
has a different inode number.
Symbolic links take no extra space on the filesystem (unless their names are very
long). They are extremely convenient, as they can easily be modified to point to
different places. An easy way to create a shortcut from your home directory to
long pathnames is to create a symbolic link.
Unlike hard links, soft links can point to objects even on different filesystems,
partitions, and/or disks and other media, which may or may not be currently
available or even exist. In the case where the link does not point to a currently
available or existing object, you obtain a dangling link.
Soft (Symbolic) Links
7.8.5.5 Navigating the Directory History

The cd command remembers where you were last, and lets you get back there
with cd -. For remembering more than just the last directory visited, use pushd to
change the directory instead of cd; this pushes your starting directory onto a list.
Using popd will then send you back to those directories, walking in reverse order
(the most recent directory will be the first one retrieved with popd). The list of
directories is displayed with the dirs command.
Navigating Through Directory History
Lab 7.2: Locating Applications

Find out the location of the ip network utility.
student:/tmp> which ip
/usr/sbin/ip
student:/tmp> whereis ip
ip: /usr/sbin/ip /usr/share/man/man7/ip.7.gz /usr/share/man/man8/ip.8.gz
Note whereis also reports the location of the man page.

7.8.5.6 Working with Files
Linux provides many commands that help you with viewing the contents of a file,
creating a new file or an empty file, changing the timestamp of a file, and moving,
removing and renaming a file or directory. These commands help you in
managing your data and files and in ensuring that the correct data is available at
the correct location.
In this section, you will learn how to manage files.
7.8.6 Viewing Files

You can use the following command line utilities to view files:
Command Usage
cat Used for viewing files that are not very long; it does not provide any
scroll-back.
tac Used to look at a file backwards, starting with the last line.
less Used to view larger files because it is a paging program. It pauses at each
screen full of text, provides scroll-back capabilities, and lets you search
and navigate within the file.
NOTE: Use / to search for a pattern in the forward direction and ? for a
pattern in the backward direction. An older program named more is still
used, but has fewer capabilities: "less is more".
tail Used to print the last 10 lines of a file by default. You can change the
number of lines by doing -n 15 or just -15 if you wanted to look at the
last 15 lines instead of the default.
head The opposite of tail; by default, it prints the first 10 lines of a file.
7.8.6.1 touch
touch is often used to set or update the access, change, and modify times of files.
By default, it resets a file's timestamp to match the current time.
However, you can also create an empty file using touch:
$ touch <filename>
This is normally done to create an empty file as a placeholder for a later purpose.
touch provides several useful options. For example, the -t option allows you to
set the date and timestamp of the file to a specific value, as in:
$ touch -t 12091600 myfile
This sets the myfile file's timestamp to 4 p.m., December 9th (12 09 1600).
touch
7.8.6.2 mkdir and rmdir

mkdir is used to create a directory:
 mkdir sampdir : It creates a sample directory named sampdir under the current
directory.
 mkdir /usr/sampdir : It creates a sample directory called sampdir under /usr.
Removing a directory is done with rmdir. The directory must be empty or the
command will fail. To remove a directory and all of its contents you have to
do rm -rf.
mkdir
7.8.6.3 Moving, Renaming or Removing a File

Note that mv does double duty, in that it can:
 Simply rename a file

 Move a file to another location, while possibly changing its name at the same
time.
If you are not certain about removing files that match a pattern you supply, it is
always good to run rm interactively (rm –i) to prompt before every removal.
Command Usage
mv Rename a file
rm Remove a file
rm –f Forcefully remove a file
rm –i Interactively remove a file

7.8.6.4 Renaming or Removing a Directory
rmdir works only on empty directories; otherwise you get an error.
While typing rm –rf is a fast and easy way to remove a whole filesystem tree
recursively, it is extremely dangerous and should be used with the utmost care,
especially when used by root (recall that recursive means drilling down through
all sub-directories, all the way down a tree).
Command Usage
mv Rename a directory
rmdir Remove an empty directory
rm -rf Forcefully remove a directory recursively

7.8.6.5 Modifying the Command Line Prompt
The PS1 variable is the character string that is displayed as the prompt on the
command line. Most distributions set PS1 to a known default value, which is
suitable in most cases. However, users may want custom information to show on
the command line. For example, some system administrators require the user and
the host system name to show up on the command line as in:
student@c8 $
This could prove useful if you are working in multiple roles and want to be always
reminded of who you are and what machine you are on. The prompt above could
be implemented by setting the PS1 variable to: \u@\h \$.
For example:
$ echo $PS1 \$
$ PS1="\u@\h \$ "
student@c8 $ echo $PS1
\u@\h \$
student@c8 $
By convention, most systems are set up so that the root user has a pound sign (#)
as their prompt.
Please take a look at the following Try-It-Yourself exercise: Working With Files
and Directories Using the Command Prompt.
Lab 7.3: Creating, Moving and Removing Files
Create an empty file named exercise.txt and move this file to the /tmp directory,
using a relative pathname from your home directory. Then, delete this file using
an absolute pathname.
student:/home/student> touch exercise.txt

student:/home/student> mv exercise.txt ../../tmp
student:/tmp> rm /tmp/exercise.txt
7.9 Standard File Streams
When commands are executed, by default there are three standard file streams
(or descriptors) always open for use: standard input (standard in or stdin),
standard output (standard out or stdout) and standard error (or stderr).
Name Symbolic Name Value Example
standard input stdin 0 keyboard
standard output stdout 1 terminal
standard error stderr 2 log file
Usually, stdin is your keyboard, and stdout and stderr are printed on your
terminal. stderr is often redirected to an error logging file, while stdin is
supplied by directing input to come from a file or from the output of a previous
command through a pipe. stdout is also often redirected into a file.
Since stderr is where error messages are written, usually nothing will go there.
In Linux, all open files are represented internally by what are called file
descriptors. Simply put, these are represented by numbers starting at zero. stdin is
file descriptor 0, stdout is file descriptor 1, and stderr is file descriptor 2.
Typically, if other files are opened in addition to these three, which are opened
by default, they will start at file descriptor 3 and increase from there.
On the next page and in the chapters ahead, you will see examples which alter
where a running command gets its input, where it writes its output, or where it
prints diagnostic (error) messages.
7.9.1 I/O Redirection
Through the command shell, we can redirect the three standard file streams so
that we can get input from either a file or another command, instead of from our
keyboard, and we can write output and errors to files or use them to provide input
for subsequent commands.
For example, if we have a program called do_something that reads

from stdin and writes to stdout and stderr, we can change its input source by
using the less-than sign (<) followed by the name of the file to be consumed for
input data:
$ do_something < input-file
If you want to send the output to a file, use the greater-than sign (>) as in:
$ do_something > output-file
Because stderr is not the same as stdout, error messages will still be seen on the
terminal windows in the above example.
If you want to redirect stderr to a separate file, you use stderr’s file descriptor
number (2), the greater-than sign (>), followed by the name of the file you want
to hold everything the running command writes to stderr:
$ do_something 2> error-file
NOTE: By the same logic, do_something 1> output-file is the same

as do_something > output-file.
A special shorthand notation can send anything written to file

descriptor 2 (stderr) to the same place as file descriptor 1 (stdout): 2>&1.
$ do_something > all-output-file 2>&1
bash permits an easier syntax for the above:
$ do_something >& all-output-file
7.9.2 Pipes
The UNIX/Linux philosophy is to have many simple and short programs (or
commands) cooperate together to produce quite complex results, rather than have
one complex program with many possible options and modes of operation. In
order to accomplish this, extensive use of pipes is made. You can pipe the output
of one command or program into another as its input.
In order to do this, we use the vertical-bar, pipe symbol (|), between commands
as in:
$ command1 | command2 | command3
The above represents what we often call a pipeline, and allows Linux to combine
the actions of several commands into one. This is extraordinarily efficient
because command2 and command3 do not have to wait for the previous
pipeline commands to complete before they can begin hacking at the data in their
input streams; on multiple CPU or core systems, the available computing power
is much better utilized and things get done quicker.
Furthermore, there is no need to save output in (temporary) files between the

stages in the pipeline, which saves disk space and reduces reading and writing
from disk, which is often the slowest bottleneck in getting something done.
Pipeline
7.9.3 Searching for Files

Being able to quickly find the files you are looking for will save you time and
enhance productivity. You can search for files in both your home directory space,
or in any other directory or location on the system.
The main tools for doing this are the locate and find utilities. We will also show
how to use wildcards in bash, in order to specify any file which matches a given
generalized request.
7.9.4 locate
The locate utility program performs a search taking advantage of a previously
constructed database of files and directories on your system, matching all entries
that contain a specified character string. This can sometimes result in a very long
list.
To get a shorter (and possibly more relevant) list, we can use the grep program
as a filter. grep will print only the lines that contain one or more specified strings,
as in:
$ locate zip | grep bin
which will list all the files and directories with both zip and bin in their name.
We will cover grep in much more detail later. Notice the use of | to pipe the two
commands together.
locate utilizes a database created by a related utility, updatedb. Most Linux

systems run this automatically once a day. However, you can update it at any time
by just running updatedb from the command line as the root user.
locate
Please take a look at the following Try-It-Yourself exercise: Locating Files.

7.9.5 Wildcards and Matching File Names
You can search for a filename containing specific characters using wildcards.
Wildcard Result
? Matches any single character
* Matches any string of characters
[set] Matches any character in the set of characters, for example [adf] will
match any occurrence of a, d, or f
[!set] Matches any character not in the set of characters
To search for files using the ? wildcard, replace each unknown character with ?.
For example, if you know only the first two letters are 'ba' of a three-letter
filename with an extension of .out, type ls ba?.out.
To search for files using the * wildcard, replace the unknown string with *. For
example, if you remember only that the extension was .out, type ls *.out.
Please take a look at the following Try-It-Yourself exercise: Using bash

Wildcards with ls.
7.10 The find Program
find is an extremely useful and often-used utility program in the daily life of a
Linux system administrator. It recurses down the filesystem tree from any
particular directory (or set of directories) and locates files that match specified
conditions. The default pathname is always the present working directory.
For example, administrators sometimes scan for potentially large core

files (which contain diagnostic information after a program fails) that are more
than several weeks old in order to remove them.
It is also common to remove files in inessential or outdated files in /tmp (and

other volatile directories, such as those containing cached files) that have not been
accessed recently. Many Linux distributions use shell scripts that run periodically
(through cron usually) to perform such house cleaning.
Find
7.10.1 Using find

When no arguments are given, find lists all files in the current directory and all
of its subdirectories. Commonly used options to shorten the list include -
name (only list files with a certain pattern in their name), -iname (also ignore the
case of file names), and -type (which will restrict the results to files of a certain
specified type, such as d for directory, l for symbolic link, or f for a regular file,
etc.).
Searching for files and directories named gcc: $ find /usr -name gcc
Searching only for directories named gcc: $ find /usr -type d -name gcc
Searching only for regular files named gcc: $ find /usr -type f -name gcc
Another good use of find is being able to run commands on the files that match
your search criteria. The -exec option is used for this purpose.
To find and remove all files that end with .swp:
$ find -name "*.swp" -exec rm {} ’;’
The {} (squiggly brackets) is a placeholder that will be filled with all the file
names that result from the find expression, and the preceding command will be
run on each one individually.
Please note that you have to end the command with either ‘;’ (including the
single-quotes) or "\;". Both forms are fine.
One can also use the -ok option, which behaves the same as -exec, except
that find will prompt you for permission before executing the command. This
makes it a good way to test your results before blindly executing any potentially
dangerous commands.
Finding and Removing Files that End with .swp
7.10.2 Finding Files Based on Time and Size

It is sometimes the case that you wish to find files according to attributes, such as
when they were created, last used, etc., or based on their size. It is easy to perform
such searches.
To find files based on time: $ find / -ctime 3
Here, -ctime is when the inode metadata (i.e. file ownership, permissions, etc.)
last changed; it is often, but not necessarily, when the file was first created. You
can also search for accessed/last read (-atime) or modified/last written (-mtime)
times. The number is the number of days and can be expressed as either a number
(n) that means exactly that value, +n, which means greater than that number, or -
n, which means less than that number. There are similar options for times in
minutes (as in -cmin, -amin, and -mmin).
To find files based on sizes: $ find / -size 0
Note the size here is in 512-byte blocks, by default; you can also specify bytes
(c), kilobytes (k), megabytes (M), gigabytes (G), etc. As with the time numbers
above, file sizes can also be exact numbers (n), +n or -n. For details, consult the
man page for find.
For example, to find files greater than 10 MB in size and running a command on
those files: $ find / -size +10M -exec command {} ’;’
Finding Files Based on Time and Size
Lab 7.4: Finding Directories and Creating Symbolic Links

Find the init.d directory, starting from /, and then create a symbolic link from
within your home directory to this directory.
Note that this SysVinit directory is no longer used much in systemd-based

systems, but is kept for backwards compatibility reasons.
student:/tmp> find / -type d -name init.d

student:/tmp> cd ~
student:/home/student> ln -s /etc/init.d .
Note you will get a lot of noise about trying to look at files and directories normal
users are not allowed to examine. If you preface the find command
with sudo these will not occur.)
7.11 Install Software

7.11.1 Package Management Systems on Linux
The core parts of a Linux distribution and most of its add-on software are installed
via the Package Management System. Each package contains the files and other
instructions needed to make one software component work well and cooperate
with the other components that comprise the entire system. Packages can depend
on each other. For example, a package for a web-based application written
in PHP can depend on the PHP package.
There are two broad families of
package managers: those based
on Debian and those which
use RPM as their low-level
package manager. The two
systems are incompatible, but
broadly speaking, provide the
same features and satisfy the same
needs. There are some other
systems used by more specialized
Linux distributions.
In this section, you will learn how to install, remove, or search for packages from
the command line using these two package management systems.
7.11.2 Package Managers: Two Levels

Both package management systems operate on two distinct levels: a low-level
tool (such as dpkg or rpm) takes care of the details of unpacking individual
packages, running scripts, getting the software installed correctly, while a high-
level tool (such as apt-get, dnf, yum, or zypper) works with groups of packages,
downloads packages from the vendor, and figures out dependencies.
Most of the time users need to work only with the high-level tool, which will take
care of calling the low-level tool as needed. Dependency resolution is a
particularly important feature of the high-level tool, as it handles the details of
finding and installing each dependency for you. Be careful, however, as installing
a single package could result in many dozens or even hundreds of dependent
packages being installed.
Package Managers: Two Levels
7.11.3 Working With Different Package Management Systems

The Advanced Packaging Tool (apt) is the underlying package management
system that manages software on Debian-based systems. While it forms the
backend for graphical package managers, such as the Ubuntu Software Center
and synaptic, its native user interface is at the command line, with programs that
include apt (or apt-get) and apt-cache.
dnf is the open source command-line package-management utility for the RPM-
compatible Linux systems that belongs to the Red Hat family. dnf has both
command line and graphical user interfaces. Fedora and RHEL 8 replaced the
older yum utility with dnf, thereby eliminating a lot of historical baggage, as
well as introducing many nice new capabilities. dnf is pretty much backwards-
compatible with yum for day-to-day commands.
Working with Different Package Management Systems
zypper is the package management system for the SUSE/openSUSE family and
is also based on RPM. zypper also allows you to manage repositories from the
command line. zypper is fairly straightforward to use and
resembles dnf/yum quite closely.
To learn the basic packaging commands, take a look at these basic packaging
commands:
Operation rpm deb
Install package rpm -i foo.rpm dpkg --install foo.deb
Install package, dependencies dnf install foo apt-get install foo
Remove package rpm -e foo.rpm dpkg --remove foo.deb
Remove package, dependencies dnf remove foo apt-get autoremove foo
Update package rpm -U foo.rpm dpkg --install foo.deb
Update package, dependencies dnf update foo apt-get install foo
Update entire system dnf update apt-get dist-upgrade
Show all installed packages rpm -qa or dnf dpkg --list

list installed
Get information on package rpm -qil foo dpkg --listfiles foo

Show packages named foo dnf list "foo" apt-cache search foo
Show all available packages dnf list apt-cache dumpavail foo
What package is file part of? rpm -qf file dpkg --search file
Lab 7.5: Installing and Removing Software Packages
Using the upper-level package management system appropriate for your Linux
distribution, do the following:
1. Install the dump package on your system.

2. Remove the dump package from your system.
NOTE: If dump is already installed (you will be told so when you try to install),
then do things in opposite order, i.e. remove and then install.
student:/tmp> apt-get install dump

student:/tmp> apt-get remove dump
or
student:/tmp> dnf install dump
student:/tmp> dnf remove dump
or
student:/tmp> yum install dump
student:/tmp> yum remove dump
or
student:/tmp> zypper install dump
student:/tmp> zypper remove dump
Chapter 9. Process Management
Mục tiêu:
 Describe what a process is and distinguish between types of processes.

 Enumerate process attributes.
 Manage processes using ps and top.
 Understand the use of load averages and other process metrics.
 Manipulate processes by putting them in background and restoring them to
foreground.
 Use at, cron, and sleep to schedule processes in the future or pause them.
9.1 Introduction to Processes and Process Attributes
9.1.1 Processes
A process is simply an instance of one or more related tasks (threads) executing

on your computer. It is not the same as a program or a command. A single
command may actually start several processes simultaneously. Some processes
are independent of each other and others are related. A failure of one process may
or may not affect the others running on the system.
 Processes use many system resources, such as memory, CPU (central

processing unit) cycles, and peripheral devices, such as network cards, hard
drives, printers and displays. The operating system (especially the kernel)
is responsible for allocating a proper share of these resources to each
process and ensuring overall optimized system utilization.
9.1.2 Process Types
A terminal window (one kind of command shell) is a process that runs as long as
needed. It allows users to execute programs and access resources in an interactive
environment. You can also run programs in the background, which means they
become detached from the shell.
Processes can be of different types according to the task being performed. Here
are some different process types, along with their descriptions and examples:
Process Description Example

Type
Interactive Need to be started by a user, either at a command line bash, firefox,

Processes or through a graphical interface such as an icon or a top
menu selection.
Batch Automatic processes which are scheduled from and updatedb,

Processes then disconnected from the terminal. These tasks are ldconfig
queued and work on a FIFO (First-In, First-Out)
basis.
Daemons Server processes that run continuously. Many are httpd, sshd,
launched during system startup and then wait for a libvirtd
user or system request indicating that their service is
required.
Threads Lightweight processes. These are tasks that run under firefox,
the umbrella of a main process, sharing memory and gnome-
other resources, but are scheduled and run by the terminal-
system on an individual basis. An individual thread server
can end without terminating the whole process and a
process can create new threads at any time. Many
non-trivial programs are multi-threaded.
Kernel Kernel tasks that users neither start nor terminate and kthreadd,
Threads have little control over. These may perform actions migration,
like moving a thread from one CPU to another, or ksoftirqd
making sure input/output operations to disk are
completed.
Process Scheduling and States
A critical kernel function called the scheduler constantly shifts processes on and
off the CPU, sharing time according to relative priority, how much time is needed
and how much has already been granted to a task.
When a process is in a so-called running state, it means it is either currently

executing instructions on a CPU, or is waiting to be granted a share of time (a time
slice) so it can execute. All processes in this state reside on what is called
a run queue and on a computer with multiple CPUs, or cores, there is a run queue
on each.
9.1.3 Process Scheduling and States
However, sometimes processes go into what is called a sleep state, generally

when they are waiting for something to happen before they can resume, perhaps
for the user to type something. In this condition, a process is said to be sitting on
a wait queue.
There are some other less frequent process states, especially when a process is
terminating. Sometimes, a child process completes, but its parent process has not
asked about its state. Amusingly, such a process is said to be in a zombie state; it
is not really alive, but still shows up in the system's list of processes.
9.1.4 Process and Thread IDs

At any given time, there are always multiple processes being executed. The
operating system keeps track of them by assigning each a unique process ID
(PID) number. The PID is used to track process state, CPU usage, memory use,
precisely where resources are located in memory, and other characteristics.
New PIDs are usually assigned in ascending order as processes are born. Thus,
PID 1 denotes the init process (initialization process), and succeeding processes
are gradually assigned higher numbers.
The table explains the PID types and their descriptions:
ID Type Description
Process ID Unique Process ID number

(PID)
Parent Process Process (Parent) that started this process. If the parent dies, the
ID (PPID) PPID will refer to an adoptive parent; on recent kernels, this is
kthreadd which has PPID=2.
Thread ID Thread ID number. This is the same as the PID for single-
(TID) threaded processes. For a multi-threaded process, each thread
shares the same PID, but has a unique TID.
9.1.5 Terminating a Process
At some point, one of your applications may stop working properly. How do you
eliminate it?
To terminate a process, you can type kill -SIGKILL <pid> or kill -9 <pid>.
Note, however, you can only kill your own processes; those belonging to another
user are off limits, unless you are root.
9.1.6 User and Group IDs
Many users can access a system simultaneously, and each user can run multiple
processes. The operating system identifies the user who starts the process by the
Real User ID (RUID) assigned to the user.
The user who determines the access rights for the users is identified by the
Effective UID (EUID). The EUID may or may not be the same as the RUID.
User and Group IDs
Users can be categorized into various groups. Each group is identified by the Real
Group ID (RGID). The access rights of the group are determined by the Effective
Group ID (EGID). Each user can be a member of one or more groups.
Most of the time we ignore these details and just talk about the User ID (UID)
and Group ID (GID).
9.1.7 More About Priorities

At any given time, many processes are running (i.e. in the run queue) on the
system. However, a CPU can actually accommodate only one task at a time, just
like a car can have only one driver at a time. Some processes are more important
than others, so Linux allows you to set and manipulate process priority. Higher
priority processes grep preferential access to the CPU.
The priority for a process can be set by specifying a nice value, or niceness, for
the process. The lower the nice value, the higher the priority. Low values are
assigned to important processes, while high values are assigned to processes that
can wait longer. A process with a high nice value simply allows other processes
to be executed first. In Linux, a nice value of -20 represents the highest priority
and +19 represents the lowest. While this may sound backwards, this convention
(the nicer the process, the lower the priority) goes back to the earliest days of
UNIX.
nice Output
You can also assign a so-called real-time priority to time-sensitive tasks, such
as controlling machines through a computer or collecting incoming data. This is
just a very high priority and is not to be confused with what is called hard real-
time which is conceptually different, and has more to do with making sure a job
gets completed within a very well-defined time window.
Nice Values
9.2 Process metrics and Process Control

9.2.1 Load Averages
The load average is the average of the load number for a given period of time. It
takes into account processes that are:
 Actively running on a CPU.

 Considered runnable, but waiting for a CPU to become available.
 Sleeping: i.e. waiting for some kind of resource (typically, I/O) to become
available.
NOTE: Linux differs from other UNIX-like operating systems in that it includes
the sleeping processes. Furthermore, it only includes so-
called uninterruptible sleepers, those which cannot be awakened easily.
The load average can be viewed by running w, top or uptime. We will explain
the numbers on the next page.
Load Averages
9.2.2 Interpreting Load Averages

The load average is displayed using three numbers (0.45, 0.17, and 0.12) in the
below screenshot. Assuming our system is a single-CPU system, the three load
average numbers are interpreted as follows:
 0.45: For the last minute the system has been 45% utilized on average.
 0.17: For the last 5 minutes utilization has been 17%.
 0.12: For the last 15 minutes utilization has been 12%.
If we saw a value of 1.00 in the second position, that would imply that the single-
CPU system was 100% utilized, on average, over the past 5 minutes; this is good
if we want to fully use a system. A value over 1.00 for a single-CPU system
implies that the system was over-utilized: there were more processes needing
CPU than CPU was available.
If we had more than one CPU, say a quad-CPU system, we would divide the load
average numbers by the number of CPUs. In this case, for example, seeing a 1
minute load average of 4.00 implies that the system as a whole was 100% (4.00/4)
utilized during the last minute.
Short-term increases are usually not a problem. A high peak you see is likely a
burst of activity, not a new level. For example, at start up, many processes start
and then activity settles down. If a high peak is seen in the 5 and 15 minute load
averages, it may be cause for concern.
Interpreting Load Averages
9.2.3 Background and Foreground Processes

Linux supports background and foreground job processing. A job in this context
is just a command launched from a terminal window. Foreground jobs run
directly from the shell, and when one foreground job is running, other jobs need
to wait for shell access (at least in that terminal window if using the GUI) until it
is completed. This is fine when jobs complete quickly. But this can have an
adverse effect if the current job is going to take a long time (even several hours)
to complete.
In such cases, you can run the job in the background and free the shell for other
tasks. The background job will be executed at lower priority, which, in turn, will
allow smooth execution of the interactive tasks, and you can type other
commands in the terminal window while the background job is running. By
default, all jobs are executed in the foreground. You can put a job in the
background by suffixing & to the command, for example: updatedb &.
You can either use CTRL-Z to suspend a foreground job or CTRL-C to

terminate a foreground job and can always use the bg and fg commands to run a
process in the background and foreground, respectively.
Background and Foreground Processes
9.2.4 Managing Jobs

The jobs utility displays all jobs running in background. The display shows the
job ID, state, and command name, as shown here.
jobs -l provides the same information as jobs, and adds the PID of the
background jobs.
The background jobs are connected to the terminal window, so, if you log off,
the jobs utility will not show the ones started from that window.
Managing Jobs
Lab 9.1: Getting Uptime and Load Averages

Ascertain how long your system has been up.
Display its load averages.
A very simple method is just to use the uptime utility:

student:/tmp> uptime
10:26:40 up 3:19, 5 users, load average: 1.46, 1.40, 1.19
A second method is to look at the first line of output from top (to be discussed in
detail shortly):
student:/tmp> top | head
top - 10:28:11 up 3:20, 5 users, load average: 1.93, 1.52, 1.25
Tasks: 313 total, 1 running, 312 sleeping, 0 stopped, 0 zombie
%Cpu(s): 1.0 us, 0.3 sy, 0.0 ni, 98.2 id, 0.5 wa, 0.0 hi, 0.0 si, 0.0
KiB Mem : 16284472 total, 6556792 free, 1029760 used, 8697920 buff/cache
KiB Swap: 8290300 total, 8290300 free, 0 used. 10364220 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+

COMMAND
2615 coop 20 0 504536 186312 65488 S 6.7 1.1 6:28.30 skype-b+
18248 coop 20 0 655804 50816 30884 S 6.7 0.3 0:20.11 emacs
1 root 20 0 204912 6508 3956 S 0.0 0.0 0:00.92 systemd
A third method is to use w:
student:/tmp> w
10:30:51 up 3:23, 5 users, load average: 0.55, 1.11, 1.14
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
coop :0 :0 07:08 ?xdm? 16:51 0.19s gdm-session-
coop pts/0 :0 07:09 2:22m 0.12s 0.12s bash
coop pts/1 :0 07:09 1:37m 0.42s 0.42s bash
coop pts/2 :0 07:09 0.00s 51.09s 0.00s w
coop pts/3 :0 07:09 27:08 0.25s 0.25s bash
Lab 9.2: Background and Foreground Jobs
We are going to launch a graphical program from a terminal window, so that one
can no longer type in the window. gedit is an easy choice, but you can substitute
any other program that does this.
The solution file contains a step-by-step procedure for putting jobs in

background, bringing them back to foreground, etc. Please repeat the steps,
substituting the program you are using if it is not gedit.
Lab: Background and Foreground Jobs

We are going to launch a graphical program from a terminal window, so that one
can no longer type in the window. gedit is an easy choice but you can substitute
any other program that does this.
1. Open gedit on a new file as in

2. $ gedit somefile
While you can still type in the terminal window, the shell will not pay
attention to what you input.
3. While your pointer is over the terminal window, hit CTRL-Z.

4. ^Z
[3]+ Stopped gedit somefile

You can no longer type in the gedit window.
5. With jobs -l, see what processes have been launched from this terminal
window:
6. $ jobs -l
7. [1] 17705 Running evince *pdf &
8. [2]- 18248 Running emacs /tmp/hello.tex &
9. [3]+ 19827 Stopped gedit somefile
10. Now put the most recent job (gedit somefile) in background:
11. $ bg
12. [3]+ gedit somefile &
Now you should be able to type in the gedit window.
13. Put the process in foreground again:

14. $ fg
15. gedit somefile
Note you once again input to the terminal window. has no effect
16. To clean up, suspend the process again and then use kill to terminate it:
17. ^Z
18. [3]+ Stopped gedit somefile
19. $ jobs -l
22. [3]+ 19827 Stopped gedit somefile
23. $ kill -9 19827
24. $ jobs -l
27. [3]+ 19827 Killed gedit somefile
28. $ jobs -l
29. [1]- 17705 Running evince *pdf &
[2]- 18248 Running emacs /tmp/hello.tex &
9.3 Listing Process: ps and top
9.3.1 The ps Command (System V Style)
ps provides information about currently running processes keyed by PID. If you
want a repetitive update of this status, you can use top or other commonly
installed variants (such as htop or atop) from the command line, or invoke your
distribution's graphical system monitor application.
ps has many options for specifying exactly which tasks to examine, what
information to display about them, and precisely what output format should be
used.
Without options, ps will display all processes running under the current shell.
You can use the -u option to display information of processes for a specified
username. The command ps -ef displays all the processes in the system in full
detail. The command ps -eLf goes one step further and displays one line of
information for every thread (remember, a process can contain multiple threads).
The ps Command (System V Style)
9.3.2 The ps Command (BSD Style)

ps has another style of option specification, which stems from the BSD variety of
UNIX, where options are specified without preceding dashes. For example, the
command ps aux displays all processes of all users. The command ps axo allows
you to specify which attributes you want to view.
The screenshot shows a sample output of ps with the aux and axo qualifiers.
The ps Command (BSD Style)
9.3.3 The Process Tree

pstree displays the processes running on the system in the form of a tree
diagram showing the relationship between a process and its parent process and
any other processes that it created. Repeated entries of a process are not displayed,
and threads are displayed in curly braces.
The Process Tree
9.3.4 top
While a static view of what the system is doing is useful, monitoring the system
performance live over time is also valuable. One option would be to run ps at
regular intervals, say, every few seconds. A better alternative is to use top to get
constant real-time updates (every two seconds by default), until you exit by
typing q.top clearly highlights which processes are consuming the most CPU
cycles and memory (using appropriate commands from within top).
top
9.3.5 First Line of the top Output

The first line of the top output displays a quick summary of what is happening in
the system, including:
 How long the system has been up

 How many users are logged on
 What is the load average
The load average determines how busy the system is. A load average of 1.00 per
CPU indicates a fully subscribed, but not overloaded, system. If the load average
goes above this value, it indicates that processes are competing for CPU time. If
the load average is very high, it might indicate that the system is having a
problem, such as a runaway process (a process in a non-responding state).
First Line of the top Output
9.3.6 Second Line of the top Output

The second line of the top output displays the total number of processes, the
number of running, sleeping, stopped, and zombie processes. Comparing the
number of running processes with the load average helps determine if the system
has reached its capacity or perhaps a particular user is running too many
processes. The stopped processes should be examined to see if everything is
running correctly.
Second Line of the top Output
9.3.7 Third Line of the top Output

The third line of the top output indicates how the CPU time is being divided
between the users (us) and the kernel (sy) by displaying the percentage of CPU
time used for each.
The percentage of user jobs running at a lower priority (niceness - ni) is then
listed. Idle mode (id) should be low if the load average is high, and vice
versa. The percentage of jobs waiting (wa) for I/O is listed. Interrupts include the
percentage of hardware (hi) vs. software interrupts (si). Steal time (st) is
generally used with virtual machines, which has some of its idle CPU time taken
for other uses.
9.3.8 Fourth and Fifth Lines of the top Output

The fourth and fifth lines of the top output indicate memory usage, which is
divided in two categories:
 Physical memory (RAM) – displayed on line 4.

 Swap space – displayed on line 5.
Both categories display total memory, used memory, and free space.
You need to monitor memory usage very carefully to ensure good system
performance. Once the physical memory is exhausted, the system starts using
swap space (temporary storage space on the hard drive) as an extended memory
pool, and since accessing disk is much slower than accessing memory, this will
negatively affect system performance.
If the system starts using swap often, you can add more swap space. However,
adding more physical memory should also be considered.
9.3.10 Process List of the top Output

Each line in the process list of the top output displays information about a
process. By default, processes are ordered by highest CPU usage. The following
information about each process is displayed:
 Process Identification Number (PID)

 Process owner (USER)
 Priority (PR) and nice values (NI)
 Virtual (VIRT), physical (RES), and shared memory (SHR)
 Status (S)
 Percentage of CPU (%CPU) and memory (%MEM) used
 Execution time (TIME+)
 Command (COMMAND).
9.3.11 Interactive Keys with top
Besides reporting information, top can be utilized interactively for monitoring
and controlling processes. While top is running in a terminal window, you can
enter single-letter commands to change its behavior. For example, you can view
the top-ranked processes based on CPU or memory usage. If needed, you can
alter the priorities of running processes or you can stop/kill a process.
The table lists what happens when pressing various keys when running top:
Command Output
t Display or hide summary information (rows 2 and 3)

m Display or hide memory information (rows 4 and 5)
A Sort the process list by top resource consumers
r Renice (change the priority of) a specific processes
k Kill a specific process
f Enter the top configuration screen
o Interactively select a new sort order in the process list

9.4 Scheduling Future Processes Using at
Suppose you need to perform a task on a specific day sometime in the future.
However, you know you will be away from the machine on that day. How will
you perform the task? You can use the at utility program to execute any non-
interactive command at a specified time, as illustrated in the screenshot below:
Scheduling Future Processes Using at
9.5 cron
cron is a time-based scheduling utility program. It can launch routine background
jobs at specific times and/or days on an on-going basis. cron is driven by a
configuration file called /etc/crontab (cron table), which contains the various
shell commands that need to be run at the properly scheduled times. There are
both system-wide crontab files and individual user-based ones. Each line of
a crontab file represents a job, and is composed of a so-
called CRON expression, followed by a shell command to execute.
Typing crontab -e will open the crontab editor to edit existing jobs or to create
new jobs. Each line of the crontab file will contain 6 fields:
Field Description Values
MIN Minutes 0 to 59
HOUR Hour field 0 to 23
DOM Day of Month 1-31
MON Month field 1-12
DOW Day Of Week 0-6 (0 = Sunday)
CMD Command Any command to be executed
Examples:
 The entry * * * * * /usr/local/bin/execute/this/script.sh will schedule a job to

execute script.sh every minute of every hour of every day of the month, and
every month and every day in the week.
 The entry 30 08 10 06 * /home/sysadmin/full-backup will schedule a full-
backup at 8.30 a.m., 10-June, irrespective of the day of the week.
 Starting Processes in the Future
9.6 sleep
Sometimes, a command or job must be delayed or suspended. Suppose, for
example, an application has read and processed the contents of a data file and
then needs to save a report on a backup system. If the backup system is currently
busy or not available, the application can be made to sleep (wait) until it can
complete its work. Such a delay might be to mount the backup device and prepare
it for writing.
sleep suspends execution for at least the specified period of time, which can be
given as the number of seconds (the default), minutes, hours, or days. After that
time has passed (or an interrupting signal has been received), execution will
resume.
The syntax is: sleep NUMBER[SUFFIX]...
where SUFFIX may be:
 s for seconds (the default)

 m for minutes
 h for hours
 d for days.
sleep and at are quite different; sleep delays execution for a specific period,
while at starts execution at a later time.
sleep
Lab 9.3: Using at for Batch Processing in the Future

Schedule a very simple task to run at a future time from now. This can be as
simple as running ls or date and saving the output. You can use a time as short as
one minute in the future.
Note that the command will run in the directory from which you schedule it
with at.
Do this:
1. From a short bash script.

2. Interactively.
1. Create the file testat.sh containing:

2. #!/bin/bash
3. date > /tmp/datestamp
and then make it executable and queue it up with at:
$ chmod +x testat.sh
$ at now + 1 minute -f testat.sh
You can see if the job is queued up to run with atq:
$ atq
17 Wed Apr 22 08:55:00 2015 a student
Make sure the job actually ran:
$ cat /tmp/datestamp
Wed Apr 22 08:55:00 CDT 2015
What happens if you take the /tmp/datestamp out of the command? (Hint:
type mail if not prompted to do so!)
4. Interactively it is basically the same procedure. Just queue up the job with:
5. $ at now + 1 minute
6. at> date > /tmp/datestamp
7. CTRL-D
$ atq
Lab 9.4: Scheduling a Periodic Task with cron
Set up a cron job to do some simple task every day at 10 a.m.
Set up a cron job to do some simple task every day at 10 AM. Create a file
named mycrontab with the following content:
0 10 * * * /tmp/myjob.sh
and then create /tmp/myjob.sh containing:

#!/bin/bash
echo Hello I am running $0 at $(date)
and make it executable:

$ chmod +x /tmp/myjob.sh
Put it in the crontab system with:

$ crontab mycrontab
and verify it was loaded with:

$ crontab -l
$ sudo ls -l /var/spool/cron/student
-rw------- 1 student student 25 Apr 22 09:59 /var/spool/cron/student
$ sudo cat /var/spool/cron/student
Note you if don't really want this running every day, printing out messages like:
Hello I am running /tmp/myjob.sh at Wed Apr 22 10:03:48 CDT 2015
and mailing them to you, you can remove it with:

$ crontab -r
If the machine is not up at 10 AM on a given day, anacron will run the job at a
suitable time.
Chương 10. File Operations
Mục tiêu:
 Explore the filesystem and its hierarchy.

 Explain the filesystem architecture.
 Compare files and identify different file types.
 Back up and compress data.
10.1 Filesystems
10.1.1 Introduction to Filesystem
In Linux (and all UNIX-like operating systems) it is often said “Everything is a
file”, or at least it is treated as such. This means whether you are dealing with
normal data files and documents, or with devices such as sound cards and printers,
you interact with them through the same kind of Input/Output (I/O) operations.
This simplifies things: you open a “file” and perform normal operations like
reading the file and writing on it (which is one reason why text editors, which you
will learn about in an upcoming section, are so important).
On many systems (including Linux), the filesystem is structured like a tree. The
tree is usually portrayed as inverted, and starts at what is most often called
the root directory, which marks the beginning of the hierarchical filesystem and
is also sometimes referred to as the trunk, or simply denoted by /. The root
directory is not the same as the root user. The hierarchical filesystem also
contains other elements in the path (directory names), which are separated by
forward slashes (/), as in /usr/bin/emacs, where the last element is the actual file
name.
In this section, you will learn about some basic concepts, including the filesystem
hierarchy, as well as about disk partitions.
Filesystems
10.1.2 Filesystem Varieties

Linux supports a number of native filesystem types, expressly created by Linux
developers, such as:
 ext3
 ext4
 squashfs
 btrfs.
It also offers implementations of filesystems used on other alien operating

systems, such as those from:
 Windows (ntfs, vfat)

 SGI (xfs)
 IBM (jfs)
 MacOS (hfs, hfs+).
Many older, legacy filesystems, such as FAT, are also supported.
It is often the case that more than one filesystem type is used on a machine, based
on considerations such as the size of files, how often they are modified, what kind
of hardware they sit on and what kind of access speed is needed, etc. The most
advanced filesystem types in common use are the journaling varieties: ext4, xfs,
btrfs, and jfs. These have many state-of-the-art features and high performance,
and are very hard to corrupt accidentally.
10.1.3 Linux Partitions
Each filesystem on a Linux system occupies a disk partition. Partitions help to
organize the contents of disks according to the kind and use of the data contained.
For example, important programs required to run the system are often kept on a
separate partition (known as root or /) than the one that contains files owned by
regular users of that system (/home). In addition, temporary files created and
destroyed during the normal operation of Linux may be located on dedicated
partitions. One advantage of this kind of isolation by type and variability is that
when all available space on a particular partition is exhausted, the system may
still operate normally.
The pictures shows the use of the gparted utility, which displays the partition
layout on a system which has three operating systems on it: RHEL 8, CentOS 7,
Ubuntu and Windows.
Linux Partitions: gparted
10.1.4 Mount Points

Before you can start using a filesystem, you need to mount it on the filesystem
tree at a mount point. This is simply a directory (which may or may not be empty)
where the filesystem is to be grafted on. Sometimes, you may need to create the
directory if it does not already exist.
Mount Points
WARNING: If you mount a filesystem on a non-empty directory, the former

contents of that directory are covered-up and not accessible until the filesystem
is unmounted. Thus, mount points are usually empty directories.
10.1.5 Mounting and Unmounting

The mount command is used to attach a filesystem (which can be local to the
computer or on a network) somewhere within the filesystem tree. The basic
arguments are the device node and mount point. For example,
$ sudo mount /dev/sda5 /home
will attach the filesystem contained in the disk partition associated with
the /dev/sda5 device node, into the filesystem tree at the /home mount point.
There are other ways to specify the partition other than the device node, such as
using the disk label or UUID.
To unmount the partition, the command would be:
$ sudo umount /home
Note the command is umount, not unmount! Only a root user (logged in as root,
or using sudo) has the privilege to run these commands, unless the system has
been otherwise configured.
If you want it to be automatically available every time the system starts up, you
need to edit /etc/fstab accordingly (the name is short for filesystem table).
Looking at this file will show you the configuration of all pre-configured
filesystems. man fstab will display how this file is used and how to configure it.
Executing mount without any arguments will show all presently mounted
filesystems.
The command df -Th (disk-free) will display information about mounted

filesystems, including the filesystem type, and usage statistics about currently
used and available space.
Mounting and Unmounting
10.1.6 NFS and Network Filesystems

It is often necessary to share data across physical systems which may be either in
the same location or anywhere that can be reached by the Internet. A network
(also sometimes called distributed) filesystem may have all its data on one
machine or have it spread out on more than one network node. A variety of
different filesystems can be used locally on the individual machines; a network
filesystem can be thought of as a grouping of lower level filesystems of varying
types.
Many system administrators mount remote users' home directories on a server in
order to give them access to the same files and configuration files across
multiple client systems. This allows the users to log in to different computers, yet
still have access to the same files and resources.
The most common such filesystem is named

simply NFS (the Network Filesystem). It has a very long history and was first
developed by Sun Microsystems. Another common implementation
is CIFS (also termed SAMBA), which has Microsoft roots. We will restrict our
attention in what follows to NFS.
10.1.7 NFS on the Server

We will now look in detail at how to use NFS on the server.
On the server machine, NFS uses daemons (built-in networking and service
processes in Linux) and other system servers are started at the command line by
typing:
$ sudo systemctl start nfs
NOTE: On RHEL/CentOS 8, the service is called nfs-server, not nfs.
The text file /etc/exports contains the directories and permissions that a host is
willing to share with other systems over NFS. A very simple entry in this file may
look like the following:
/projects *.example.com(rw)
This entry allows the directory /projects to be mounted using NFS with read and
write (rw) permissions and shared with other hosts in the example.com domain.
As we will detail in the next chapter, every file in Linux has three possible
permissions: read (r), write (w) and execute (x).
After modifying the /etc/exports file, you can type exportfs -av to notify Linux
about the directories you are allowing to be remotely mounted using NFS. You
can also restart NFS with sudo systemctl restart nfs, but this is heavier, as it
halts NFS for a short while before starting it up again. To make sure the NFS
service starts whenever the system is booted, issue sudo systemctl enable nfs.
NFS on the Server
10.1.8 NFS on the Client

On the client machine, if it is desired to have the remote filesystem mounted
automatically upon system boot, /etc/fstab is modified to accomplish this. For
example, an entry in the client's /etc/fstab might look like the following:
servername:/projects /mnt/nfs/projects nfs defaults 0 0
You can also mount the remote filesystem without a reboot or as a one-time
mount by directly using the mount command:
$ sudo mount servername:/projects /mnt/nfs/projects
Remember, if /etc/fstab is not modified, this remote mount will not be present
the next time the system is restarted. Furthermore, you may want to use
the nofail option in fstab in case the NFS server is not live at boot.
NFS on the Client
Lab 10.1: Exploring Mounted Filesystems

Issue the command:
student:/tmp> cat /etc/fstab
Now type:
student:/tmp> mount
Compare the results. What are the differences?
Find another way to see a list of the mounted filesystems, by examining

the /proc pseudo-filesystem.
Lab Solution: Exploring Mounted Filesystems

Typically, mount will show more filesystems mounted than are shown
in /etc/fstab , which only lists those which are explicitly requested.
The system, however, will mount additional special filesystems required for
normal operation, which are not enumerated in /etc/fstab .
Another way to show mounted filesystems is to type:
sudent:/tmp> cat /proc/mounts
which is essentially how the utility gets its information.
10.2 FileSystem Architecture

10.2.1 Overview of User Home Directories
In this section, you will learn to identify and differentiate between the most
important directories found in Linux. We start with ordinary users' home
directory space.
Each user has a home directory, usually placed under /home. The /root ("slash-
root") directory on modern Linux systems is no more than the home directory of
the root user (or superuser, or system administrator account).
On multi-user systems, the /home directory infrastructure is often mounted as a

separate filesystem on its own partition, or even exported (shared) remotely on a
network through NFS.
Sometimes, you may group users based on their department or function. You can
then create subdirectories under the /home directory for each of these groups. For
example, a school may organize /home with something like the following:
/home/faculty/
/home/staff/
/home/students/
Home Directories
10.2.2 The /bin and /sbin Directories

The /bin directory contains executable binaries, essential commands used to boot
the system or in single-user mode, and essential commands required by all system
users, such as cat, cp, ls, mv, ps, and rm.
10.2.3 /bin Directory
Likewise, the /sbin directory is intended for essential binaries related to system
administration, such as fsckand ip. To view a list of these programs, type:
$ ls /bin /sbin
10.2.4 /sbin Directory
Commands that are not essential (theoretically) for the system to boot or operate
in single-user mode are placed in the /usr/bin and /usr/sbin directories.
Historically, this was done so /usr could be mounted as a separate filesystem that
could be mounted at a later stage of system startup or even over a network.
However, nowadays most find this distinction is obsolete. In fact, many
distributions have been discovered to be unable to boot with this separation, as
this modality had not been used or tested for a long time.
Thus, on some of the newest Linux distributions /usr/bin and /bin are actually
just symbolically linked together, as are /usr/sbin and /sbin.
10.2.5 The /proc Filesystem
Certain filesystems, like the one mounted at /proc, are called pseudo-
filesystems because they have no permanent presence anywhere on the disk.
The /proc filesystem contains virtual files (files that exist only in memory) that
permit viewing constantly changing kernel data. /proc contains files and
directories that mimic kernel structures and configuration information. It does not
contain real files, but runtime system information, e.g. system memory, devices
mounted, hardware configuration, etc. Some important entries in /proc are:
/proc/cpuinfo
/proc/interrupts
/proc/meminfo
/proc/mounts
/proc/partitions
/proc/version
/proc has subdirectories as well, including:
/proc/<Process-ID-#>
/proc/sys
The first example shows there is a directory for every process running on the
system, which contains vital information about it. The second example shows a
virtual directory that contains a lot of information about the entire system, in
particular its hardware and configuration. The /proc filesystem is very useful
because the information it reports is gathered only as needed and never needs
storage on the disk.
The /proc Filesystem
10.2.6 The /dev Directory

The /dev directory contains device nodes, a type of pseudo-file used by most
hardware and software devices, except for network devices. This directory is:
 Empty on the disk partition when it is not mounted
 Contains entries which are created by the udev system, which creates and
manages device nodes on Linux, creating them dynamically when devices are
found. The /dev directory contains items such as:
1. /dev/sda1 (first partition on the first hard disk)

2. /dev/lp1 (second printer)
3. /dev/random (a source of random numbers).
The /dev Directory
10.2.7 The /var Directory

The /var directory contains files that are expected to change in size and content
as the system is running (var stands for variable), such as the entries in the
following directories:
 System log files: /var/log

 Packages and database files: /var/lib
 Print queues: /var/spool
 Temporary files: /var/tmp.
10.2.8 The /var Directory
The /var directory may be put on its own filesystem so that growth of the files
can be accommodated and any exploding file sizes do not fatally affect the
system. Network services directories such as /var/ftp (the FTP service)
and /var/www (the HTTP web service) are also found under /var.
10.2.9 The /etc Directory

The /etc directory is the home for system configuration files. It contains no binary
programs, although there are some executable scripts. For
example, /etc/resolv.conf tells the system where to go on the network to obtain
host name to IP address mappings (DNS). Files
like passwd, shadow and group for managing user accounts are found in
the /etc directory. While some distributions have historically had their own
extensive infrastructure under /etc (for example, Red Hat and SUSE have
used /etc/sysconfig), with the advent of systemd there is much more uniformity
among distributions today.
Note that /etc is for system-wide configuration files and only the superuser can
modify files there. User-specific configuration files are always found under their
home directory.
The /var Directory
10.2.10 The /boot Directory

The /boot directory contains the few essential files needed to boot the system. For
every alternative kernel installed on the system there are four files:
1. vmlinuz
The compressed Linux kernel, required for booting.
2. initramfs
The initial ram filesystem, required for booting, sometimes called initrd, not
initramfs.
3. config
The kernel configuration file, only used for debugging and bookkeeping.
4. System.map
Kernel symbol table, only used for debugging.
Each of these files has a kernel version appended to its name.
The Grand Unified Bootloader (GRUB) files such

as /boot/grub/grub.conf or /boot/grub2/grub2.cfg are also found under
the /boot directory.
The /boot Directory
The screenshot shows an example listing of the /boot directory, taken from a
RHEL system that has multiple installed kernels, including both distribution-
supplied and custom-compiled ones. Names will vary and things will tend to look
somewhat different on a different distribution.
10.2.11 The /lib and /lib64 Directories

/lib contains libraries (common code shared by applications and needed for them
to run) for the essential programs in /bin and /sbin. These library filenames either
start with ld or lib. For example, /lib/libncurses.so.5.9.
Most of these are what is known as dynamically loaded libraries (also known as
shared libraries or Shared Objects (SO)). On some Linux distributions there exists
a /lib64 directory containing 64-bit libraries, while /lib contains 32-bit versions.
On recent Linux distributions, one finds:

The /lib and /lib64 Directories
i.e., just like for /bin and /sbin, the directories just point to those under /usr.
Kernel modules (kernel code, often device drivers, that can be loaded and
unloaded without re-starting the system) are located in /lib/modules/<kernel-
version-number>.
/lib/modules Contents
10.3 Removable media: the /media, /run and /mnt Directories

One often uses removable media, such as USB drives, CDs and DVDs. To make
the material accessible through the regular filesystem, it has to be mounted at a
convenient location. Most Linux systems are configured so any removable media
are automatically mounted when the system notices something has been plugged
in.
While historically this was done under the /media directory, modern Linux
distributions place these mount points under the /run directory. For example,
a USB pen drive with a label myusbdrive for a user name student would be
mounted at /run/media/student/myusbdrive.
The /mnt directory has been used since the early days of UNIX for temporarily
mounting filesystems. These can be those on removable media, but more often
might be network filesystems, which are not normally mounted. Or these can be
temporary partitions, or so-called loopback filesystems, which are files which
pretend to be partitions.
The /run Directory
10.4 Additional Directories Under /:

There are some additional directories to be found under the root directory:
Directory Usage
Name
/opt Optional application software packages
/sys Virtual pseudo-filesystem giving information about the system and

the hardware
Can be used to alter system parameters and for debugging purposes
/srv Site-specific data served up by the system

Seldom used
/tmp Temporary files; on some distributions erased across a reboot

and/or may actually be a ramdisk in memory
/usr Multi-user applications, utilities and data

10.4.1 The /usr Directory Tree
The /usr directory tree contains theoretically non-essential programs and scripts
(in the sense that they should not be needed to initially boot the system) and has
at least the following sub-directories:
Directory Usage
Name
/usr/include Header files used to compile applications
/usr/lib Libraries for programs in /usr/bin and /usr/sbin
/usr/lib64 64-bit libraries for 64-bit programs in /usr/bin and /usr/sbin
/usr/sbin Non-essential system binaries, such as system daemons
/usr/share Shared data used by applications, generally architecture-

independent
/usr/src Source code, usually for the Linux kernel
/usr/local Data and programs specific to the local machine; subdirectories

include bin, sbin, lib, share, include, etc.
/usr/bin This is the primary directory of executable commands on the

system
10.5 Comparing Files with diff
Now that you know about the filesystem and its structure, let’s learn how to
manage files and directories.
diff is used to compare files and directories. This often-used utility program has
many useful options (see: man diff) including:
diff Option Usage
-c Provides a listing of differences that include three lines of context

before and after the lines differing in content
-r Used to recursively compare subdirectories, as well as the current

directory
-i Ignore the case of letters
-w Ignore differences in spaces and tabs (white space)
-q Be quiet: only report if files are different without listing the

differences
To compare two files, at the command prompt, type diff [options] <filename1>
<filename2>. diff is meant to be used for text files; for binary files, one can
use cmp.
In this section, you will learn additional methods for comparing files and how to
apply patches to files.
10.5.1 Using diff3 and patch

You can compare three files at once using diff3, which uses one file as the
reference basis for the other two. For example, suppose you and a co-worker both
have made modifications to the same file working at the same time
independently. diff3 can show the differences based on the common file you both
started with. The syntax for diff3 is as follows:
$ diff3 MY-FILE COMMON-FILE YOUR-FILE
The graphic shows the use of diff3.
10.5.2 Using diff3
Many modifications to source code and configuration files are distributed

utilizing patches, which are applied, not surprisingly, with the patch program. A
patch file contains the deltas (changes) required to update an older version of a
file to the new one. The patch files are actually produced by running diff with the
correct options, as in:
$ diff -Nur originalfile newfile > patchfile
Distributing just the patch is more concise and efficient than distributing the
entire file. For example, if only one line needs to change in a file that contains
1000 lines, the patch file will be just a few lines long.
10.5.3 Using patch
To apply a patch, you can just do either of the two methods below:
$ patch -p1 < patchfile
$ patch originalfile patchfile
The first usage is more common, as it is often used to apply changes to an entire
directory tree, rather than just one file, as in the second example. To understand
the use of the -p1 option and many others, see the man page for patch.
10.5.4 Using the file Utility

In Linux, a file's extension often does not categorize it the way it might in other
operating systems. One cannot assume that a file named file.txt is a text file and
not an executable program. In Linux, a filename is generally more meaningful to
the user of the system than the system itself. In fact, most applications directly
examine a file's contents to see what kind of object it is rather than relying on an
extension. This is very different from the way Windows handles filenames, where
a filename ending with .exe, for example, represents an executable binary file.
The real nature of a file can be ascertained by using the file utility. For the file
names given as arguments, it examines the contents and certain characteristics to
determine whether the files are plain text, shared libraries, executable programs,
scripts, or something else.
Using the file Utility

Please take a look at the following Try-It-Yourself exercise: Comparing Files.
Please take a look at the following Try-It-Yourself exercise: Using file.
Lab 10.2: Using diff and patch

Linux and other open source communities often use the patch utility to
disseminate modifications and updates. Here, we will give a practical
introduction to using diff and patch.
It would be a good idea to read the man pages for both patch and diff to learn
more about advanced options and techniques, that will help one to work more
effectively with patch. In particular, the form of patches has a lot to do with
whether they can be accepted in their submitted form.
1. Change to the /tmp directory.

2. Copy a text file to /tmp. For example, copy /etc/group to /tmp.
3. dd cannot only copy directly from raw disk devices, but from regular files as well.
Remember, in Linux, everything is pretty much treated as a file. dd can also
perform various conversions. For example, the conv=ucase option will convert
all of the characters to upper-case characters. We will use dd to copy the text file
to a new file in /tmp while converting characters to upper-case, as
in: student:/tmp> dd if=/tmp/group of=/tmp/GROUP conv=ucase.
4. According to the man page for patch, the preferred options for preparing a patch
with diff are -Naur when comparing two directory trees recursively. We will
ignore the -a option, which means treat all files as text,
since patch and diff should only be used on text files anyway. Since we are just
comparing two files, we do not need to use the N or r options to diff, but we
could use them anyway as it will not make a difference.
Compare group and GROUP using diff, and prepare a proper patch file.
5. Use patch to patch the original file, /tmp/group, so its contents now match those
of the modified file, /tmp/GROUP. You might try with the --dry-run option
first!
6. Finally, to prove that your original file is now patched to be the same one with all
upper-case characters, use diff on those two files. The files should be the same
and you will not get any output from diff.
Using diff and patch
For this exercise, you could use any text file, but we will use /etc/group as
described.
student:/tmp> cd /tmp
student:/tmp> cp /etc/group /tmp
student:/tmp> dd if=/tmp/group of=/tmp/GROUP conv=ucase
1+1 records in
1+1 records out
963 bytes (963 B) copied, 0.000456456 s, 2.1 MB/s
student:/tmp> diff -Nur group GROUP > patchfile
student:/tmp> cat patchfile
--- group 2015-04-17 11:03:26.710813740 -0500
+++ GROUP 2015-04-17 11:15:14.602813740 -0500
@@ -1,68 +1,68 @@
-root:x:0:
-daemon:x:1:
-bin:x:2:
-sys:x:3:
....
-libvirtd:x:127:student
-vboxsf:x:999:
+ROOT:X:0:
+DAEMON:X:1:
+BIN:X:2:
+SYS:X:3:
.....
student:/tmp> patch --dry-run group patchfile
checking file group
student:/tmp> patch group patchfile
patching file group
Note you could have also done either of these two commands:
student:/tmp> patch group < patchfile

student:/tmp> patch < patchfile
student:/tmp> diff group GROUP
student:/tmp>
10.6 Backing Up and Compressing Data
10.6.1 Backing Up Data
There are many ways you can back up data or even your entire system. Basic
ways to do so include the use of simple copying with cp and use of the more
robust rsync.
Both can be used to synchronize entire directory trees. However, rsync is more
efficient, because it checks if the file being copied already exists. If the file exists
and there is no change in size or modification time, rsync will avoid an
unnecessary copy and save time. Furthermore, because rsync copies only the
parts of files that have actually changed, it can be very fast.
cp can only copy files to and from destinations on the local machine (unless you
are copying to or from a filesystem mounted using NFS), but rsync can also be
used to copy files from one machine to another. Locations are designated in
the target:path form, where target can be in the form of someone@host.
The someone@ part is optional and used if the remote user is different from the
local user.
rsync is very efficient when recursively copying one directory tree to another,
because only the differences are transmitted over the network. One often
synchronizes the destination directory tree with the origin, using the -r option to
recursively walk down the directory tree copying all files and directories below
the one listed as the source.
10.6.2 Using rsync

rsync is a very powerful utility. For example, a very useful way to back up a
project directory might be to use the following command:
$ rsync -r project-X archive-machine:archives/project-X
Note that rsync can be very destructive! Accidental misuse can do a lot of harm
to data and programs, by inadvertently copying changes to where they are not
wanted. Take care to specify the correct options and paths. It is highly
recommended that you first test your rsync command using the -dry-run option
to ensure that it provides the results that you want.
To use rsync at the command prompt, type rsync sourcefile destinationfile,
where either file can be on the local machine or on a networked machine; The
contents of sourcefile will be copied to destinationfile.
A good combination of options is shown in:
$ rsync --progress -avrxH --delete sourcedir destdir
10.6.3 Compressing Data

File data is often compressed to save disk space and reduce the time it takes to
transmit files over networks.
Linux uses a number of methods to perform this compression, including:
Command Usage
gzip The most frequently used Linux compression utility
bzip2 Produces files significantly smaller than those produced by gzip
xz The most space-efficient compression utility used in Linux
zip Is often required to examine and decompress archives from other

operating systems
These techniques vary in the efficiency of the compression (how much space is
saved) and in how long they take to compress; generally, the more efficient
techniques take longer. Decompression time does not vary as much across
different methods.
In addition, the tar utility is often used to group files in an archive and then
compress the whole archive at once.
10.6.4 Compressing Data Using gzip

gzip is the most often used Linux compression utility. It compresses very well
and is very fast. The following table provides some usage examples:
Command Usage
gzip * Compresses all files in the current directory; each file is

compressed and renamed with a .gz extension.
gzip -r Compresses all files in the projectX directory, along with all
projectX files in all of the directories under projectX.
gunzip foo De-compresses foo found in the file foo.gz. Under the hood,
the gunzip command is actually the same as gzip –d.
10.6.5 Compressing Data Using bzip2
bzip2 has a syntax that is similar to gzip but it uses a different compression
algorithm and produces significantly smaller files, at the price of taking a longer
time to do its work. Thus, it is more likely to be used to compress larger files.
Examples of common usage are also similar to gzip:
Command Usage
bzip2 * Compresses all of the files in the current directory and replaces each
file with a file renamed with a .bz2 extension.
bunzip2 Decompresses all of the files with an extension of .bz2 in the current
*.bz2 directory. Under the hood, bunzip2 is the same as calling bzip2 -d.
NOTE: bzip2 has lately become deprecated due to lack of maintenance and the
superior compression ratios of xz which is actively maintained.
10.6.5 Compressing Data Using xz

xz is the most space efficient compression utility used in Linux and is used
to store archives of the Linux kernel. Once again, it trades a slower compression
speed for an even higher compression ratio.
Some usage examples:
Command Usage
xz * Compresses all of the files in the current directory and

replaces each file with one with a .xz extension.
xz foo Compresses foo into foo.xz using the default compression

level (-6), and removes foo if compression succeeds.
xz -dk bar.xz Decompresses bar.xz into bar and does not

remove bar.xz even if decompression is successful.
xz -dcf a.txt Decompresses a mix of compressed and uncompressed

b.txt.xz > abcd.txt files to standard output, using a single command.
xz -d *.xz Decompresses the files compressed using xz.
The zip program is not often used to compress files in Linux, but is often required
to examine and decompress archives from other operating systems. It is only used
in Linux when you get a zipped file from a Windows user. It is a legacy program.
Command Usage
zip backup * Compresses all files in the current directory and places
them in the backup.zip.
zip -r backup.zip ~ Archives your login directory (~) and all files and
directories under it in backup.zip.
unzip backup.zip Extracts all files in backup.zip and places them in the
current directory.
10.6.6 Archiving and Compressing Data Using tar
Historically, tar stood for "tape archive" and was used to archive files to a
magnetic tape. It allows you to create or extract files from an archive file, often
called a tarball. At the same time, you can optionally compress while creating
the archive, and decompress while extracting its contents.
Here are some examples of the use of tar:

Command Usage
tar xvf mydir.tar Extract all the files in mydir.tar into

the mydir directory.
tar zcvf mydir.tar.gz mydir Create the archive and compress with gzip.
tar jcvf mydir.tar.bz2 Create the archive and compress with bz2.
mydir
tar Jcvf mydir.tar.xz mydir Create the archive and compress with xz.
tar xvf mydir.tar.gz Extract all the files in mydir.tar.gz into

the mydir directory.
NOTE: You do not have to tell tar it is
in gzip format.
You can separate out the archiving and compression stages, as in:
$ tar cvf mydir.tar mydir ; gzip mydir.tar
$ gunzip mydir.tar.gz ; tar xvf mydir.tar
but this is slower and wastes space by creating an unneeded intermediary .tar file.
10.6.7 Relative Compression Times and Sizes

To demonstrate the relative efficiency of gzip, bzip2, and xz, the following
screenshot shows the results of compressing a purely text file directory tree
(the include directory from the kernel source) using the three methods.
Relative Compression Times and Sizes
This shows that as compression factors go up, CPU time does as well (i.e.
producing smaller archives takes longer).
10.7 Disk-to-Disk Copying (dd)

The dd program is very useful for making copies of raw disk space. For example,
to back up your Master Boot Record (MBR) (the first 512-byte sector on the disk
that contains a table describing the partitions on that disk), you might type:
dd if=/dev/sda of=sda.mbr bs=512 count=1
WARNING!
Typing:
dd if=/dev/sda of=/dev/sdb
to make a copy of one disk onto another, will delete everything that previously
existed on the second disk.
An exact copy of the first disk device is created on the second disk device.
Do not experiment with this command as written above, as it can erase a

hard disk!
Exactly what the name dd stands for is an often-argued item. The words data
definition is the most popular theory and has roots in early IBM history. Often,
people joke that it means disk destroyer and other variants such as delete data!
Disk-to-Disk Copying (dd)
Lab 10.3: Archiving (Backing Up) the Home Directory

Archiving (or backing up) your files from time to time is essential good hygiene.
You might type a command and thereby unintentionally clobber files you need
and did not mean to alter.
Furthermore, while your hardware may be deemed fairly reliable, all devices do
fail in some fashion eventually (even if it is just an unexpected power failure).
Often, this happens at the worst possible time. Periodically backing up files is a
good habit to get into.
It is, of course, important to do backups to external systems through a network,

or onto external storage, such as an external drive or USB stick. Here, we will be
making a back up archive on the same system, which is very useful, but won’t
help if the drive fails catastrophically, or your computer is stolen or the building
gets zapped by an asteroid or a fire.
First, using tar, back up all files and subdirectories under your home directory.
Place the resulting tarball file in the /tmp directory, giving it the
name backup.tar.
Second, accomplish the same task with gzip compression using the -z option
to tar, creating /tmp/backup.tar.gz.
Compare the size of the two files (with ls -l).
For additional experience, make backups using the -j option using

the bzip2 compression, and -J option for using the xz compression.
10.8 Archiving (Backing Up) the Home Directory

To construct a tarball archive of your home directory you can do:
student:/tmp> tar -cvf /tmp/backup.tar ~
or equivalently
student:/tmp> tar -cvf /tmp/backup.tar /home/student
Note you can have omitted the - in the options with no change. In the following
we will not bother using the -v option for verbose. To create archives with all
three compression utilities:
student:/tmp> tar zcf /tmp/backup.tar.gz ~
student:/tmp> tar jcf /tmp/backup.tar.bz2 ~
student:/tmp> tar Jcf /tmp/backup.tar.xz ~
Comparing the sizes (first using the -h option to ls to make it human-readable):
student@ubuntu:~student:/tmp> ls -lh /tmp/backup*
-rw-rw-r-- 1 student student 8.3M Apr 17 10:14 /tmp/backup2.tar.gz
-rw-rw-r-- 1 student student 12M Apr 17 10:13 /tmp/backup.tar
-rw-rw-r-- 1 student student 8.4M Apr 17 10:15 /tmp/backup.tar.bz2
-rw-rw-r-- 1 student student 8.3M Apr 17 10:14 /tmp/backup.tar.gz
-rw-rw-r-- 1 student student 8.2M Apr 17 10:15 /tmp/backup.tar.xz
and then without it:

student@ubuntu:~student:/tmp> ls -l /tmp/backup*
-rw-rw-r-- 1 student student 8686942 Apr 17 10:14 /tmp/backup2.tar.gz
-rw-rw-r-- 1 student student 12226560 Apr 17 10:13 /tmp/backup.tar
-rw-rw-r-- 1 student student 8720491 Apr 17 10:15 /tmp/backup.tar.bz2
-rw-rw-r-- 1 student student 8686929 Apr 17 10:14 /tmp/backup.tar.gz
-rw-rw-r-- 1 student student 8551064 Apr 17 10:15 /tmp/backup.tar.xz
Note in this case there is not much difference in the different archiving methods,
but this particular directory was a bad choice because it already contained a lot of
compressed files. A somewhat better example involving more text files:
student:/tmp> tar cf /tmp/doc.tar /usr/share/doc
student:/tmp> tar zcf /tmp/doc.tar.gz /usr/share/doc
student:/tmp> tar jcf /tmp/doc.tar.bz2 /usr/share/doc
student:/tmp> tar Jcf /tmp/doc.tar.xz /usr/share/doc
student:/tmp> ls -lh /tmp/doc.tar*

-rw-rw-r-- 1 student student 85M Apr 17 10:34 /tmp/doc.tar
-rw-rw-r-- 1 student student 31M Apr 17 10:35 /tmp/doc.tar.bz2
-rw-rw-r-- 1 student student 34M Apr 17 10:34 /tmp/doc.tar.gz
-rw-rw-r-- 1 student student 28M Apr 17 10:36 /tmp/doc.tar.xz
which shows xz did best, followed by bz2 and then gz. You may have noticed,
however, the inverse relationship between the size reduction of the compression
and how long it took!
Chapter 14. Network Operations
Mục tiêu:
 Explain basic networking concepts, including types of networks and addressing

issues.
 Configure network interfaces and use basic networking utilities, such
as ifconfig, ip, ping, route and traceroute.
 Use graphical and non-graphical browsers, such as Lynx, w3m, Firefox, Chrome
and Epiphany.
 Transfer files to and from clients and servers using both graphical and text mode
applications, such as Filezilla, ftp, sftp, curl and wget.
14.1 Introduction to Networking
A network is a group of computers and computing devices connected together
through communication channels, such as cables or wireless media. The
computers connected over a network may be located in the same geographical
area or spread across the world.
A network is used to:
 Allow the connected devices to communicate with each other

 Enable multiple users to share devices over the network, such as music and video
servers, printers and scanners.
 Share and manage information across computers easily.
Most organizations have both an internal network and an Internet connection for
users to communicate with machines and people outside the organization.
The Internet is the largest network in the world and can be called "the network
of networks".
14.2 IP Addresses
Devices attached to a network must have at least one unique network address
identifier known as the IP (Internet Protocol) address. The address is essential
for routing packets of information through the network.
Exchanging information across the network requires using streams of small

packets, each of which contains a piece of the information going from one
machine to another. These packets contain data buffers, together with headers
which contain information about where the packet is going to and coming from,
and where it fits in the sequence of packets that constitute the stream. Networking
protocols and software are rather complicated due to the diversity of machines
and operating systems they must deal with, as well as the fact that even very old
standards must be supported.
IP Addresses
14.3 IPv4 and IPv6

There are two different types of IP addresses available: IPv4 (version 4) and IPv6
(version 6). IPv4 is older and by far the more widely used, while IPv6 is newer
and is designed to get past limitations inherent in the older standard and furnish
many more possible addresses.
IPv4 uses 32-bits for addresses; there are only 4.3 billion unique addresses
available. Furthermore, many addresses are allotted and reserved, but not actually
used. IPv4 is considered inadequate for meeting future needs because the number
of devices available on the global network has increased enormously in recent
years.
IPv6 uses 128-bits for addresses; this allows for 3.4 X 10 38 unique addresses. If
you have a larger network of computers and want to add more, you may want to
move to IPv6, because it provides more unique addresses. However, it can be
complex to migrate to IPv6; the two protocols do not always inter-operate well.
Thus, moving equipment and addresses to IPv6 requires significant effort and has
not been quite as fast as was originally intended. We will discuss IPv4 more
than IPv6 as you are more likely to deal with it.
One reason IPv4 has not disappeared is there are ways to effectively make many
more addresses available by methods such
as NAT (Network Address Translation). NAT enables sharing one IP address
among many locally connected computers, each of which has a unique address
only seen on the local network. While this is used in organizational settings, it
also used in simple home networks. For example, if you have a router hooked up
to your Internet Provider (such as a cable system) it gives you one externally
visible address, but issues each device in your home an individual local address.
IPv4 and IPv6
14.4 Decoding IPv4 Addresses

A 32-bit IPv4 address is divided into four 8-bit sections called octets.
Example:
IP address → 172 . 16 . 31 . 46
Bit format → 10101100.00010000.00011111.00101110
NOTE: Octet is just another word for byte.
Network addresses are divided into five classes: A, B, C, D and E. Classes A, B

and C are classified into two parts: Network addresses (Net ID) and Host address
(Host ID). The Net ID is used to identify the network, while the Host ID is used
to identify a host in the network. Class D is used for special multicast applications
(information is broadcast to multiple computers simultaneously) and Class E is
reserved for future use. In this section you will learn about classes A, B and C.
Decoding IPv4 Addresses
14.4.1 Class A Network Addresses

Class A addresses use the first octet of an IP address as their Net ID and use the
other three octets as the Host ID. The first bit of the first octet is always set to
zero. So you can use only 7-bits for unique network numbers. As a result, there
are a maximum of 126 Class A networks available (the addresses 0000000 and
1111111 are reserved). Not surprisingly, this was only feasible when there were
very few unique networks with large numbers of hosts. As the use of the Internet
expanded, Classes B and C were added in order to accommodate the growing
demand for independent networks.
Each Class A network can have up to 16.7 million unique hosts on its network.
The range of host address is from 1.0.0.0 to 127.255.255.255.
NOTE: The value of an octet, or 8-bits, can range from 0 to 255.

Class A Network Addresses
14.4.2 Class B Network Addresses

Class B addresses use the first two octets of the IP address as their Net ID and the
last two octets as the Host ID. The first two bits of the first octet are always set to
binary 10, so there are a maximum of 16,384 (14-bits) Class B networks. The first
octet of a Class B address has values from 128 to 191. The introduction of Class
B networks expanded the number of networks but it soon became clear that a
further level would be needed.
Each Class B network can support a maximum of 65,536 unique hosts on its
network. The range of host address is from 128.0.0.0 to 191.255.255.255.
Class B Network Addresses

14.4.3 Class C Network Addresses
Class C addresses use the first three octets of the IP address as their Net ID and
the last octet as their Host ID. The first three bits of the first octet are set to binary
110, so almost 2.1 million (21-bits) Class C networks are available. The first octet
of a Class C address has values from 192 to 223. These are most common for
smaller networks which don't have many unique hosts.
Each Class C network can support up to 256 (8-bits) unique hosts. The range of
host address is from 192.0.0.0 to 223.255.255.255.
Class C Network Addresses
14.4.4 IP Address Allocation

Typically, a range of IP addresses are requested from your Internet Service
Provider (ISP) by your organization's network administrator. Often, your choice
of which class of IP address you are given depends on the size of your network
and expected growth needs. If NAT is in operation, such as in a home network,
you only get one externally visible address!
IP Address Allocation
You can assign IP addresses to computers over a network either manually or
dynamically. Manual assignment adds static (never changing) addresses to the
network. Dynamically assigned addresses can change every time you reboot or
even more often; the Dynamic Host Configuration Protocol (DHCP) is used to
assign IP addresses.
14.5 Name Resolution

Name Resolution is used to convert numerical IP address values into a human-
readable format known as the hostname. For example, 104.95.85.15 is the
numerical IP address that refers to the hostname whitehouse.gov. Hostnames
are much easier to remember!
Given an IP address, you can obtain its corresponding hostname. Accessing the
machine over the network becomes easier when you can type the hostname
instead of the IP address.
You can view your system’s hostname simply by typing hostname with no
argument.
NOTE: If you give an argument, the system will try to change its hostname to
match it, however, only root users can do that.
The special hostname localhost is associated with the IP address 127.0.0.1 and
describes the machine you are currently on (which normally has additional
network-related IP addresses).
Screenshot Showing Server IP Address of The Linux Foundation Website
Please take a look at the following Try-It-Yourself exercise: Using Domain Name
System (DNS) and Name Resolution Tools.
14.6 Network Configuration Files

Network configuration files are essential to ensure that interfaces function
correctly. They are located in the /etc directory tree. However, the exact files used
have historically been dependent on the particular Linux distribution and version
being used.
For Debian family configurations, the basic network configuration files could be
found under /etc/network/, while for Red Hat and SUSE family systems one
needed to inspect /etc/sysconfig/network.
Modern systems emphasize the use of Network Manager, which we briefly

discussed when we considered graphical system administration, rather than try to
keep up with the vagaries of the files in /etc. While the graphical versions
of Network Manager do look somewhat different in different distributions,
the nmtui utility (shown in the screenshot) varies almost not at all, as does the
even more sparse nmcli (command line interface) utility. If you are proficient in
the use of the GUIs, by all means, use them. If you are working on a variety of
systems, the lower level utilities may make life easier.
Network Manager
Recent Ubuntu distributions include netplan, which is turned on by default, and
supplants Network Manager. Since no other distribution has shown interest, and
since it can easily be disabled if it bothers you, we will ignore it.
14.7 Network Interfaces

Network interfaces are a connection channel between a device and a network.
Physically, network interfaces can proceed through a network interface card
(NIC), or can be more abstractly implemented as software. You can have multiple
network interfaces operating at once. Specific interfaces can be brought up
(activated) or brought down (de-activated) at any time.
Information about a particular network interface or all network interfaces can be

reported by the ip and ifconfig utilities, which you may have to run as the
superuser, or at least, give the full path, i.e. /sbin/ifconfig, on some
distributions. ip is newer than ifconfig and has far more capabilities, but its
output is uglier to the human eye. Some new Linux distributions do not install the
older net-tools package to which ifconfig belongs, and so you would have to
install it if you want to use it.
Network Interfaces
14.8 The ip Utility

To view the IP address:
$ /sbin/ip addr show
To view the routing information:

$ /sbin/ip route show
ip is a very powerful program that can do many things. Older (and more specific)
utilities such as ifconfig and route are often used to accomplish similar tasks. A
look at the relevant man pages can tell you much more about these utilities.
ip Utility
14.9 ping
ping is used to check whether or not a machine attached to the network can
receive and send data; i.e. it confirms that the remote host is online and is
responding.
To check the status of the remote host, at the command prompt, type ping
<hostname>.
ping is frequently used for network testing and management; however, its usage
can increase network load unacceptably. Hence, you can abort the execution
of ping by typing CTRL-C, or by using the -c option, which limits the number
of packets that ping will send before it quits. When execution stops, a summary
is displayed.
ping
14. 10 route
A network requires the connection of many nodes. Data moves from source to
destination by passing through a series of routers and potentially across multiple
networks. Servers maintain routing tables containing the addresses of each node
in the network. The IP routing protocols enable routers to build up a forwarding
table that correlates final destinations with the next hop addresses.
route
One can use the route utility or the newer ip route command to view or change
the IP routing table to add, delete, or modify specific (static) routes to specific
hosts or networks. The table explains some commands that can be used to manage
IP routing:
Task Command
Show current $ route –n or ip route

routing table
Add static route $ route add -net address or ip route add
Delete static route $ route del -net address or ip route del
traceroute
traceroute is used to inspect the route which the data packet takes to reach the
destination host, which makes it quite useful for troubleshooting network delays
and errors. By using traceroute, you can isolate connectivity issues between
hops, which helps resolve them faster.
To print the route taken by the packet to reach the network host, at the command
prompt, type traceroute <address>.
traceroute
Please take a look at the following Try-It-Yourself

exercise: Using ping, route and traceroute.
Now, let’s learn about some additional networking tools. Networking tools are
very useful for monitoring and debugging network problems, such as network
connectivity and network traffic.
Networking Description
Tools
ethtool Queries network interfaces and can also set various

parameters such as the speed
netstat Displays all active connections and routing tables;

useful for monitoring performance and
troubleshooting
nmap Scans open ports on a network; important for

security analysis
tcpdump Dumps network traffic for analysis
iptraf Monitors network traffic in text mode
mtr Combines functionality of ping and traceroute and

gives a continuously updated display
dig Tests DNS workings; a good replacement for host

and nslookup
Please take a look at the following Try-It-Yourself exercise: Using Network

Tools.
Transfering Files
FTP (File Transfer Protocol)
When you are connected to a network, you may need to transfer files from one
machine to another. File Transfer Protocol (FTP) is a well-known and popular
method for transferring files between computers using the Internet. This method
is built on a client-server model. FTP can be used within a browser or with stand-
alone client programs.
File Transfer Protocol
FTP is one of the oldest methods of network data transfer, dating back to the early
1970s. As such, it is considered inadequate for modern needs, as well as being
intrinsically insecure. However, it is still in use and when security is not a concern
(such as with so-called anonymous FTP) it can make sense. However, many
websites, such as kernel.org, have abandoned its use.
FTP Clients
FTP clients enable you to transfer files with remote computers using the FTP
protocol. These clients can be either graphical or command line tools. Filezilla,
for example, allows use of the drag-and-drop approach to transfer files between
hosts. All web browsers support FTP, all you have to do is give a URL
like ftp://ftp.kernel.org where the usual http:// becomes ftp://.
Some command line FTP clients are:
 ftp
 sftp
 ncftp
 yafc (Yet Another FTP Client).
FTP has fallen into disfavor on modern systems, as it is intrinsically insecure,
since passwords are user credentials that can be transmitted without encryption
and are thus prone to interception. Thus, it was removed in favor of
using rsync and web browser https access for example. As an alternative, sftp is
a very secure mode of connection, which uses the Secure Shell (ssh) protocol,
which we will discuss shortly. sftp encrypts its data and thus sensitive
information is transmitted more securely. However, it does not work with so-
called anonymous FTP (guest user credentials).
FTP Clients
SSH: Executing Commands Remotely
Secure Shell (SSH) is a cryptographic network protocol used for secure data
communication. It is also used for remote services and other secure services
between two devices on the network and is very useful for administering systems
which are not easily available to physically work on, but to which you have
remote access.
SSH: Executing Commands Remotely

To login to a remote system using your same user name you can just type ssh
some_system and press Enter. ssh then prompts you for the remote password.
You can also configure ssh to securely allow your remote access without typing
a password each time.
If you want to run as another user, you can do either ssh -l someone
some_system or ssh someone@some_system. To run a command on a remote
system via SSH, at the command prompt, you can type ssh some_system
my_command.
Copying Files Securely with scp
We can also move files securely using Secure Copy (scp) between two networked
hosts. scp uses the SSH protocol for transferring data.
To copy a local file to a remote system, at the command prompt, type scp
<localfile> <user@remotesystem>:/home/user/ and press Enter.
You will receive a prompt for the remote password. You can also
configure scp so that it does not prompt for a password for each transfer.
Copying Files Securely with scp
Lab 14.1: Network Troubleshooting
Troubleshooting network problems is something that you will often encounter if

you haven't already. We are going to practice some of the previously discussed
tools, that can help you isolate, troubleshoot and fix problems in your network.
The solution file contains a step-by-step procedure for exercising many of the
tools we have studied. Please repeat the steps, substituting your actual network
interface names, alternative network addresses and web sites, etc.
Lab: Network Troubleshooting
Troubleshooting network problems is something that you will often encounter if

you haven't already. We are going to practice some of the previously discussed
tools, that can help you isolate, troubleshoot and fix problems in your network.
Suppose you need to perform an Internet search, but your web browser can not
find google.com, saying the host is unknown. Let's proceed step by step to fix
this.
1. First make certain your network is properly configured. If your Ethernet

device is up and running, running ifconfig should display something like:
student:/tmp> /sbin/ifconfig
eno167777 Link encap:Ethernet HWaddr 00:0C:29:BB:92:C2
inet addr:192.168.1.14 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:febb:92c2/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500
Metric:1
RX packets:3244 errors:0 dropped:0 overruns:0 frame:0
TX packets:2006 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4343606 (4.1 Mb) TX bytes:169082 (165.1 Kb)
lo Link encap:Local Loopback

inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
On older systems you probably will see a less cryptic name

than eno167777, like eth0, or for a wireless connection, you might see
something like wlan0 or wlp3s0. You can also show your IP address with:
student:/tmp> ip addr show

1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
2: eno16777736: mtu 1500 qdisc pfifo_fast state \
UP group default qlen 1000
link/ether 00:0c:29:bb:92:c2 brd ff:ff:ff:ff:ff:ff
p inet 192.168.1.14/24 brd 192.168.1.255 scope global dynamic
eno16777736
valid_lft 84941sec preferred_lft 84941sec
inet 192.168.1.15/24 brd 192.168.1.255 scope global secondary
dynamic eno16777736
valid_lft 85909sec preferred_lft 85909sec
inet6 fe80::20c:29ff:febb:92c2/64 scope link
Does the IP address look valid? Depending on where you are using this
from, it is most likely a Class C IP address; in the above this
is 192.168.1.14
If it does not show a device with an IP address, you may need to start or
restart the network and/or NetworkManager. Exactly how you do this
depends on your system. For most distributions one of these commands
will accomplish this:
student:/tmp> sudo systemctl restart NetworkManager

student:/tmp> sudo systemctl restart network
student:/tmp> sudo service NetworkManager restart
student:/tmp> sudo service network restart
If your device was up but had no IP address, the above should have helped
fix it, but you can try to get a fresh address with:
student:/tmp> sudo dhclient eth0
substituting the right name for the Ethernet device.
2. If your interface is up and running with an assigned IP address and you

still can not reach google.com, we should make sure you have a valid
hostname assigned to your machine, with hostname:
student:/tmp> hostname
openSUSE
It is rare you would have a problem here, as there is probably always at
least a default hostname, such as localhost.
3. When you type in a name of a site such as google.com, that name needs to
be connected to a known IP address. This is usually done employing
the DNS sever (Domain Name System)
First, see if the site is up and reachable with ping:
student:/tmp> sudo ping -c 3 google.com

PING google.com (216.58.216.238) 56(84) bytes of data.
64 bytes from ord31s22-in-f14.1e100.net (216.58.216.238): icmp_seq=1
ttl=51 time=21.7 ms
ttl=51 time=23.8 ms
ttl=51 time=21.3 ms
--- google.com ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2002ms
rtt min/avg/max/mdev = 21.388/22.331/23.813/1.074 ms
Note:
o We have used sudo for ping; recent Linux distributions have

required this to avoid clueless or malicious users from flooding
systems with such queries.
o We have used -c 3 to limit to 3 packets; otherwise ping would run
forever until forcibly terminated, say with CTRL-C.
If the result was:
ping: unknown host google.com
It is likely that something is wrong with your DNS set-up. (Note on some
systems you will never see the unknown host message, but you will get a
suspicious result like:
student:/tmp> sudo ping l89xl28vkjs.com

PING l89xl28vkjs.com.site (127.0.53.53) 56(84) bytes of data.
64 bytes from 127.0.53.53: icmp_seq=1 ttl=64 time=0.016 ms
...
where the 127.0.x.x address is a loop feeding back to the host machine you
are on. You can eliminate this as being a valid address by doing:
student:/tmp> host l89xl28vkjs.com

Host l89xl28vkjs.com not found: 3(NXDOMAIN)
whereas a correct result would look like:
student:/tmp> host google.com

google.com has address 216.58.216.206
google.com has IPv6 address 2607:f8b0:4009:80b::200e
google.com mail is handled by 20 alt1.aspmx.l.google.com.
google.com mail is handled by 10 aspmx.l.google.com.
The above command utilizes the DNS server configured

in /etc/resolv.conf on your machine. If you wanted to override that you
could do:
host 8.8.8.8
8.8.8.8.in-addr.arpa domain name pointer google-public-dns-
a.google.com.
student@linux:~> host google.com 8.8.8.8
Using domain server:
Name: 8.8.8.8
Address: 8.8.8.8#53
Aliases:
google.com has address 216.58.216.110

google.com has IPv6 address 2607:f8b0:4009:804::1002
...\
where we have used the publicly available DNS server provided

by Google itself. (Using this or another public server can be a good trick
sometimes if your network is up but DNS is ill; in that case you can also
enter it in resolv.conf.)
Note that there is another file, /etc/hosts, where you can associate names
with IP addresses, which is used before the DNS server is consulted. This
is most useful for specifying nodes on your local network.
You could also use the dig utility if you prefer:
student:/tmp> dig google.com

; <<>> DiG 9.9.5-rpz2+rl.14038.05-P1 <<>> google.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29613
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0,
ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 1c20 , udp: 1280
;; QUESTION SECTION:
;google.com. IN A
;; ANSWER SECTION:
google.com. 244 IN A 173.194.46.67
google.com. 244 IN A 173.194.46.65
google.com. 244 IN A 173.194.46.71
google.com. 244 IN A 173.194.46.73
google.com. 244 IN A 173.194.46.69
google.com. 244 IN A 173.194.46.68
google.com. 244 IN A 173.194.46.64
google.com. 244 IN A 173.194.46.72
google.com. 244 IN A 173.194.46.70
google.com. 244 IN A 173.194.46.66
google.com. 244 IN A 173.194.46.78
;; Query time: 22 msec

;; SERVER: 192.168.1.1#53(192.168.1.1)
;; WHEN: Mon Apr 20 08:58:58 CDT 2015
;; MSG SIZE rcvd: 215
4. Suppose host or dig fail to connect the name to an IP address. There are
many reasons DNS can fail, some of which are:
o The DNS server is down. In this case try pinging it to see if it is alive
(you should have the IP address in /etc/resolv.conf.
o The server can be up and running, but DNS may not be currently
available on the machine.
o Your route to the DNS server may not be correct.
How can we test the route? Tracing the route to one of the public name
server we mentioned before:
student@linux:~> sudo traceroute 8.8.8.8

traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 0.405 ms 0.494 ms 0.556 ms
2 10.132.4.1 (10.132.4.1) 15.127 ms 15.107 ms 15.185 ms
3 dtr02ftbgwi-tge-0-6-0-3.ftbg.wi.charter.com (96.34.24.122)
15.243 ms 15.327 ms 17.878 ms
4 crr02ftbgwi-bue-3.ftbg.wi.charter.com (96.34.18.116) 17.667 ms
17.734 ms 20.016 ms
5 crr01ftbgwi-bue-4.ftbg.wi.charter.com (96.34.18.108) 22.017 ms
22.359 ms 22.052 ms
6 crr01euclwi-bue-1.eucl.wi.charter.com (96.34.16.77) 29.430 ms
22.705 ms 22.076 ms
7 bbr01euclwi-bue-4.eucl.wi.charter.com (96.34.2.4) 17.795 ms
25.542 ms 25.600 ms
8 bbr02euclwi-bue-5.eucl.wi.charter.com (96.34.0.7) 28.227 ms
28.270 ms 28.303 ms
9 bbr01chcgil-bue-1.chcg.il.charter.com (96.34.0.9) 33.114 ms 33.072
ms 33.175 ms
10 prr01chcgil-bue-2.chcg.il.charter.com (96.34.3.9) 36.882 ms
36.794 ms 36.895 ms
11 96-34-152-30.static.unas.mo.charter.com (96.34.152.30) 42.585 ms
42.326 ms 42.401 ms
12 216.239.43.111 (216.239.43.111) 28.737 ms 216.239.43.113
(216.239.43.113)
24.558 ms 23.941 ms
13 209.85.243.115 (209.85.243.115) 24.269 ms 209.85.247.17
(209.85.247.17)
25.758 ms 216.239.50.123 (216.239.50.123) 25.433 ms
14 google-public-dns-a.google.com (8.8.8.8) 25.239 ms 24.003 ms
23.795 ms
Again, this should likely work for you, but what if you only got the first
line in the traceroute output?
If this happened, most likely your default route is wrong. Try:
student:/tmp> ip route show

efault via 192.168.1.1 dev eno16777736 proto static metric 1024
192.168.1.0/24 dev eno16777736 proto kernel scope link src
192.168.1.14
Most likely this is set to your network interface and the IP address of your
router, DSL, or Cable Modem. Let's say that it is blank or simply points to
your own machine. Here's your problem! At this point, you would need to
add a proper default route and run some of the same tests we just did.
Note, an enhanced version of traceroute is supplied by mtr, which runs

continuously (like top). Running it with the --report-cycles option to limit
how long it runs:
student:/tmp> sudo mtr --report-cycles 3 8.8.8.8

My traceroute [v0.85]
c7 (0.0.0.0) Mon Apr 20 09:30:41 2015
Unable to allocate IPv6 socket for nameserver communication:
Address family not supported
by protocol Packets Pings
Host Loss% Snt Last Avg Best Wrst StDev
0.0% 3 0.3 0.3 0.2 0.3 0.0
2. 10.132.4.1 0.0% 3 6.3 7.1 6.3 8.4 0.7
3. dtr02ftbgwi-tge-0-6-0-3.ftbg.wi. 0.0% 3 6.2 7.5 6.2 10.0 2.1
4. dtr01ftbgwi-bue-1.ftbg.wi.charte 0.0% 3 8.9 8.5 6.2 10.4 2.0
5. crr01ftbgwi-bue-4.ftbg.wi.charte 0.0% 3 8.9 9.7 8.9 10.4 0.0
6. crr01euclwi-bue-1.eucl.wi.charte 0.0% 3 16.5 17.4 14.2 21.5
3.7
7. bbr01euclwi-bue-4.eucl.wi.charte 0.0% 3 23.5 22.0 18.2 24.2
3.2
8. bbr02euclwi-bue-5.eucl.wi.charte 0.0% 3 18.9 22.7 18.1 31.1
7.2
9. bbr01chcgil-bue-1.chcg.il.charte 0.0% 3 22.9 23.0 22.9 23.1
0.0
10. prr01chcgil-bue-2.chcg.il.charte 0.0% 3 21.4 24.1 20.8 30.2
5.2
11. 96-34-152-30.static.unas.mo.char 0.0% 3 22.6 21.9 20.0 23.3
1.6
12. 216.239.43.111 0.0% 3 21.2 21.7 21.2 22.0 0.0
13. 72.14.237.35 0.0% 3 21.2 21.0 19.8 21.9 1.0
14. google-public-dns-a.google.com 0.0% 3 26.7 23.0 21.0 26.7
3.2
Hopefully, running through some of these commands helped. It actually helps to

see what the correct output for your system looks like. Practice using these
commands; it is very likely that you will need them someday.
Chapter 18. Local Security
 Have a good grasp of best practices and tools for making Linux systems as secure
as possible.
 Understand the powers and dangers of using the root (superuser) account.
 Use the sudo command to perform privileged operations while restricting
enhanced powers as much as feasible.
 Explain the importance of process isolation and hardware access.
 Work with passwords, including how to set and change them.
 Describe how to secure the boot process and hardware resources.
User Accounts
The Linux kernel allows properly authenticated users to access files and
applications. While each user is identified by a unique integer (the user id or
UID), a separate database associates a username with each UID. Upon account
creation, new user information is added to the user database and the user's home
directory must be created and populated with some essential files. Command line
programs such as useradd and userdel as well as GUI tools are used for creating
and removing accounts.
For each user, the following seven fields are maintained in the /etc/passwd file:
Field Details Remarks

Name
Username User login name Should be between 1 and 32

characters long
Password User password (or Is never shown in Linux when it

the character x if the password is is being typed; this stops prying
stored in the /etc/shadow file) in eyes
encrypted format
User ID Every user must have a user id UID 0 is reserved for root user
(UID) (UID) UID's ranging from 1-99 are
reserved for other predefined
accounts
UID's ranging from 100-999 are
reserved for system accounts and
groups
Normal users have UID's of 1000
or greater
Group ID The primary Group ID (GID); Is covered in detail in the chapter

(GID) Group Identification Number on Processes
stored in the /etc/group file
User Info This field is optional and allows For example: Rufus T. Firefly
insertion of extra information
about the user such as their name
Home The absolute path location of For example: /home/rtfirefly

Directory user's home directory
Shell The absolute location of a For example:/bin/bash

user's default shell
Types of Accounts
By default, Linux distinguishes between several account types in order to isolate
processes and workloads. Linux has four types of accounts:
 root
 System
 Normal
 Network
For a safe working environment, it is advised to grant the minimum privileges

possible and necessary to accounts, and remove inactive accounts.
The last utility, which shows the last time each user logged into the system, can
be used to help identify potentially inactive accounts which are candidates for
system removal.
Keep in mind that practices you use on multi-user business systems are more strict
than practices you can use on personal desktop systems that only affect the casual
user. This is especially true with security. We hope to show you practices
applicable to enterprise servers that you can use on all systems, but understand
that you may choose to relax these rules on your own personal system.
last Utility
Understanding the root Account
root is the most privileged account on a Linux/UNIX

system. This account has the ability to carry out all
facets of system administration, including adding
accounts, changing user passwords, examining log
files, installing software, etc. Utmost care must be
taken when using this account. It has no security
restrictions imposed upon it.
When you are signed in as, or acting as root, the shell

prompt displays '#' (if you are using bash and you have
not customized the prompt, as we have discussed previously). This convention is
intended to serve as a warning to you of the absolute power of this account.
Operations Requiring root Privileges
root privileges are required to perform operations such as:
 Creating, removing and managing user accounts

 Managing software packages
 Removing or modifying system files
 Restarting system services.
Regular account users of Linux distributions might be allowed to install software

packages, update some settings, use some peripheral devices, and apply various
kinds of changes to the system. However, root privilege is required for
performing administration tasks such as restarting most services, manually
installing packages and managing parts of the filesystem that are outside the
normal user’s directories.
Operations Requiring root Privileges
Operations Not Requiring root Privileges
A regular account user can perform some operations requiring special

permissions; however, the system configuration must allow such abilities to be
exercised.
SUID (Set owner User ID upon execution - similar to the Windows "run as"
feature) is a special kind of file permission given to a file. Use of SUID provides
temporary permissions to a user to run a program with the permissions of the
file owner (which may be root) instead of the permissions held by the user.
The table provides examples of operations which do not require root privileges:
Operations that do not require Root Examples of this operation

privilege
Running a network client Sharing a file over the network
Using devices such as printers Printing over the network
Operations on files that the user has Accessing files that you have access to
proper permissions to access or sharing data over the network
Running SUID-root applications Executing programs such as passwd
Comparing sudo and su
In Linux you can use either su or sudo to temporarily grant root access to a
normal user. However, these methods are actually quite different. Listed below
are the differences between the two commands:
su sudo
When elevating privilege, you need to When elevating privilege, you need to
enter the root password. Giving the root enter the user’s password and not the
password to a normal user should never, root password.
ever be done.
Once a user elevates to the root account Offers more features and is considered
using su, the user can do anything that more secure and more configurable.
the root user can do for as long as the Exactly what the user is allowed to do
user wants, without being asked again can be precisely controlled and limited.
for a password. By default the user will either always
have to keep giving their password to do
further operations with sudo, or can
avoid doing so for a configurable time
interval.
The command has limited logging The command has detailed logging
features. features.
sudo Features
sudo has the ability to keep track of unsuccessful attempts at gaining root access.
Users' authorization for using sudo is based on configuration information stored
in the /etc/sudoers file and in the /etc/sudoers.d directory.
A message such as the following would appear in a system log file

(usually /var/log/secure) when trying to execute sudo for badperson without
successfully authenticating the user:
badperson : user NOT in sudoers ; TTY=pts/4 ; PWD=/var/log ; USER=root
; COMMAND=/usr/bin/tail secure
sudo Features
The sudoers File
Whenever sudo is invoked, a trigger will look at /etc/sudoers and the files
in /etc/sudoers.d to determine if the user has the right to use sudo and what the
scope of their privilege is. Unknown user requests and requests to do operations
not allowed to the user even with sudo are reported. The basic structure of entries
in these files is:
who where = (as_whom) what
/etc/sudoers contains a lot of documentation in it about how to customize. Most

Linux distributions now prefer you add a file in the directory /etc/sudoers.d with
a name the same as the user. This file contains the individual
user's sudo configuration, and one should leave the master configuration file
untouched except for changes that affect all users.
You should edit any of these configuration files by using visudo, which ensures
that only one person is editing the file at a time, has the proper permissions, and
refuses to write out the file and exit if there are syntax errors in the changes made.
The editing can be accomplished by doing a command such as the following ones:
# visudo /etc/sudoers
# visudo -f /etc/sudoers.d/student
The actual specific editor invoked will depend on the setting of

your EDITOR environment variable.
The sudoers File
Command Logging
By default, sudo commands and any failures are logged

in /var/log/auth.log under the Debian distribution family, and
in /var/log/messages and/or /var/log/secure on other systems. This is an
important safeguard to allow for tracking and accountability of sudo use. A
typical entry of the message contains:
 Calling username
 Terminal info
 Working directory
 User account invoked
 Command with arguments.
Running a command such as sudo whoami results in a log file entry such as:
Dec 8 14:20:47 server1 sudo: op : TTY=pts/6 PWD=/var/log USER=root

COMMAND=/usr/bin/whoami
Command Logging
Process Isolation
Linux is considered to be more secure than many other operating systems because
processes are naturally isolated from each other. One process normally cannot
access the resources of another process, even when that process is running with
the same user privileges. Linux thus makes it difficult (though certainly not
impossible) for viruses and security exploits to access and attack random
resources on a system.
More recent additional security mechanisms that limit risks even further include:
 Control Groups (cgroups): Allows system administrators to group processes and
associate finite resources to each cgroup.
 Containers: Makes it possible to run multiple isolated Linux systems (containers)
on a single system by relying on cgroups.
 Virtualization: Hardware is emulated in such a way that not only processes can
be isolated, but entire systems are run simultaneously as isolated and insulated
guests (virtual machines) on one physical host.
Process Isolation
Hardware Device Access
Linux limits user access to non-networking hardware devices in a manner that is

extremely similar to regular file access. Applications interact by engaging the
filesystem layer (which is independent of the actual device or hardware the file
resides on). This layer will then open a device special file (often called a device
node) under the /dev directory that corresponds to the device being accessed.
Each device special file has standard owner, group and world permission fields.
Security is naturally enforced just as it is when standard files are accessed.
Hard disks, for example, are represented as /dev/sd*. While a root user can read
and write to the disk in a raw fashion, for example, by doing something like:
# echo hello world > /dev/sda1

The standard permissions as shown in the figure, make it impossible for regular
users to do so. Writing to a device in this fashion can easily obliterate the
filesystem stored on it in a way that cannot be repaired without great effort, if at
all. The normal reading and writing of files on the hard disk by applications is
done at a higher level through the filesystem, and never through direct access to
the device node.
Hardware Device Access
Keeping Current
When security problems in either the Linux kernel or applications and libraries
are discovered, Linux distributions have a good record of reacting quickly and
pushing out fixes to all systems by updating their software repositories and
sending notifications to update immediately. The same thing is true with bug fixes
and performance improvements that are not security related.
Timely System Update
However, it is well known that many systems do not get updated frequently
enough and problems which have already been cured are allowed to remain on
computers for a long time; this is particularly true with proprietary operating
systems where users are either uninformed or distrustful of the vendor's patching
policy as sometimes updates can cause new problems and break existing
operations. Many of the most successful attack vectors come from exploiting
security holes for which fixes are already known but not universally deployed.
So the best practice is to take advantage of your Linux distribution's mechanism

for automatic updates and never postpone them. It is extremely rare that such an
update will cause new problems.
Lab 18.1: sudo
1. Create a new user, using useradd, and give the user an initial password
with passwd.
2. Configure this user to be able to use sudo.
3. Login as or switch to this new user and make sure you can execute a command
that requires root privilege.
For example, a trivial command requiring root privilege could be:
$ ls /root
1. sudo useradd newuser

2. sudo passwd newuser
(give the password for this user when prompted)
3. With root privilege, (use sudo visudo) add this line to /etc/sudoers:
newuser ALL=(ALL) ALL
Alternatively, create a file named /etc/sudoers.d/newuser with just that

one line as content.
4. You can login by doing:
sudo su newuser
or
ssh newuser@localhost
which will require giving newuser's password, and is probably a better

solution. Instead of localhost you can give your hostname, IP address
or 127.0.0.1. Then as newuser just type:
sudo ls /root
How Passwords Are Stored
The system verifies authenticity and identity using user credentials.
Originally, encrypted passwords were stored in the /etc/passwd file, which was
readable by everyone. This made it rather easy for passwords to be cracked.
How Passwords Are Stored
On modern systems, passwords are actually stored in an encrypted format in a

secondary file named /etc/shadow. Only those with root access can read or
modify this file.
Password Algorithm
Protecting passwords has become a crucial element of security. Most Linux

distributions rely on a modern password encryption algorithm called SHA-512
(Secure Hashing Algorithm 512 bits), developed by the U.S. National Security
Agency (NSA) to encrypt passwords.
The SHA-512 algorithm is widely used for security applications and protocols.
These security applications and protocols include TLS, SSL, PHP, SSH, S/MIME
and IPSec. SHA-512 is one of the most tested hashing algorithms.
For example, if you wish to experiment with SHA-512 encoding, the word "test"
can be encoded using the program sha512sum to produce the SHA-512 form (see
graphic):
Password Encryption: sha512sum
Good Password Practices
IT professionals follow several good practices for securing the data and the
password of every user.
 Password aging is a method to ensure that users get prompts that remind them to
create a new password after a specific period. This can ensure that passwords, if
cracked, will only be usable for a limited amount of time. This feature is
implemented using chage, which configures the password expiry information for
a user.
 Another method is to force users to set strong passwords
using Pluggable Authentication Modules (PAM). PAM can be configured to
automatically verify that a password created or modified using the passwd utility
is sufficiently strong. PAM configuration is implemented using a library
called pam_cracklib.so, which can also be replaced by pam_passwdqc.so to
take advantage of more options.
 One can also install password cracking programs, such as John The Ripper, to
secure the password file and detect weak password entries. It is recommended
that written authorization be obtained before installing such tools on any system
that you do not own.
Using chage
Lab 18.2: Password Aging
With the newly created user from the previous exercise, look at the password
aging for the user.
Modify the expiration date for the user, setting it to be something that has passed,
and check to see what has changed.
When you are finished and wish to delete the newly created account, use userdel,
as in:
$ sudo userdel newuser
Lab Solution: Password Aging
chage --list newuser

sudo chage -E 2014-31-12 newuser
chage --list newuser
sudo userdel newuser
Note: The example solution works in the US. chage -E uses the default date
format for the local keyboard setting.
Requiring Boot Loader Passwords
You can secure the boot process with a secure password to prevent someone from
bypassing the user authentication step. This can work in conjunction with
password protection for the BIOS. Note that while using a bootloader password
alone will stop a user from editing the bootloader configuration during the boot
process, it will not prevent a user from booting from an alternative boot media
such as optical disks or pen drives. Thus, it should be used with a BIOS password
for full protection.
For the older GRUB 1 boot method, it was relatively easy to set a password
for grub. However, for the GRUB 2 version, things became more complicated.
However, you have more flexibility, and can take advantage of more advanced
features, such as user-specific passwords (which can be their normal login ones).
Furthermore, you never edit grub.cfg directly; instead, you can modify the
configuration files in /etc/grub.d and /etc/defaults/grub, and then run update-
grub, or grub2-mkconfig and save the new configuration file.
To learn more, read the following post: "GRUB 2 Password Protection".
Hardware Vulnerability
When hardware is physically accessible, security can be compromised by:

 Key logging: Recording the real time activity of a computer user including the
keys they press. The captured data can either be stored locally or transmitted to
remote machines.
 Network sniffing: Capturing and viewing the network packet level data on your
network.
 Booting with a live or rescue disk
 Remounting and modifying disk content.
Your IT security policy should start with requirements on how to properly secure
physical access to servers and workstations. Physical access to a system makes it
possible for attackers to easily leverage several attack vectors, in a way that makes
all operating system level recommendations irrelevant.
The guidelines of security are:
 Lock down workstations and servers.

 Protect your network links such that it cannot be accessed by people you do not
trust.
 Protect your keyboards where passwords are entered to ensure the keyboards
cannot be tampered with.
 Ensure a password protects the BIOS in such a way that the system cannot be
booted with a live or rescue DVD or USB key.
For single user computers and those in a home environment some of the above
features (like preventing booting from removable media) can be excessive, and
you can avoid implementing
them. However, if sensitive
information is on your system
that requires careful protection,
either it shouldn't be there or it
should be better protected by
following the above guidelines.
Software Vulnerability
Like all software, hackers occasionally
find weaknesses in the Linux ecosystem.
The strength of the Linux (and open source
community in general) is the speed with
which such vulnerabilities are exposed and
remediated. While specific discussion of
vulnerabilities is beyond the scope of this
course, we have seeded a couple relevant
topics to the Discussion Board (under the
"Local Security" topic) to encourage
further discussion.

Linux MIT

Uploaded by

Document Informationclick to expand document information

Copyright:

Available Formats

Linux MIT

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Linux MIT

Uploaded by

Copyright:

Available Formats

MỤC LỤC

Chương 1. HĐH Linux ...................................................................................... 8

By the end of this chapter, you should be able to:

 Discuss the role of The Linux Foundation.

The Linux Foundation offers several types of training:

 System Administration courses

The Linux Foundation training is distribution-flexible, technically advanced, and

1.1.4 The Linux Foundation Events

 Open Source Summit North America, Europe, and Japan

1.2 Course Software Requirements

The families and representative distributions we are using are:

Ubuntu, CentOS, and openSUSE Desktops

1.2.1 Focus on Three Major Linux Distribution Families

 Fedora serves as an upstream testing platform for RHEL.

Key Facts About the SUSE Family

 SUSE Linux Enterprise Server (SLES) is upstream for openSUSE.

Key Facts About the Debian Family

By the end of this chapter, you should be able to:

 Discuss the history and philosophy of Linux.

Linus Torvalds was a student in Helsinki, Finland, in 1991, when he started a

More About Linux History

2.2 Linux Philosophy

Linux is constantly enhanced and maintained by a network of developers from all

NOTE: Linux was inspired by UNIX, but it is not UNIX.

2.3 Linux Community

There are many ways to engage with the Linux community:

 Post queries on relevant discussion forums.

2.4 Linux Terminology

2.5 Linux Distributions

Examples of other essential tools and ingredients provided by distributions

Services Associated with Distributions

By the end of this chapter, you should be able to:

 Identify Linux filesystems.

Having a good understanding of the steps in the

On the other hand, the boot process can be rather

NOTE: You may want to come back and study

3.2.2 BIOS - The First Step

3.2.3 Master Boot Record (MBR) and Boot Loader

3.2.4 Boot Loader in Action

3.2.5 Initial RAM Disk

The Initial RAM Disk

As you will learn in Chapter 7: Command Line

3.2.7 The Linux Kernel

The Linux Kernel

3.2.8 /sbin/init and Services

/sbin/init and Services

3.3 Một số phương thức khởi động khác

 Developed by Ubuntu and first included in 2006

 Adopted by Fedora first (in 2011)

3.3.3 systemd Features

3.4 Linux Filesystems

Different types of filesystems supported by Linux:

A filesystem is a method of storing/finding files on a hard disk (usually in a

One can think of a partition as a container in which a filesystem resides, although

A comparison between filesystems in Windows and Linux is given in the

Partition Disk1 /dev/sda1

Filesystem Type NTFS/VFAT EXT3/EXT4/XFS/BTRFS...

Mounting Parameters DriveLetter MountPoint