System administration - jasper-zanjani/dotfiles GitHub Wiki

• adduser
• chage
• chgrp
• chmod
• edquota
• gpasswd
• groupadd
• groupdel
• groupmod
• groups
• last
• lastb
• passwd
• quota
• quotacheck
• quotaoff
• quotaon
• repquota
• su
• sudo
• sudoedit
• timedatectl
• tzconfig
• tzselect
• ulimit
• useradd
• userdel
• usermod
• visudo
• w
• wall
• who
• whoami

adduser chage chgrp chmod edquota gpasswd groupadd groupdel groupmod groups last lastb passwd quota quotacheck quotaoff quotaon repquota shutdown su sudo sudoedit timedatectl tzconfig tzselect ulimit useradd userdel usermod visudo w wall who whoami

Filesystem access control lists (FACL) allow you to grant permissions to more than one group, i.e. in cases where more than one department of a corporation needs access to the same files. They are made up of access control entries (ACE). FACL permissions will be indicated in a ls -l command by the presence of a "+" after the symbolic notation for the traditional UGO permissions. Acl is a dependency of systemd.

To enable it, add ",acl" to options in fstab file, then mount/unmount disk. If enabling FACL on root partition, system has to be rebooted.

Execute a command at a given time

echo "cmd" | at time

Execute cmd at time

at time
> cmd

        d               l m                          
          E       I       M                   W      

Change ownership of $FILE to $USER and $GROUP

chgrp $USER:$GROUP $FILE

Set sticky bit on $FILE

chmod +t $FILE

Clear sticky bit on $FILE

chmod -t file

Clear SGID bit on $FILE

chmod g-s file

Set SGID bit on $FILE

chmod g+s file

Clear SUID bit on $FILE

chmod u-s file

Set SUID bit on $FILE

chmod u+s file

Set setuid permission on $FILE

chmod +s file

      c     f   h                           v        
                H       L       P   R                

Change a file or directory's ownership. To change the user and group owner of a file to {user} and {group}, chown's syntax is of the format user:group [32].

chown susan:delta file          # Assign {file} to user `susan` and group `delta`
chown alan file                 # Assign {file} to user `alan`
chown alan: file                # Assign {file} to user and group `alan`
chown :gamma file               # Assign {file} to the group `gamma`

Recursively grant {user} ownership to {path}

chown -R user path

Assign {path} to susan and group delta, recursively and with verbose output

chown --verbose --recursive susan:delta path 
chown -vR susan:delta path

chown -vR --reference=. path    # Use a `reference` file to match the configuration of a particular file
chown -cfR --preserve-root alan # `preserve-root` prevents changes to files in the root directory, but has no effect when not used with `recursive`

Change default shell to Fish

chpass -s /usr/local/bin/fish

Synchronize system time using NTP (cf. timedatectl

Stop the systemd-timesyncd service

sudo systemctl stop systemd-timesyncd.service

Install chrony if it is not already present and enable and start the service

sudo systemctl enable chronyd && sudo systemctl start chronyd

Change the user's default shell to Bash

chsh-s /bin/bash

Change the user's default shell to Fish

chsh-s /usr/local/bin/fish

    b c         h     k   m           s t            

List memory statistics in kilobytes. Without any options, free returns a table listing general statistics in kilobytes:

free

Command-line memory dashboard

watch free -h

Get entries from the passwd file [50]

getent passwd sonny timmy

sonny:x:1001:1002:Sonny:/home/sonny:/bin/bash
timmy:x:1002:1003::/home/timmy:/bin/bash

getent group sonny timmy

sonny:x:1002:
timmy:x:1003:

Add $USER to $GROUP

gpasswd -a $USER $GROUP

Add $USER as admin of $GROUP

gpasswd -A $USER $GROUP

Remove $USER from $GROUP

gpasswd -d $USER $GROUP

Create a new group

Delete a group

              g             n                        

        d e       i     l m               u   w      
                          M                          

  a       e f           l                 u   w x    
      C                                   U          

Display processes in a tree-like display illustrating parent-child relationships

ps -f
ps --forest

Show system processes

ps ax
ps -e

Display full listing of processes

ps u
ps -f

Display user processes

ps xG
ps -a

Display SELinux contexts for processes

ps auxZ

    b                 k   m           s         x    
                          M                     X    

Grant user {lisa} right to read {file}

setfacl -m u:lisa:r file

Remove named group {staff} from {file}'s ACL

setfacl -x g:staff file

Modify file access control list for {file} to revoke write access from all groups and all named users

setfacl -m m::rx file

Grant read access to other users

setfacl -m o::rwx file4.txt

Add user {zach} to list of users of file4.txt

setfacl -m u:zach:rw file4.txt

Shut down at 8 pm

shutdown 20:00

sudo is installed by default on most distros, but it can be installed. [52]
In order to use sudo, users have to be added to special groups that vary based on distribution. The group wheel grants access to sudo on Red Hat derivatives, while there is a group named sudo on Debian, Ubuntu, and derivatives to do the same thing.
Using sudo with output redirection will cause an error if the effective user doesn't have write permissions.

• Invoke a new shell as root by using sudo sh -c
• Pipe output to sudo tee command

Prevent sudo from prompting for credentials or for any other reason

sudo --noprompt

Obtain the normal login environment

su -

Execute a single command with a non-interactive session

su -c cmd

  a                       m n o p   r s     v        

Check kernel version

uname -srm

    b c d e f g       k   m         r s   u          
        D     G                                      

Create a new user, setting their default shell to /bin/bash

useradd -s /bin/bash

Create a new user account {luke} belonging to default group {wheel}, creating a home directory

useradd -m -g wheel luke

Create a new user account with {comment}

useradd -c "comment"

Create a new user account, adding it to groups {grp1} and {grp2}

useradd -G grp1 grp2

Create a new user account, specifying {UUID}

useradd -u UUID

Add $USER

useradd $USER

Add $USER, noting her full $NAME

useradd $USER -c $NAME

Add $USER, specifying home directory at $PATH

useradd $USER -d $PATH

Add $USER, specifying expiration $DATE (YYYY-MM-DD)

useradd $USER -e $DATE

Create new $USER leaving a $COMMENT field (conventionally noting the full name of the user) and creating a home directory

useradd -c $COMMENT -m $USER

Create a system user rather than a normal user

useradd -r

Delete an existing user account

Delete an existing user account as well as the user's home directory

userdel -r  user

  a   c d     g         l             s   u          
              G         L                 U