Midterm Review

Midterm is Wednesday June 29th

Note

When I describe a command below, the bits in <> are required arguments and the bits in [] are optional arguments. For example, touch requires a path argument, rm has two optional arguments and requires a path, and su has one optional argument (just a '-') and an optional username argument. You should know the arguments I've listed and the general format of the command.

Linux installation

Hardware required for linux: just about anything
Partitioning the system: what is a partition, pros/cons of partitions
Common partitions: filesystems used, common sizes, /boot (files required to boot system), swap (virtual memory), /home (user files), /usr (system files, often mounted ro)
Common filesystems and features: ext[2|3], reiserfs, swap
superuser account: username, password, use, avoid using

Environment Variables

'$' to access
'set' to list or set environment variables
'export' to set a new variable
What PATH, HOSTNAME, and EDITOR contain and are used for

Unix commands

touch <path>
mkdir <path>
ls [-l, -a, -R] [path]
cd <path>
pwd
rm [-r, -f] <path>
rmdir <path>
who [ am i, -a]
ps [-e, -a]
netstat [-a]
uname [-a]
echo [string]
script [-a] [path]
groups [username]
chmod <permissions> <path>
chown <username> <path>
chgrp <groupname> <path>
getfacl <path>
setfacl <options> <path>
head [-# where # is a decimal number] <path>
tail [-# where # is a decimal number, -f] <path>
more <path>
cat <path>
diff [-c] <file1> <file2>
su [-] [username]
passwd [username]
useradd [-c,-d,-m,-s] <username>
userdel [-r] <username>
groupadd <groupname>
groupdel <groupname>
groups [username]
find <path> [-ls,-exec ... \;]
free [-m,-k]
dd [if=<path>, of=<path>, bs=<blocksize>, count=<count>]
swapoff <device>
mkswap <file>
swapon <file>
ssh-keygen -t [dsa|rsa]
tar [c t x v f z j] <file>
gzip <file>
gunzip <file>
bzip2 <file>
bunzip2 <file>
cron [-u] <-l,-e,-r>

User and Group Accounts

Files storing local account information: /etc/passwd, /etc/shadow, /etc/group
User account properties: username, UID, GID, GECOS, home path, shell
Special accounts: service accounts (e.g. www, mysql), their purpose, home directory, shell
Creating, deleating, backing up.

rpm system

What it is: redhat package management system
Why we use it: Makes software management easy, very powerful software management
Features: checks dependencys, versions, tracks installed packages
Commands and arguments: rpm [-i, -U, -e, -v, -h, -q, -a] [arguments]

SSH

What it gives you, problems, good security practices
Required services: just sshd for server, nothing for client
Configuration files and directories: /etc/ssh, sshd_config, ssh_config, known_hosts, authorized_keys
X11 Display Forwarding: How to enable and configure (sshd_config: "X11Forwarding [yes|no]", "X11DisplayOffset xx", ssh_config: "ForwardX11 [yes|no]", "ForwardX11Trusted [yes|no]"), pros, cons, applications: clustering, terminal server, drawbacks: security risk, slow
SSH configuration files (global in /etc/ssh and user-specific in ~/.ssh) including general file format
Banner, MOTD, where they are stored, how to enable them, what's the difference
Public / private key authentication, how to generate keys, configuration files, pros, cons, security risks/advantages

NFS

What it is, applications, implementation (UDP stateless transfers), required services on both server and client, client / server behavior in a crash or restart.
NFS configuration files, general file format and configuration options.
NFS versions: Kernal and userspace, differences between them How to mount a remote filesystem: mount <server>:<remotepath> <localpath>

LAMP

What it stands for, why it's such a big deal (killer linux application).
Ways to secure services: chroot, special users, control network access, logs, secure passwords, distribute services
Build services from source code: ./configure [options (like --prefix=..., --help)], make, make install
Start / stop services: /etc/init.d, apachectl, mysqladmin

Apache

Major versions: 1.3 and 2.0
Differences in versions: processes handled better and better M$ Windows support in Apache2, modules NOT compatable between versions
Security risks: web/dabase servers are high-profile, attract hackers, complex, hard to secure, can't be taken down politely
Major features: Virtual servers, modules, SSL encryption, dynamic configuration, free, 64%+ of internet served with Apache
Configuration: How to enable modules (e.g. php), config file name, commonly changed options (Port, ServerAdmin, DocumentRoot, Error_Log, Transaction_Log)
Aliases: "Alias /fakepath[/] 'absolute_real_path'", risks, advantages
Redirection: "Redirect /oldpath 'new_URL'", risks, advantages
SSL: Common port (443), required modules (mod_ssl), typically done as a virtual server, when it should/shouldn't be used, "apachectl startssl" to start, can use apache_ssl instead of apache+mod_ssl
SSL certificate generation: done with openssl command, same concept/algorithms as ssh public/private key-pair authentication

MySQL

Configuration: file and location, commonly changed options (user, port, skip-networking)
Security risks, mysql command, mysqladmin command
MySQL Users: not unix users, stored in seperate database, manage with mysql or mysqladmin

PHP

How to enable PHP for apache: "LoadModule <php|php4|mod_php|php4_module> <path>"
How to test PHP installation: <?phpinfo();?>
PHP Extentions: They exist, are like #include in c/c++, SQL and Regex common

Backup

Tar command: Uses old-style letters instead of '-' or '--' arguments (although these are sometimes allowed), does NOT compress archive, defaults to I/O streams (stdin, stdout) instead of files, most powerful when piped through other commands (e.g. ssh, dd)
Compression commands: gzip, bzip2, differences (bzip2 better comression but slow)
Compressing with tar: newer versions of tar support 'j' and 'z' arguments to [un]compress on the fly

Cron jobs

cron daemon: process is 'cron', controlled through /etc/init.d/cron, e-mails output of commands to user's account
cron command: listing, editing, and deleating a crontab, EDITOR environment variable
crontabs: every user has a crontab, root crontab is privilaged, user does not have to be logged in for cron to execute crontab
crontab file format: one entry per command, "minute hour DOM month DOW command", #-comments allowed, wildcards allowed, restricted path so absolute path to commands is encouraged