LPIC1.pt1 Flashcards

Question

set the hardware clock to the current system time by using this command:

Answer 1

hwclock --systohc Set hwclock to UTC: sudo hwclock --systohc --utc

Answer 2

hwclock --hctosys

Answer 3

* the primary configuration file for the XWindows system newer versions of xorg/Xserver dont use xorg.conf, but instead put configuration files into the /etc/X11/xorg.conf.d directory. * major sections (exam) * ServerLayout: Settings for "screen / input devices"-combinations * Files: files that are used by your X server (i.e. fonts) * Module: used to specify which Xorg server modules should be loaded. * InputDevice - keyboards and mice (and perhaps special keypads if detected) * Device - Settings for graphics card(s) and any driver references * Monitor: - monitor(s) detected * Screen: - Settings for "graphics card / display"-combinations. description of resolutions and color depths that are supported for the detected monitor and X server * ServerFlags: - Common X server settings Monitor: Settings for displays

Answer 4

* utility to allow you to search both local (/etc/passwd and /etc/shadow) for account information as well as network sources (i.e. LDAP)

Answer 5

primary configuration file, including files in /etc/xinetd.d with files (one each) per service that is controlled * the request will come to the daemon, which will check for the service type and port and then scan for the appropriate service configuration file in /etc/xinit.d

Answer 6

* pool of ntp servers | * defines drift file to track clock drift

Answer 7

* can print network connections, routing tables, interface stats, etc * -a - show all sockets on active interfaces * -c - refresh stats every 1 second * -p - shows name and PID for each socket * -t - show TCP stats * -r - show the routing table * -n - do not attempt name resolution (IP only) * -l - display listening sockets only

Answer 8

used to dump socket statistics. it allows showing information similar to netstat

Answer 9

* KDM display manager (legacy) * uses QT libraries * replaced by kwin and later lightdm (see below) * /etc/kde/kdm * configuration directory * /usr/bin * executable location

Answer 10

* displays the current routing table * adds/removes routes as indicated * for example - route add default gw 192.168.1.1 * would manually add a default gateway to the system going to 192.168.1.1 -n - dont do name resolution del - delete a route. add - add a new route. -net - the target is a network. -host - the target is a host. netmask - when adding a network route, the netmask to be used. gw - route packets via a gateway. NOTE: The specified gateway must be reachable first. This usually means that you have to set up a static route to the gateway beforehand.

Answer 11

alternative 'fast' version of syslog

Answer 12

* contains values that track callibration to the clock and a final value to display time in LOCAL or UTC time * if the file does not exist, no calibration has ever been done and time will default to UTC

Answer 13

main configuration for sshd (the service)

Answer 14

* shows a summary of all jobs scheduled with 'at' * will not show the details, but a time and job id * alias of: at -l

Answer 15

where all log messages go (except mail)

Answer 16

* determines the order that user account information is searched for on a system during login * for example - password: files nis shadow: files nis * will search for LOCAL files for account information and then search the remote user database configured if not found

Answer 17

* the top level directory containing all time zone definitions * NOTE: these are binary files and cannot simply by viewed on the console

Answer 18

contains the default values for the useradd command when those parameters are not used

Answer 19

* defines every character as a number (code point) * originally encoded in 2 bytes, giving you 16k possible characters (called UCS-2) * once again, the number of characters in this spec was exceeded * UTF-16 was introduced to allow any character over 16k to be represented with a second pair of bytes * UTF-8—A character encoding format that encodes all characters in a variable width using blocks of 8 bits. That is, characters are from 1-4 bytes long. UTF-8 is also backward compatible to 8 bit ASCII. * UTF is the dominant encoding type

Answer 20

allows you to set the clock against the indicated ntp server

Answer 21

* shows all variables and functions in the current environment * also allows the enable/disable of various shell features

Answer 22

the system time zone (can be a full time zone copy OR a link to the configured time zone)

Answer 23

* Gnome display manager * uses GTK+ libraries * /etc/gdb * configuration directory * /usr/bin * executable directory

Answer 24

replacement for inetd allowing more granular control of services

Answer 25

mail messages are written here

Answer 26

* provides information on the current X session | * EXAM TOPIC - common question around utilities that can be used to display the screen resolution and color depth

Answer 27

alternative 'next generation' syslog

Answer 28

stores public keys for logging in as the user that owns the directory * authorized_keys file lets the server authenticate the user

Answer 29

creates a public/private key pair for use with SSH * -b [#] - encryption key size (i.e. 1024, 2048, etc) (default 4096) * -t [type] - encryption key type (DSA or RSA) - (RSA is more secure and is currently the default) * will prompt for a password - blank will allow you to use the key to login completely without password whereas entering a passphrase effectively creates two factor authentication (key + passphrase) * file permissions on keys should be either 644 (older) or 600 (newer)

Answer 30

* list-timezones - list all the timezones to choose from * set-timezone [country/zone] - set to the indicated timezone * make the actual changes, setting the /etc/localtime system setting to the time zone chosen

Answer 31

* standard utility to add new users to a system * can behave differently on Red Hat based vs. Debian based systems, best bet is to run the command with explicity parameters * -m - create home directory * -d [directory] - specify the home directory to create * -k [skeleton directory] - copies the contents of the specified directory (usually /etc/skel) to new user's home directory * -g [primary GID] - specify the user's primary GID * -u [UID] - assign the indicated UID to the user (NOTE: will error if exists) * -e [date] - the date this account is disabled after * -G [secondary GID] - allows you to set a secondary group for the user * -f [# days] - sets the number of days after a password reaches max age the account will still allow login * -o [non-unique UID] - allows the creation of a user with a UID that is NOT unique (duplicate) * -s [path and file of login shell] - a full path and name of the default login shell for the user * -D [show defaults] * -c [comments - i.e. full name]

Answer 32

ocal file that Debian systems use to store the name of the time zone configured

Answer 33

* copies your public key to the user and host as indicated * for example - ssh-copy-id user@user.mylabserver.com * after the password is entered for the indicated user, will copy the public key from this host and user to the remote host and user's 'authorized_keys' file and you can thereafter login on that system and account with this key * manual method - copy/paste the contents of your public key into the remote user's authorized_keys file and set the permissions at 600 * next connection will either work (no passphrase setup) or prompt just for passphrase

Answer 34

* home directory file for user's to define their own forwarding rules * no alias needs to be indicated since it is for the account it exists within, only need to indicate the account to forward it to

Answer 35

* allows the setting of printer options at the command line * -d [printer] - sets the default printer to the indicated value * -p [printer] - deals with the indicated printer * -l - list options for the indicated printer/queue * for example - lpoptions -p CUPS-PDF -l * would display all options for the CUPS-PDF printer

Answer 36

* when run alone, displays current environment variables and their values * can be used to modify the current environment right before you run a command (or a script when used at the top)

Answer 37

file used to check public keys of known/trusted hosts (does not exist by default) The known_hosts file lets the client authenticate the server

Answer 38

* a way of representing your language, country and encoding type * -a - show you the locales that are installed on your system

Answer 39

script that tests for the preferred display manager (on Red Hat/CentOS systems)

Answer 40

* will prompt you for your passphrase on your public key (if set) * once entered, subsequent uses will not require entry until exited

Answer 41

* special editing mode for vi that will allow editing and syntax/erro checking of the /etc/sudoers file * NOTE: the editor used can be changed by setting the 'EDITOR' environment variable to any other available text editor

Answer 42

Uses /etc/hosts.allow and /etc/hosts.deny to restrict access to network services. sysntax for both files is the same: services : clients [: option1 : option2 : ...] * services is a comma-separated list of services the current rule should be applied to. * clients represent the list of comma-separated hostnames or IP addresses affected by the rule. The following wildcards are accepted: * ALL matches everything. Applies both to clients and services. * LOCAL matches hosts without a period in their * FQDN, such as localhost. * KNOWN indicate a situation where the hostname, host address, or user are known. * UNKNOWN is the opposite of KNOWN. * PARANOID causes a connection to be dropped if reverse DNS lookups (first on IP address to determine host name, then on host name to obtain the IP addresses) return a different address in each case. * Finally, an optional list of colon-separated actions indicate what should happen when a given rule is triggered. You may want to keep in mind that a rule allowing access to a given service in /etc/hosts.allow takes precedence over a rule in /etc/hosts.deny prohibiting it. Additionally, if two rules apply to the same service, only the first one will be taken into account.

Answer 43

/etc/hosts.deny: sshd,vsftpd : ALL ALL : ALL and the following line in /etc/hosts.allow: sshd,vsftpd : 192.168.0.102,LOCAL

Answer 44

administer /etc/group and /etc/gshadow -a, --add user Add the user to the named group. -d, --delete user Remove the user from the named group. -r, --remove-password Remove the password from the named group. Only group members will be allowed to use newgrp to join the named group.

Answer 45

/etc/syslog.d/ - extra config files for programs to use the syslog daemon. daemon must be restarted before changes to syslog.conf or etc/syslog.d/ will take effect. Examples Here are some example, partially taken from a real existing site and configuration. Hopefully they rub out all questions to the configuration, if not, drop me (Joey) a line. ``` # Store critical stuff in critical # *.=crit;kern.none /var/adm/critical This will store all messages with the priority crit in the file /var/adm/critical, except for any kernel message. # Kernel messages are first, stored in the kernel # file, critical messages and higher ones also go # to another host and to the console # kern.* /var/adm/kernel kern.crit @finlandia kern.crit /dev/console kern.info;kern.!err /var/adm/kernel-info The first rule direct any message that has the kernel facility to the file /var/adm/kernel. The second statement directs all kernel messages of the priority crit and higher to the remote host finlandia. This is useful, because if the host crashes and the disks get irreparable errors you might not be able to read the stored messages. If they're on a remote host, too, you still can try to find out the reason for the crash. ``` The third rule directs these messages to the actual console, so the person who works on the machine will get them, too. The fourth line tells the syslogd to save all kernel messages that come with priorities from info up to warning in the file /var/adm/kernel-info. Everything from err and higher is excluded. Messages of the priority alert will be directed # to the operator # *.alert root,joey This rule directs all messages with a priority of alert or higher to the terminals of the operator, i.e. of the users ''root'' and ''joey'' if they're logged in. *.debug ~ will not log these messages, but will delete them

Answer 46

The Debian version of bash is compiled with a special option (-DSYS_BASHRC) that makes bash read /etc/bash.bashrc before ~/.bashrc for interactive non-login shells. So, on Debian systems, /etc/bash.bashrc is to ~/.bashrc as /etc/profile is to ~/.bash_profile.

Answer 47

This is the preferred configuration file for configuring user environments individually. In this file, users can add extra configuration options or change default settings:

Answer 48

This file contains specific settings that are normally only executed when you log in to the system. In modern system's this file has basically been replaced with ~/.bash_profile or ~/.profile, as these files perform the same functions. In the example, we use it to configure the umask value and to show a list of connected users upon login.

Answer 49

- e file exists - f file is a regular file (not a directory or device file) - s file is not zero size - b file is a block device - c file is a character device

Answer 50

Wayland is intended as a simpler replacement for X, easier to develop and maintain. GNOME and KDE are expected to be ported to it.

Answer 51

program is used to edit and display the authorization information used in connecting to the X server.

Answer 52

-d, --lastday LAST_DAY Set the number of days since January 1st, 1970 when the password was last changed. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). -E, --expiredate EXPIRE_DATE Set the date or number of days since January 1, 1970 on which the user's account will no longer be accessible. The date may also be expressed in the format YYYY-MM-DD (or the format more commonly used in your area). A user whose account is locked must contact the system administrator before being able to use the system again. Passing the number -1 as the EXPIRE_DATE will remove an account expiration date. -h, --help Display help message and exit. -I, --inactive INACTIVE Set the number of days of inactivity after a password has expired before the account is locked. The INACTIVE option is the number of days of inactivity. A user whose account is locked must contact the system administrator before being able to use the system again. Passing the number -1 as the INACTIVE will remove an account's inactivity. -l, --list Show account aging information. -m, --mindays MIN_DAYS Set the minimum number of days between password changes to MIN_DAYS. A value of zero for this field indicates that the user may change his/her password at any time. -M, --maxdays MAX_DAYS Set the maximum number of days during which a password is valid. When MAX_DAYS plus LAST_DAY is less than the current day, the user will be required to change his/her password before being able to use his/her account. This occurrence can be planned for in advance by use of the -W option, which provides the user with advance warning. Passing the number -1 as MAX_DAYS will remove checking a password's validity. -W, --warndays WARN_DAYS Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire.

Answer 53

/etc/localtime should be a symbolic link to a file under /usr/share/zoneinfo/. System management utilities such as timedatectl can change the setting, and they would do that by changing the target of the symbolic link.

Answer 54

* Library that handles internationalization * Relies on environment variables to determine which locale is necessary * LANGUAGE: Used when displaying messages, but does not affect formatting * LC_ALL: Force the indicated locale even if other variables are set differently * LC_XXX gives the administrator the power to override a locale for a particular element. For example, if LANG were set to en_US.UTF-8 the user could override currency display by setting LC_MONETARY. * LANG: Encoding type

Answer 55

Encoding type. The locale and language settings are defined in the LANG variable that you can see if you run echo $LANG Set the English locale: $ LANG=en_US.utf8 Set the Russian locale: $ LANG=ru_RU.utf8 you can set it permanently. Put the following line to the ~/.bashrc or ~/.profile files, to change permanently the locale of the current user to en_US.utf8: export LANG=en_US.utf8

Answer 56

LC_ALL is the environment variable that overrides all the other localisation settings (except $LANGUAGE under some circumstances). ... The individual LC_xxx variables override a certain aspect. LC_ALL overrides them all. The locale command, when called without argument gives a summary of the current settings.

Answer 57

utility to view the installed timezone. It comes handy when you want to know what time it is in other countries, or if you just wonder what timezones exist.

Answer 58

part of systemd system and service manager, a replacement for old traditional date command used in sysvinit daemon based Linux distributions.

Answer 59

UTF-8 is a variable width character encoding capable of encoding all 1,112,064 valid code points in Unicode using one to four 8-bit bytes. The encoding is defined by the Unicode Standard, and was originally designed by Ken Thompson and Rob Pike.

Answer 60

The pool.ntp.org project is a big virtual cluster of timeservers providing reliable easy to use NTP service for millions of clients.

Answer 61

Examples: shows newest log entries first # journalctl -r show only most recent entries and limits lines specified. # journalctl -n Show all messages from this boot: # journalctl -b However, often one is interested in messages not from the current, but from the previous boot (e.g. if an unrecoverable system crash happened). This is possible through optional offset parameter of the -b flag: journalctl -b -0 shows messages from the current boot, journalctl -b -1 from the previous boot, journalctl -b -2 from the second previous and so on – you can see the list of boots with their numbers by using journalctl --list-boots. See journalctl(1) for a full description; the semantics are more powerful than indicated here. Show all messages from date (and optional time): # journalctl --since="2012-10-30 18:17:16" Show all messages since 20 minutes ago: # journalctl --since "20 min ago" Follow new messages: # journalctl -f Show all messages by a specific executable: # journalctl /usr/lib/systemd/systemd Show all messages by a specific process: # journalctl _PID=1 Show all messages by a specific unit: # journalctl -u man-db.service Show kernel ring buffer: # journalctl -k Cataloge # journalctl -x Show only error, critical and alert priority messages: # journalctl -p err..alert You can use numeric log level too, like journalctl -p 3..1. If single number/log level is used, journalctl -p 3, then all higher priority log levels are also included (i.e. 0 to 3 in this case). Show auth.log equivalent by filtering on syslog facility: # journalctl SYSLOG_FACILITY=10

Answer 62

Clear systemd journals older than X days The first one is time-based, clearing everything holder than say 10 days. $ journalctl --vacuum-time=10d ... Vacuuming done, freed 2.3G of archived journals on disk. Alternatively, you can limit its total size. Clear systemd journals if they exceed X storage This example will keep 2GB worth of logs, clearing everything that exceeds this. $ journalctl --vacuum-size=2G ... Vacuuming done, freed 720.0M of archived journals on disk.

Answer 63

/etc/logrotate.conf: this file contains some default settings and sets up rotation for a few logs that are not owned by any system packages. It also uses an include statement to pull in configuration from any file in the /etc/logrotate.d directory.

Answer 64

/etc/logrotate.d/: this is where any packages you install that need help with log rotation will place their Logrotate configuration. On a standard install you should already have files here for basic system tools like apt, dpkg, rsyslog and so on.

Answer 65

Allows user to configure their own forwarding rules. You can have your mail forwarded to more than two addresses by adding more addresses, separated by a comma and a space. example file contents: username1@host1, username2@host2 For example, if you are user dvader and you want to forward your mail to vader@empire.gov, anakin@darkside.com, and darth@sithlord.org, you would enter: vader@empire.gov, anakin@darkside.com, darth@sithlord.org

Answer 66

Used to configure mail forwarding Edit the /etc/aliases file (with vi editor) Append / change an email alias in this format alias_name: email_id1, email_id2, ... E.g. append this new email alias to the /etc/aliases blogadmin: walkernews@walkernews.net, assist@walkernews.net Save and exit the alias file Execute the newaliases command followed by echo $? (suppose there is no error found, you will get a 0 returned by the echo command). Alternatively, you can execute the equivalent sendmail -bi command (since this is a Sendmail system) By now, you should test and confirm the works done so far. E.g. send an email to the email alias: mail -s "testing with aliases name blogadmin" blogadmin

Answer 67

Lists nameservers that are used by your host for DNS resolution. If you are using DHCP, this file is automatically populated with DNS record issued by DHCP server. example: nameserver 192.168.1.2

Answer 68

static lookup method for resolution

Answer 69

Defines order of resolution. Who should it consult first for resolution, a DNS or a host file? For example, if the file has following configuration hosts: files dns then /etc/hosts file will be checked first for resolution, if domain is still un-resolvable, DNS will then be consulted.

Answer 70

w displays info about the - uptime, number of users currently on the machine, and system load: 1, 5, 15min. also shows usersand their processes. unlike 'who' which only display's who is logged in to the system

Answer 71

10. 0.0.0 to 10.255.255.255 172. 16.0.0 to 172.31.255.255 192. 168.0.0 to 192.168.255.255 Another range of private IP addresses is 169.254.0.0 to 169.254.255.255, but those addresses are for Automatic Private IP Addressing (APIPA) use only.

Answer 72

Sourcing a file executes it in the current shell environment instead of creating a separate child environment. Thus variables set in the script are available in the current environment. If the script didn’t export the variable, it will not be available to child processes later on.

Answer 73

The env command, and note that it’s a command not built into the shell, allows you to modify the environment prior to running a command. By itself it displays all environment variables. The most common use of env is at the beginning of a shell script. In this case it’s /usr/bin/ruby. But what if ruby is somewhere other than /usr/bin? Using #!/bin/env ruby gets the shell to search for Ruby in the PATH

Answer 74

ISO-8859 standard—A series of standards that define standard 8-bit code pages for character encoding. ISO-8859-1 is the Latin alphabet with English characters, ISO-8859-9 is the Latin alphabet with Turkish characters.

Answer 75

environment variable that can be used to override the system timezone: export TZ=US/Hawaii

Answer 76

Toggle Keys - is capable of being configured to emit a sound when a key such as the Ctrl key is pressed. Slow Keys - governs the duration of a key’s press before the system accepts it, Sticky - Sticky Keys is a feature that allows the user to perform keyboard combinations, such as Ctrl+c, without having to hold down the modifier button while pressing the combination. For example, instead of holding down the Ctrl button while pressing the c key, the user can press the Ctrl button once and then press the c key. Repeat Keys - governs how many times a key will be repeated with a single press. Bounce Keys - governs how the system will ignore several quick or repeated presses on a key. Mouse Keys - When Mouse Keys are enabled, the user can move the mouse cursor by using keys on the keyboard. On the number pad, keys 1-4 and 6-8 represent directions to move the mouse. Pressing on the 5 key represents clicking the mouse once. Double pressing 5 represents double-clicking. For this to work, the Num Lock feature must be turned off.

Answer 77

X –configure

Answer 78

xhost —Shows the current state. xhost - —Enables security; only those that are authorized can connect. xhost + —Disables security; anyone can connect. xhost +host1 host2 host1 being added to the access control list. host2 being added to the access control list xhost –host3 host4 host3 being blocked from access. host4 being blocked from acces

Answer 79

Users can have only a single primary group; if they need to create an object that has to be assigned to another group, the user can use the chgrp command. chgrp [option] [group] [file] For a single file, this is easy, but if the user wants to create a bunch of files owned by a different group, this technique can be tedious. Another option is for users to temporarily change their primary group with the newgrp command.

Answer 80

Another option is for users to temporarily change their primary group with the newgrp command. For example: newgrp users The newgrp command doesn’t alter the /etc/passwd file or the /etc/group file; "it opens a new shell with a different primary group". By default, a user can use the newgrp command to temporarily change her primary group to any group she is a member of. After creating the necessary files, the user can return to the shell that has the default primary group by executing the exit command. Note that users can change only to groups that they are a secondary member of.

Answer 81

``` /etc/passwd" Red Hat = -rw-r--r-- (644) Debian = -rw-r--r-- (644) /etc/shadow" Red Hat = -r-------- (400) Debian = rw-r----- (640) ```

Answer 82

The passwd utility includes some of the previous options, such as these: - d—Disables a user account by removing its password - n—Sets the minimum password lifetime in days - x—Sets the maximum password lifetime in days - w—Sets the warning number of days before the password expires - i—Sets the number of days an account with an expired password can be inactive before it’s locked - S—Shows the user password information, such as what encryption is used and whether a password is set

Answer 83

NOTE: tp make changes permanant you will need to edit the /etc/security/limits.conf file. maxlogins - max logins for particular user maxsyslogins - max logins for the system The ulimit command accepts many options, including the following: - a - show user's ulimit settings - c—Limits the size of core (crash dump) files - d—Limits the size of the user’s process data - f—Limits the maximum size of files created in the shell - n—Limits the number of open file descriptors or open files allowed - t—Limits the amount of CPU time allowed to the user (expressed in seconds) - u—Limits the number of processes that a given user can run - v—Limits the maximum amount of virtual memory available to the shell - m - max memory size

Answer 84

- b -allow ping of broadcast address - c -count - s -packetsize. default is 56 - t -ttl

Answer 85

midnight—Runs the task at 00:00 on the current day. noon—Runs the task at 12:00 on the current day. teatime—Runs the task at 16:00 (at’s British roots are evident). time-of-day—Such as 2:00 p.m. or 5:00 a.m. date—You can specify a time on a specific day, such as 2pm jul 23 or 4am 121504. now + time—You can specify any number of minutes, hours, days, and weeks from the current time, such as now + 30 minutes. * -f - specifiy a file to run

Answer 86

The batch command is used to run tasks or jobs at no specific time, but at a particular threshold of system utilization. By default, batch runs jobs once at a future time when the system 1 minute load average is less than or equal to 0.8. This can be configured by specifying the desired utilization average with the atrun command, such as atrun -l 1.6 This sets the threshold that batch will watch to 1.6, and if load average drops below that value, the batch job is run.

Answer 87

- c class - Adds the named printer to class. If class does not exist it is created automatically. - r class - Removes the named printer from class. If the resulting class becomes empty it is removed. - u allow:user,user; -u deny:user,user; -u allow:all; -u deny:none - Sets user-level access control on a printer. The latter two forms turn user-level access control off. - E - Enables the printer and accepts jobs; this is the same as running the accept(8) and enable(8) programs on the printer. - L - location. Provides a textual location of the printer.

Answer 88

- i - view active network connections - n - don't do name resolution - u - specify user

Answer 89

%A locale's full weekday name (e.g., Sunday) %b locale's abbreviated month name (e.g., Jan) %B locale's full month name (e.g., January) %d day of month (e.g., 01) %D date; same as %m/%d/%y %F full date; same as %Y-%m-%d %H hour (00..23) %m month (01..12) %M minute (00..59) %s seconds since 1970-01-01 00:00:00 UTC %S second (00..60) %T time; same as %H:%M:%S %U week number of year, with Sunday as first day of week (00..53) %y last two digits of year (00..99) %Y year %z +hhmm numeric time zone (e.g., -0400)

Answer 90

list-timezones set-timezone -e.g. "America/New_York" set-time -e.g. "2018-12-1 01:00:00" (set time persistently) set-ntp on/off

Answer 91

var/log/dmesg - linux kernel boot messages (hardware issures) var/log/mesages - standard system log messages var/log/secure - security log messages, containing info on login attempts