GENERAL COMMANDS

systemctl

sudo systemctl stop package

sudo systemctl start package

sudo systemctl restart package

sudo systemctl disable package

sudo systemctl enable package

sudo systemctl reboot (reboot Linux)

systemctl is basically a more powerful version of service.

service

sudo service package restart

sudo service package restart

sudo service package restart

sudo /etc/init.d/<package-name> start | stop | restart |force-reload | status

netstat

netstat -an | grep “LISTEN ” | grep “:3389”

sudo netstat -ltup

sudo netstat -lntup     (To print numeric values rather than service names, add the -n flag.)

firewall

cat /etc/services                     (all service ports by name)

sudo ufw allow xxxx    (cat /etc/services to see the names) (it can be given as name or port)

sudo ufw deny xxxx    (cat /etc/services to see the names) (it can be given as name or port)

sudo ufw delete allow xxxx    (80/tcp, 80/udp)

sudo ufw delete deny xxxx

sudo ufw delete <number>   

sudo ufw disable

sudo ufw enable

sudo ufw status                       (status and the list of the configured ports)

sudo ufw status numbered

sudo ufw default allow outgoing

sudo ufw default deny incoming

gedit text editor with privileges

sudo gedit /filepath

sudo nano /filepath

apt-get update and upgrade

sudo apt-get update

the list of available packages and their versions, but it does not install or upgrade any packages.

sudo apt-get upgrade

actually, installs newer versions of the packages you have. After updating the lists, the package manager knows about available updates for the software you have installed. This is why you first want to update

apt-get install package

sudo apt-get install package(s)  

sudo apt install package(s)

sudo apt install package(s) –reinstall

sudo dpkg -i zip_x.deb            (to install Debian Packages)

apt-get uninstall package

sudo apt purge xxx

sudo apt remove package(s)

sudo apt autoremove  (for dependent files that are not used anymore)

sudo apt autoclean

clean: clean clears out the local repository of retrieved package files. It removes everything but the lock file from /var/cache/apt/archives/ and /var/cache/apt/archives/partial/. When APT is used as a dselect(1) method, clean is run automatically. Those who do not use dselect will likely want to run apt-get clean from time to time to free up disk space.

autoclean: Like clean, autoclean clears out the local repository of retrieved package files. The difference is that it only removes package files that can no longer be downloaded, and are largely useless. This allows a cache to be maintained over a long period without it growing out of control. The configuration option APT::Clean-Installed will prevent installed packages from being erased if it is set to off.

autoremove: is used to remove packages that were automatically installed to satisfy dependencies for some package and that are no more needed.

User

(useradd -> adduser) -> after Linux 18

sudo useradd USERNAME

sudo useradd USERNAME -d /PATH/TO/FOLDER

sudo useradd -g sudo USERNAME                  (create and directly add the user to sudoers)

sudo usermod -aG sudo USERNAME  (a -> add, G -> group)(to add a user to sudoers with admin privileges)

sudo deluser username sudo                         (remove admin privileges from sudoers for this user)

sudo usermod USERNAME -d /PATH/TO/FOLDER     (when is changed)

sudo chgrp <groupname> /PATH/TO/FOLDER

sudo delgroup <groupname>

su USERNAME             (switch user)

su – USERNAME                       (switch user) 

su –                                          (switch user to root) 

su                                                        (switch user to root) 

sudo su                                                (switch user to root)

cut -d: -f1 /etc/passwd            (get the whole user list)

usermod -s /bin/false <user>             (to deny SSH shell access)

usermod -s /bin/bash <user>             (to allow SSH shell access)

usermod -s /usr/sbin/nologin <user> (not to login for SSH shell access)

Refresh group membership without logging out if you add user into new group

newgrp <group>          -> group is the group that you have designated for the user

exec su <user>            -> it changes group id without login out and in. it opens a new session by replacing the previous session with. Otherwise it would have opened another new session.

exec sudo su <user>   -> if the user has no password like ssh key

Add User to Sudoers List

sudo visudo     (it will open the /etc/sudoers file)

Add the below line to the end of the file.

username ALL=(ALL) ALL   # Change the user name before you issue the commands

OR

echo “username ALL=(ALL) ALL” >> /etc/sudoers

Change Psssword

sudo passwd                (current user)

sudo passwd USERNAME                    (other user)

sudo passwd -d USERNAME   (delete password of other user)

sudo passwd -l USERNAME     (lock the account of other user)

sudo passwd -u USERNAME   (unlock the account of other user)

Del Folder and File

sudo rm <file>

sudo rm -r <folder>     -> del everything with including main directory

List Directory

ls

ls | more

ls -1

Help

man -k <command name>      (Display the manual page of a given command.)

man <command name>

man -k |<command name>

man -k * |more

info <command name>

help

help <command name>

MIXED COMMANDS

apt show package(s)

apt list –installed

wget url

Extract

tar -xzf <zipfile> -C <sourcelocation>

Screen  (useful for Linux with no desktop)

sudo apt-get install screen

  • Ctrl+a c – Creates a new Screen window. The default Screen number is zero.
  • Ctrl+a 0-9 – Switches between windows 0 through 9.
  • Ctrl+a x – Locks your terminal window. You will have to enter your password to unlock your terminal session.
  • Ctrl+a n – Switches to the next window.
  • Ctrl+a k – Kills the current window. When the command is issued, you will be asked to confirm by entering a y or n.
  • Ctrl+a A – Will allow you to enter a title for the window.
  • Ctrl+a d – Detaches from a Screen.
  • Ctrl+a ? – Will display a list of all the command options available for Screen.

Folder and File Permission

sudo chown -R <username> <dirpath>                      (get ownership)

sudo chmod -R 777 <dirpath>

sudo chmod a-w file (removes all writing permissions)

sudo chmod o+x file (sets execute permissions for other (public permissions))

sudo chmod u=rx file        (Give the owner rx permissions, not w)

sudo chmod go-rwx file      (Deny rwx permission for group, others)

sudo chmod g+w file         (Give write permission to the group)

sudo chmod a+x file1 file2  (Give execute permission to everybody)

sudo chmod g+rx,o+x file    (OK to combine like this with a comma)

u = user that owns the file

g = group that owns the file

o = other (everyone else)

a = all (everybody)

r = read access to the file

w = write access

x = execute (run) access

sudo nano /etc/group

Group account information.

sudo nano /etc/gshadow

Secure group account information.

sudo nano /etc/passwd

User account information.

sudo nano /etc/shadow

Secure user account information.

/$ groups {username}

/$ groups

sudo chmod -R 777 <dirpath>                       

-> change the permissions to only its own folder and subfiles and folders, it is recursive to go deeply

sudo chmod -R 777 <dirpath/*>        

-> change the permissions to only the subfiles and subfolders, not its own folder but it is recursive to go deeply

sudo chmod 777 <dirpath>               

-> change the permissions to only its own folder, not whole files and folders under

sudo chmod 777 <dirpath/*>            

-> change the permissions to only the subfiles and subfolders, not its own folder

Set all directories to 755 or 750, and all files to 644 or 640

  • If you need a quick way to set your domain.com data to 755 for directories and 644 for files,

cd /home/user/domains/domain.com

find . -type d -exec chmod 0755 {} \;  OR                   find . -type d -exec chmod 0755 {} +

find . -type f -exec chmod 0644 {} \;   OR                   find . -type d -exec chmod 0644 {} +

  • additionally, if you know php runs as the user and not as “apache”, then you can set php files to 600, for an extra level of security, e.g.:

find . -type f -name ‘*.php’ -exec chmod 600 {} \;

For RDP

sudo apt update && sudo apt upgrade

sudo apt install xrdp

sudo apt install xfce4

echo xfce4-session > ~/.xsession    -> ~ sign is user home directory; . sign is hidden file

OPENSSH

sudo apt install openssh-server

DNS

sudo nano /etc/hosts

sudo systemd-resolve –flush-caches

sudo ip addr flush

IP

sudo ifconfig eth0 192.168.0.1 netmask 255.255.255.0

sudo nano /etc/network/interfaces

sudo ifdown <eth0>

sudo ifup <eth0>

sudo route add default gw 192.168.1.1 <eth0>         –> add default gateway

sudo route delete default gw 192.168.1.1 <eth0>     –> delete default gateway

route -n        –> get default gateway list

nmcli device show <interfacename>             –> get the all config info of the interface

sudo ip addr show

sudo ip link <iface> up

sudo ip link <iface> down

sudo ip addr add 192.168.1.2 dev <eth0>      -> to assign IP Address to a specific interface (eth0) on the fly

sudo ip addr del 192.168.1.2 dev <eth0>

ip route show

Note: If the default route is configured, and the route to the destination is not available in the routing table(static route), packet is transferred to the next router based on the default route.

sudo ip route add 10.0.2.0/24 via 192.168.1.1 dev <eth0>               -> static route (not persistent)

sudo ip route default via 192.168.1.1             -> default route (for all addresses) (not persistent)

sudo ip route del 10.0.2.0/24 dev <eth0>

sudo ip del default

CREATE SH FILE

sudo nano ~/mysandbox.sh   -> #!/bin/sh  -> echo ‘hello world’ (or echo ‘#!/bin/sh’ >> ~/mysandbox.sh)

sudo chmod +x ~/mysandbox.sh

./mysandbox.sh           (or ~/mysandbox.sh) (to run the script batch file) (. refers to the current directory)

TEMPORARILY SET AN ENVIRONMENT VARIABLE

export ConnectionStrings=”Server=x.x.x.x”

PROCESS PID LIST

ps -A

DNS

sudo nano /etc/resolv.conf –> should show and change your DNS servers

You may not modify the resolv.conf directly with Ubuntu 12.04. If you need to change them though, you can add new DNS servers in your /etc/network/interfaces file by adding the following:

dns-nameservers x.x.x.x x.x.x.x

sudo netplan ip leases <eth0>                        –> if dhcp is active

TIMEZONE

timedatectl                 –>  show time

timedatectl set-timezone Pacific/Easter  –> set timezone

timedatectl list-timezones

DISK SYSTEM

df -h -> disk capacity

FIND

grep “word” -r <dir>               (for content)

find /<dir> -name “<name>”              (for files and folders)

find /<dir> -name “<name>*”            (for files and folders)

find /<dir> -perm 755                                     (regarding permissions given to the folders or files)

find /<dir> -perm 4755 -type f                        (regarding permissions given to files)

MOUNT FILE SYSTEM AFTER OPENING LINUX IN RECOVERY MODE

mount -o rw,remount /

FIND PROCESS and KILL

pgrep <appname> (to find the pid)

kill #pid

RUN COMMAND UNDER DIFFERENT USER

su – $user -c “command”                                            (it requires user password who have been entered)

sudo su – $user -c “command”                                    (it requires user password who is current)

sudo -u $user <command>                             (it requires user password who is current)

GET INSTALLED APP LIST
sudo dpkg –get-selections

sudo dpkg –get-selections | grep <appname>

sudo dpkg -l

UMASK TO CHANGE DEFAULT PERMISSION SETTINGS FOR FOLDERS AND FILES

umask

sudo umask 0002 (022)

umask -R

for permanent umask

sudo gedit ~/.bashrc

If not present, add the following line to end of document

umask 0022

GET LIST OF THE USERS WITH ID

lslogins -u

SYSTEM LOGS

journalctl -xe

journalctl -xr


0 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *