From 2a4664a37e425bcfb542016a04da79e26b17bc32 Mon Sep 17 00:00:00 2001 From: waldek Date: Sat, 10 Apr 2021 15:01:54 +0200 Subject: [PATCH] checks for layout --- .../essentials/lpi_essentials_lesson_04.md | 240 +++++++++++++++++ .../essentials/lpi_essentials_lesson_05.md | 243 ++++++++++++++++++ 2 files changed, 483 insertions(+) create mode 100644 certificates/essentials/lpi_essentials_lesson_04.md create mode 100644 certificates/essentials/lpi_essentials_lesson_05.md diff --git a/certificates/essentials/lpi_essentials_lesson_04.md b/certificates/essentials/lpi_essentials_lesson_04.md new file mode 100644 index 0000000..603f489 --- /dev/null +++ b/certificates/essentials/lpi_essentials_lesson_04.md @@ -0,0 +1,240 @@ +# Lesson 4.1 + +## Guided Exercises + +1. Which project makes up the common component of all Linux distributions? + * CentOS + * Red Hat + * Ubuntu + * Linux Kernel + * CoreOS +1. Which operating system is reported in use for macOS from Apple? + * OS X + * OSX + * Darwin + * MacOS +1. How does a Linux distribution differ from the Linux kernel? + * The kernel is part of a distribution, the distribution as applications to surround the kernel to make it useful + * The kernel is the Linux distribution + * All distributions that use the same kernel are the same +1. Which operating system other than Linux also includes the Bash shell as default? + * macOS + * Windows 10 + * OS2 Warp + * DOS +1. Which of the following is a desktop environment in Linux? + * Mint + * Elementary + * Zorin + * Wayland +1. Which component of an operating system allows access to hardware? + * Drivers + * Shells + * Service + * Application + +## Explorational Exercises + +1. Retrieve the current Kernel version of your Linux system if you have access to the command line +1. Using your preferred search engine locate and identify public cloud providers available to you. These could include AWS, Google Cloud, Rackspace and many more. Choose one and see which operating systems are available to deploy. + +# Lesson 4.2 + +## Guided Exercises + +1. Describe these terms: + * Processor + * CPU + * GPU +1. If you are primarily running video editing applications (a computationally intensive activity) which components and characteristics would you expect to have the most impact on system usability: + * CPU cores + * CPU speed + * Available system memory + * Storage system + * GPU + * Video display + * None of the above +1. What would you expect the name of the device file in /dev to be for partition 3 of the third SATA drive in a system: + * sd3p3 + * sdcp3 + * sdc3 + * None of the above + +## Explorational Exercises + +1. Run the lsblk command on your system. Identify the parameters below. If a system is not immediately available, consider the lsblk -f listing for the Raspberry Pi system mentioned in the “Storage” section above: + + ``` + $ lsblk -f + NAME FSTYPE LABEL UUID MOUNTPOINT + mmcblk0 + +-mmcblk0p1 vfat boot 9304-D9FD /boot + +-mmcblk0p2 ext4 rootfs 29075e46-f0d4-44e2-a9e7-55ac02d6e6cc / + ``` + * The type of devices and how many + * The partition structure of each device + * The type of file system and mount for each partition + +# Lesson 4.3.1 + +## Guided Exercises + +1. Use the which command to find out the location of the following programs and if they require root permissions: + * swapon + * kill + * cut + * usermod + * cron + * ps +1. Where are the following files to be found? In the user home or in /etc? + * .bashrc + * bash.bashrc + * passwd + * .profile + * resolv.conf + * sysctl.conf +1. Explain the meaning of the number elements for kernel file vmlinuz-4.15.0-50-generic found in /boot: + * 4 + * 15 + * 0 + * 50 +1. What command would you use to list all hard drives and partitions in /dev? + +## Explorational Exercises + +1. Device files for hard drives are represented based on the controllers they use \— we saw /dev/sd\* for drives using SCSI (Small Computer System Interface) and SATA (Serial Advanced Technology Attachment), but + * How were old IDE (Integrated Drive Electronics) drives represented? + * And modern NVMe (Non-Volatile Memory Express) drives? +1. Take a look at the file /proc/meminfo. Compare the contents of this file to the output of the command free and identify which key from /proc/meminfo correspond to the following fields in the output of free: + * total + * free + * shared + * buff/cache + * available + +# Lesson 4.3.2 + +## Guided Exercises + +1. Have a look at the following listing of top and answer the following questions: + + ``` + carol@debian:~$ top + + top - 13:39:16 up 31 min, 1 user, load average: 0.12, 0.15, 0.10 + Tasks: 73 total, 2 running, 71 sleeping, 0 stopped, 0 zombie + %Cpu(s): 1.1 us, 0.4 sy, 0.0 ni, 98.6 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st + KiB Mem : 1020332 total, 698700 free, 170664 used, 150968 buff/cache + KiB Swap: 1046524 total, 1046524 free, 0 used. 710956 avail Mem + + PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND + 605 nobody 20 0 1137620 132424 34256 S 6.3 13.0 1:47.24 ntopng + 444 www-data 20 0 364780 4132 2572 S 0.3 0.4 0:00.44 apache2 + 734 root 20 0 95212 7004 6036 S 0.3 0.7 0:00.36 sshd + 887 carol 20 0 46608 3680 3104 R 0.3 0.4 0:00.03 top + 1 root 20 0 56988 6688 5240 S 0.0 0.7 0:00.42 systemd + 2 root 20 0 0 0 0 S 0.0 0.0 0:00.00 kthreadd + 3 root 20 0 0 0 0 S 0.0 0.0 0:00.09 ksoftirqd/0 + 4 root 20 0 0 0 0 S 0.0 0.0 0:00.87 kworker/0:0 + (...) + + ``` + * Which processes have been started by the user carol? + * What virtual directory of /proc should you visit to search for data regarding the top command? + * What process was run first? How can you tell? + * Complete the table specifying in what area (Summary or Task) of top output the following information is found: + * Memory + * Swap + * PID + * CPU time + * Commands +1. What command is used to read the following binary logs? + * /var/log/wtmp + * /var/log/btmp + * /run/log/journal/2a7d9730cd3142f4b15e20d6be631836/system.journal +1. In combination with grep, what commands would you use to find out the following information about your Linux system? + * When the system was last rebooted (wtmp) + * Which hard disks are installed (kern.log) + * When the last login occurred (auth.log) +1. What two commands would you use to have the kernel ring buffer displayed? +1. Indicate where the following log messages belong: + * Jul 10 13:37:39 debian dbus[303]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher' + * /var/log/auth.log + * /var/log/kern.log + * /var/log/syslog + * /var/log/messages + * Jul 10 11:23:58 debian kernel: [ 1.923349] usbhid: USB HID core driver + * /var/log/auth.log + * /var/log/kern.log + * /var/log/syslog + * /var/log/messages + * Jul 10 14:02:53 debian sudo: pam_unix(sudo:session): session opened for user root by carol(uid=0) + * /var/log/auth.log + * /var/log/kern.log + * /var/log/syslog + * /var/log/messages + * Jul 10 11:23:58 debian NetworkManager[322]: [1562750638.8672] NetworkManager (version 1.6.2) is starting... + * /var/log/auth.log + * /var/log/kern.log + * /var/log/syslog + * /var/log/messages +1. Have journalctl query information about the following units? + * ssh + * networking + * rsyslog + * cron + +## Explorational Exercises + +1. Reconsider the top output from the guided exercises and answer the following questions: + * What two steps would you follow to kill the apache web server? + * In the summary area, how could you display the information about physical memory and swap using progress bars? + * Now, sort the processes by memory usage: + * Now that you have memory information displayed in progress bars and processes sorted by memory usage, save these configurations so that you get them as default next time you use top: + * What file stores top’s configuration settings? Where does it live? How can you check for its existence? +1. Learn about the command exec in Bash. Try to demonstrate its functionality by starting a Bash session, finding the Bash process with ps, then run exec /bin/sh and search for the process with the same PID again. +1. Follow these steps to explore kernel events and udev’s dynamic management of devices: + * Hotplug a USB drive into your computer. Run dmesg and pay attention to the last lines. What is the most recent line? + * Bearing in mind the output from the previous command, run ls /dev/sd\* and make sure your USB drive appears in the listing. What is the output? + * Now remove the USB drive and run dmesg again. How does the most recent line read? + * Run ls /dev/sd\* again and make sure your device disappeared from the listing. What is the output? + +# Lesson 4.4 + +## Guided Exercise + +1. A network engineer is asked to assign two IP addresses to the ens33 interface of a host, one IPv4 address (192.168.10.10/24) and one IPv6 address (2001:0:0:abcd:0:8a2e:0370:7334/64). What commands must they enter to achieve this? +1. Which addresses from the list below are private? + * 192.168.10.1 + * 120.56.78.35 + * 172.16.57.47 + * 10.100.49.162 + * 200.120.42.6 +1. What entry would you add into the hosts file to assign 192.168.0.15 to example.com? +1. What effect would the following command have? + * `sudo ip -6 route add default via 2001:db8:0:abcd::1` + +# Explorational Exercises + +1. Name the DNS record type used to serve the following requests: + * Textual data + * Reverse IP address lookup + * A domain that has no address of its own and relies on another domain for this information + * Mail Server +1. Linux has a feature called bridging, what does it do and how is it useful? +1. What option needs to be supplied to the ss command in order to view all established UDP sockets? +1. Which command shows a summary of all sockets running on a Linux device? +1. The following output is generated by the command from the previous exercise. How many TCP and UDP sockets are active? + + ``` + Total: 978 (kernel 0) + TCP: 4 (estab 0, closed 0, orphaned 0, synrecv 0, timewait 0/0), ports 0 + + Transport Total IP IPv6 + * 0 - - + RAW 1 0 1 + UDP 7 5 2 + TCP 4 3 1 + INET 12 8 4 + FRAG 0 0 0 + ``` diff --git a/certificates/essentials/lpi_essentials_lesson_05.md b/certificates/essentials/lpi_essentials_lesson_05.md new file mode 100644 index 0000000..fd82890 --- /dev/null +++ b/certificates/essentials/lpi_essentials_lesson_05.md @@ -0,0 +1,243 @@ +# Lesson 5.1 + +## Guided Exercises + +1. Consider the following output of the id command: + + ``` + $ id emma + uid=1000(emma) gid=1000(emma) groups=1000(emma),4(adm),5(tty),10(uucp),20(dialout),27(sudo),46(plugdev) + ``` + * In which files are the following attributes stored? + * UID and GID + * Groups + * Additionally, in which file is the user password stored? +1. Which of the following types of cryptography is used by default to store passwords locally on a Linux system? + * Asymmetric + * One-way Hash + * Symmetric + * ROT13 +1. If an account has a User ID (UID) enumerated under 1000, what type of account is this? +1. How can you get a list of the active logins in your system, and a count of them as well? +1. Using the grep command, we got the result below with information about the user emma. + + ``` + $ grep emma /etc/passwd + emma:x:1000:1000:Emma Smith,42 Douglas St,555.555.5555,:/home/emma:/bin/ksh + ``` + * Fill in the blanks of the chart with the appropriate information using the output of the previous command. + * Username + * Password + * UID + * Primary GID + * GECOS + * Home Directory + * Shell + +## Explorational Exercises + +1. Compare the results of last to w and who. What details are missing from each of the commands compared to one another? +1. Try issuing the commands who and w -his. + * What information has been removed from the output of the w command with the “no header” (-h) and “short” (-s) options? + * What information has been added in the output the w command with the “ip address” (-i) option? +1. Which file is the file that stores a user account’s one-way password hash? +1. Which file contains the list of groups a user account is a member of? What logic could be used to compile a list of a groups a user account is a member of? +1. One or more (1+) of the following files are not readable by regular, unprivileged users, by default. Which ones? + * /etc/group + * /etc/passwd + * /etc/shadow + * /etc/sudoers +1. How would you change the current user’s login shell to the Korn Shell (/usr/bin/ksh) in non-interactive mode? +1. Why is the home directory of the root user not placed within /home directory? + +# Lesson 5.2 + +## Guided Exercises + +1. For each of the following entries, indicate the file to which it refers: + * developer:x:1010:frank,grace,dave + * root:x:0:0:root:/root:/bin/bash + * henry:$1$.AbCdEfGh123456789A1b2C3d4.:18015:20:90:5:30:: + * henry:x:1000:1000:User Henry:/home/henry:/bin/bash + * staff:!:dave:carol,emma +1. Observe the following output to answer the next seven questions: + + ``` + # cat /etc/passwd | tail -3 + dave:x:1050:1050:User Dave:/home/dave:/bin/bash + carol:x:1051:1015:User Carol:/home/carol:/bin/sh + henry:x:1052:1005:User Henry:/home/henry:/bin/tcsh + # cat /etc/group | tail -3 + web_admin:x:1005:frank,emma + web_developer:x:1010:grace,kevin,christian + dave:x:1050: + # cat /etc/shadow | tail -3 + dave:$6$AbCdEfGh123456789A1b2C3D4e5F6G7h8i9:0:20:90:7:30:: + carol:$6$q1w2e3r4t5y6u7i8AbcDeFgHiLmNoPqRsTu:18015:0:60:7::: + henry:!$6$123456789aBcDeFgHa1B2c3d4E5f6g7H8I9:18015:0:20:5::: + # cat /etc/gshadow | tail -3 + web_admin:!:frank:frank,emma + web_developer:!:kevin:grace,kevin,christian + dave:!:: + ``` + * What is the User ID (UID) and Group ID (GID) of carol? + * What shell is set for dave and henry? + * What is the name of the primary group of henry? + * What are the members of the web_developer group? Which of these are group administrators? + * Which user cannot log into the system? + * Which user should change the password the next time he will log into the system? + * How many days must pass before a password change is required for carol? + +## Explorational Exercises + +1. Working as root, run the useradd -m dave command to add a new user account. What operations does this command perform? Assume that CREATE_HOME and USERGROUPS_ENAB in /etc/login.defs are set to yes. +1. Now that you have created the dave account, can this user login to the system? +1. Identify the User ID (UID) and Group ID (GID) of dave and all members of the dave group. +1. Create the sys_admin, web_admin and db_admin groups and identify their Group IDs (GIDs). +1. Add a new user account named carol with UID 1035 and set sys_admin as its primary group and web_admin and db_admin as its secondary groups. +1. Delete the dave and carol user accounts and the sys_admin, web_admin and db_admin groups that you have previously created. +1. Run the ls -l /etc/passwd /etc/group /etc/shadow /etc/gshadow command and describe the output that it gives you in terms of file permissions. Which of these four files are shadowed for security reasons? Assume your system uses shadow passwords. +1. Run the ls -l /usr/bin/passwd command. Which special bit is set and what is its meaning? + +# Lesson 5.3 + +## Guided Exercises + +1. Create a directory named emptydir using the command mkdir emptydir. Now, using ls, list the permissions for the directory emptydir. +1. Create an empty file named emptyfile with the command touch emptyfile. Now, using chmod with symbolic notation, add execute permissions for the owner of the file emptyfile, and remove write and execute permissions for everyone else. Do this using only one chmod command. +1. What will be the permissions for a file called text.txt after you use the command chmod 754 text.txt? +1. Let’s assume a file named test.sh is a shell script with the following permissions and ownership: + * `-rwxr-sr-x 1 carol root 33 Dec 11 10:36 test.sh` + * What are the permissions for the owner of the file? + * If the user john runs this script, under which user’s privileges will it be run? + * Using the numeric notation, which should be the syntax of chmod to “unset” the special permission granted to this file? +1. Consider this file: + + ``` + $ ls -l /dev/sdb1 + brw-rw---- 1 root disk 8, 17 Dec 21 18:51 /dev/sdb1 + ``` + * Which kind of file is sdb1? And who can write to it? +1. Consider the following 4 files: + + ``` + drwxr-xr-t 2 carol carol 4,0K Dec 20 18:46 Another_Directory + ----r--r-- 1 carol carol 0 Dec 11 10:55 foo.bar + -rw-rw-r-- 1 carol carol 1,2G Dec 20 18:22 HugeFile.zip + drwxr-sr-x 2 carol users 4,0K Jan 18 17:26 Sample_Directory + + ``` + * Write down the corresponding permissions for each file and directory using numeric 4-digit notation. + * Another_Directory + * foo.bar + * HugeFile.zip + * Sample_Directory + +## Explorational Exercises + +1. Try this on a terminal: create an empty file called emptyfile with the command touch emptyfile. Now “zero out” the permissions for the file with chmod 000 emptyfile. What will happen if you change the permissions for emptyfile by passing only one value for chmod in numeric mode, such as chmod 4 emptyfile? What if we use two, such as chmod 44 emptyfile? What can we learn about the way chmod reads the numerical value? +1. Can you execute a file for which you have execute, but not read permissions (--x)? Why or why not? +1. Consider the permissions for the temporary directory on a Linux system, /tmp: + + ``` + $ ls -l /tmp + drwxrwxrwt 19 root root 16K Dec 21 18:58 tmp + + ``` + * User, group and others have full permissions. But can a regular user delete any files inside this directory? Why is this? +1. A file called test.sh has the following permissions: -rwsr-xr-x, meaning the SUID bit is set. Now, run the following commands: + + ``` + $ chmod u-x test.sh + $ ls -l test.sh + -rwSr-xr-x 1 carol carol 33 Dec 11 10:36 test.sh + + ``` + * What did we do? What does the uppercase S mean? +1. How would you create a directory named Box where all the files are automatically owned by the group users, and can only be deleted by the user who created them? + +# Lesson 5.4 + +## Guided Exercises + +1. Imagine a program needs to create a one-use temporary file that will never be needed again after the program is closed. What would be the correct directory in which to to create this file? +1. Which is the temporary directory that must be cleared during the boot process? +1. What is the parameter for chmod in symbolic mode to enable the sticky bit on a directory? +1. Imagine there is a file named document.txt on the directory /home/carol/Documents. What is the command to create a symbolic link to it named text.txt on the current directory? +1. Explain the difference between a hard link to a file and a copy of this file. + +## Explorational Exercises + +1. Imagine that inside a directory you create a file called recipes.txt. Inside this directory, you will also create a hard link to this file, called receitas.txt, and a symbolic (or soft) link to this called rezepte.txt. + + ``` + $ touch recipes.txt + $ ln recipes.txt receitas.txt + $ ln -s recipes.txt rezepte.txt + ``` + The contents of the directory should appear like so: + + ``` + $ ls -lhi + total 160K + 5388833 -rw-r--r-- 4 carol carol 77K jun 17 17:25 receitas.txt + 5388833 -rw-r--r-- 4 carol carol 77K jun 17 17:25 recipes.txt + 5388837 lrwxrwxrwx 1 carol carol 12 jun 24 10:12 rezepte.txt -> receitas.txt + ``` + Remember that, as a hard link, receitas.txt points to the same inode that recipes.txt. What would happen to the soft link rezepte.txt if the name receitas.txt is deleted? Why? +1. Imagine you have a flash drive plugged into your system, and mounted on /media/youruser/FlashA. You want to create in your home directory a link called schematics.pdf, pointing to the file esquema.pdf in the root directory of the flash drive. So, you type the command: + * `$ ln /media/youruser/FlashA/esquema.pdf ~/schematics.pdf` + * What would happen? Why? +2. Consider the following output of ls -lah: + + ``` + $ ls -lah + total 3,1M + drwxr-xr-x 2 carol carol 4,0K jun 17 17:27 . + drwxr-xr-x 5 carol carol 4,0K jun 17 17:29 .. + -rw-rw-r-- 1 carol carol 2,8M jun 17 15:45 compressed.zip + -rw-r--r-- 4 carol carol 77K jun 17 17:25 document.txt + -rw-rw-r-- 1 carol carol 216K jun 17 17:25 image.png + -rw-r--r-- 4 carol carol 77K jun 17 17:25 text.txt + ``` + * How many links point to the file document.txt? + * Are they soft or hard links? + * Which parameter should you pass to ls to see which inode each file occupies? +1. Imagine you have in your ~/Documents directory a file named clients.txt containing some client names, and a directory named somedir. Inside this there is a different file also named clients.txt with different names. To replicate this structure, use the following commands. + + ``` + $ cd ~/Documents + $ echo "John, Michael, Bob" > clients.txt + $ mkdir somedir + $ echo "Bill, Luke, Karl" > somedir/clients.txt + ``` + You then create a link inside somedir named partners.txt pointing to this file, with the commands: + + ``` + $ cd somedir/ + $ ln -s clients.txt partners.txt + ``` + So, the directory structure is: + + ``` + Documents + |-- clients.txt + `-- somedir + |-- clients.txt + `-- partners.txt -> clients.txt + ``` + Now, you move partners.txt from somedir to ~/Documents, and list its contents. + + ``` + $ cd ~/Documents/ + $ mv somedir/partners.txt . + $ less partners.txt + ``` + * Will the link still work? If so, which file will have its contents listed? Why? +1. Consider the following files: + + ``` + -rw-r--r-- 1 carol carol 19 Jun 24 11:12 clients.txt + lrwxrwxrwx 1 carol carol 11 Jun 24 11:13 partners.txt -> clients.txt + ``` + * What are the access permissions for partners.txt? Why?