Linux note0x00

File

x: get in dir. r: browse dir.

File Special Authorization

1. SUID

   • chmod u+s bin

   • For binary file

   • Equal: (tempUser) execute file

2. SGID

   • chmod g+s dir

   • For binary file

   • Equal: (tempGroup) execute file

   • IF u create a file, the file will be belong to u,

   but not for sgid, it belongs to sgid directory which it located on.

3. SBIT

   • chmod -R o+t dir

   • Make sure user only can delete their files

   • Others x authorization(The third x) will be t or T

Hidden attribute

1. Chattr command

   • chattr +a file

   Option	Describtion
   i	无法对文件进行修改；若对目录设置了该参数，则仅能修改其中的子文件内容而不能新建或删除文件
   a	仅允许补充（追加）内容，无法覆盖/删除内容（Append Only）
   S	文件内容在变更后立即同步到硬盘（sync）
   s	彻底从硬盘中删除，不可恢复（用0填充原文件所在硬盘区域）
   A	不再修改这个文件或目录的最后访问时间（atime）
   b	不再修改文件或目录的存取时间
   D	检查压缩文件中的错误
   d	使用dump命令备份时忽略本文件/目录
   c	默认将文件或目录进行压缩
   u	当删除该文件后依然保留其在硬盘中的数据，方便日后恢复
   t	让文件系统支持尾部合并（tail-merging）
   x	可以直接访问压缩文件中的内容

2. Lsattr command

   • lsattr file

Access File Control Table

ACL: The file inherit parent directoryby default.

1. Setfacl command

   • setfacl -Rm u:username:rwx /dir

   • serfacl -b /dir delete the acl

   • The last symbol of drwxrwxrwx. will be + instead of .

2. Getfacl command

   • getfacl dir

User

1. SU SUDO

   • su - user important -

2. Option command

   Args	Usage
   -h	列出帮助信息
   -l	列出当前用户可执行的命令
   -u	用户名或UID值 以指定的用户身份执行命令
   -k	清空密码的有效时间，下次执行sudo时需要再次进行密码验证
   -b	在后台执行指定的命令
   -p	更改询问密码的提示语

   • Explanation :

     • limit user execute command

     • record every user executed command

     • config(/etc/sudoers) provide concentrated user management, authoization and so on.

3. visudo

   • Forbidden multi users edit sudoers

   • Syntax check style

   • Use whereis command to find location

   • Edit the visudo 99 line: whoCouldUse AllowedHost=(Identifier) commandList

   • NoPasswd config: whoCouldUse AllowedHost=NOPASSWD: commandList

Storage structure and disk partition

FHS

• Structure

dirName	TheFiles
/boot	开机所需文件—内核、开机菜单以及所需配置文件等
/dev	以文件形式存放任何设备与接口
/etc	配置文件
/home	用户主目录
/bin	存放单用户模式下还可以操作的命令
/lib	开机时用到的函数库，以及
/sbin	开机过程中需要的命令
/media	用于挂载设备文件的目录
/opt	放置第三方的软件
/root	系统管理员的家目录
/srv	一些网络服务的数据文件目录
/tmp	任何人均可使用的“共享”临时目录
/proc	虚拟文件系统，例如系统内核、进程、外部设备及网络状态等
/usr/local	用户自行安装的软件
/usr/sbin	Linux系统开机时不会使用到的软件
/usr/share	帮助与说明文件，也可放置共享文件
/var	主要存放经常变化的文件，如日志
/lost+found	当文件系统发生错误时，将一些丢失的文件片段存放在这里

Physics device name rules

udev manage service will monitor kernal signal to manage /dev directory dev file as daemon process.

Note issue:

• /dev/sd{a-z} not depend on slot, but kernal recognize sequence.

• sda[0-9] not order but could be manully

The first sector is the most important one.

[byte] 446:Master Boot Recorder, 64(16*4):partition, 2:end symbol

File system and data information

Ext3: log system. Track to recover or fix the crash issue.

Ext4: support: 1EB, batch blocks effectively

XFS: support: 18EB, advantage special after crash

• partition, formatting file system, mount then could be used.

  1. every file occupies undepend inode table(128 byte)

     • authorization

     • owner and group

     • size

     • ctime (create, last edit)

     • atime (last access)

     • mtime file edited

     • SUID, SGID, SBIT

     • point (file real data address)

  2. file real content saved in block, there will be a master block to note and connect others slaver block

inode default size: 128B(Ext3), block size: 4KB

1. Mount hard dev

   Mount:The process associated dev or partition’s data with an existed dir, when user wanna to use them.

   • a option: mount all file system defined from /etc/fstab

   • t option: assign file system type

example: mount /dev/sdb2 /backup lose effect when restart system, umount /dev/sdb2

real ex: devFile mountDir type authorization selfInspect priority

# /etc/fstab

Field	Usage
devFile	UUID, devPath+devName
mountDir	mount directory, should be created before mount
type	Ext3, xfs, swap, iso9660(CD) and so on
Authorization	defaults:rw, suid, exec, auto, nouser, async
selfInspection	1: self-check disk when power on
priority	if selfInspection is 1, could be used

Add disk dev

1. Fdisk command

   Type fdisk /dev/sdb

   • p: disk dev partition info(size, sectors)

   • n: add new partition

     • p new; e, extend

     • Main partition number: 1~4(default 1)

     • start position: default, sys will calc it

     • size: +2G 2GB disk partition

     • p check above, type w: really create it

   Type partprobe to synchro partitions info to kernal(Or restart sys)

   Mkfs command

   • mkfs tab twice will get command files like mkfs.type

   • mkfs.xfs /dev/sdb1

   Mout it mount /dev/sdb1 /aimDir/(real need /etc/fstab) and check df -h

2. Du command, check file usage size

Add swap partition

Swap partition: 1.5~2 times than real physics memory

Usage: Stoage uncommonly using memory data to make memory more active for serving process well.

Quota to limit

1. xfs_quota [args] size fileSys

   • c: args config command

   • x: expert mode

example: xfs_quota -x -c 'limit bsoft=3m bhard=6m isoft=3 ihard=6 tom' /boot disk hard & soft, file hard & soft

Hard & Symbolic link

1. ln command

-s: symbolic link(default hard link)