Fundamentals
Terminal
Shortcuts
Clear Terminal: [CTRL] + L
Search Through Command History:
[CTRL] + R - Search through command history for commands we typed previously that match our search patterns.
[↑] / [↓] - Go to the previous/next command in the command history.
Cycle through argument history:
[Alt] + .
Erase The Current Line
[CTRL] + U - Erase everything from the current position of the cursor to the beginning of the line.
[Ctrl] + K - Erase everything from the current position of the cursor to the end of the line.
[Ctrl] + W - Erase the word preceding the cursor position.
Running previous command
!$ : References the last argument of the previous command.
!* : References all arguments of the previous command (excluding the command name itself).
!:n : References the nth argument (e.g., !:1 for the first argument).
!! : References the entire previous command. (sudo v helpful)
user permissions and file permissions
Non root permissions:
UID of root: #0 but sudo (versions < 1.8.28) bypasses this with sudo -u#-1 [command] (CVE-2019-14287)
To see contents of directory: Execute permission must be present
To modify files or subdirectories of directory: Write permission must be present
Change owner of a file:
chown [user]:[group] [file/directory]
Sticky bit: In a shared directory, only the file's owner, the directory's owner, or the root user can delete or rename files. Other users can still access the directory but can’t modify files they don’t own.
Sticky bit is capitalized (T): all other users do not have execute (x) permissions, therefore, cannot see the contents of the folder nor run any programs from it.
Sticky bit is lowercase (t): execute (x) permissions have been set, others can view and run the file but no modify or delete it.
Execute a command as a different user:
su -c "ls /etc/shadow or any other command" [root or other user]
Modifying users:
| Command | Description |
|---|---|
| su | Execute command as different user |
| useradd | Creates a new user |
| userdel | Deletes a user account |
| usermod | Modifies a user |
| addgroup | Adds a group |
| delgroup | Removes a group |
| passwd | Changes user password |
System information:
| Description | |
|---|---|
| Current Username | whoami |
| Group membership of users | id |
| name of system | hostname |
| OS info | uname -a, -r |
| currently logged in | who |
| lists opened files | lsof |
| lists blocked devices | lsblk |
| lists USB devices | lsusb |
| lists PCI devices | lspci |
• Info about a specific package:
apt-cache show [package_name]
find
| option | switch |
|---|---|
| older than a date | -newermt full_date |
| size | -size +5k or -size -5k |
| name | -name *.conf or -name * .bak |
| Remove fails or errors | > /dev/null |
| Execute command for the found file | -exec ls -al {} ; 2>/dev/null |
| executable or not | -executable or ! -executable |
Here, {} is placeholder for the file name backslash ; to escape the ;
changing directories
pushd [directory you want to go]
popd # returns to original directory
location of program/tool
which [program_name]
Full path of a file
realpath [filename]
info about files: ls
decreasing order of modification date: newest first
ls -t
ls -t | head -n 1 #shows top most, most recent modified
inode number of file
ls -i
Location of log files of common services
| Service | Description |
|---|---|
| Apache | Access logs are stored in the /var/log/apache2/access.log file (or similar, depending on the distribution). |
| Nginx | Access logs are stored in the /var/log/nginx/access.log file (or similar). |
| OpenSSH | Access logs are stored in the /var/log/auth.log file on Ubuntu and in /var/log/secure on CentOS/RHEL. |
| MySQL | Access logs are stored in the /var/log/mysql/mysql.log file. |
| PostgreSQL | Access logs are stored in the /var/log/postgresql/postgresql-version-main.log file. |
| Systemd | Access logs are stored in the /var/log/journal/ directory. |