LINUX Admin Quick Reference - PDF by ozb45831

VIEWS: 0 PAGES: 5

									                                                                                                            boot and the name is read from these files.                      HOSTNAME=hostname.domain.com
  LINUX Admin Quick Reference                                               /etc/NETWORKING
                                                                            (Slackware)                     May change manually.
                               Jialong He
                           Jialong_he@bigfoot.com                           /etc/sysconfig/network                                                        NFS File Sharing
                     http://www.bigfoot.com/~jialong_he                     (Redhat)
                                                                                                                                                          Files
                                                                                                            specify name server, DNS domain and
User Management                                                                                             search order. For Example:                    /etc/fstab            file systems mounted during boot.
                                                                            etc/resolv.conf                 search la.asu.edu
Files                                                                                                       nameserver 129.219.17.200
                                                                                                                                                          /etc/exports          NFS server export list.

/etc/group                                                                                                                                                /etc/auto.master      auto mount master file.
                                                                            /etc/hosts                      host name to IP mapping file.
/etc/passwd                 User account information.
/etc/shadow                                                                                                 host name information look up order.          Commands
                                                                                                            Example:
/etc/bashrc                                                                 /etc/host.conf                                                                mount                 mount a file system or all entries in fstab.
                                                                                                            order hosts, bind
/etc/profile                bash system wide and per user init files.                                       multi on                                      exportfs              export file system listed in exports
$HOME/.bashrc
$HOME/.bash_profile                                                         /etc/nsswitch.conf              new way to specify information source.        showmount –e          show file systems exported
                                                                                                                                                          hostname
/etc/csh.cshrc                                                              /etc/networks
/etc/csh.login                                                              /etc/protocols                  TCP/IP services and ports mapping.
$HOME/.cshrc                tcsh system wide and per user init files.       /etc/services
                                                                                                                                                          Printer Configuration
$HOME/.tcshrc                                                               /etc/rpc                        RPC service name to their program numbers
$HOME/.login                                                                                                mapping.                                      Files
/etc/skel                   template files for new users.                                                                                                 /etc/printcap
                                                                            Commands                                                                                                 Printer capabilities data base.
/etc/default                default for certain commands.                                                                                                 /etc/printcap.local
                                                                            netconfig          menu driven Ethernet setup program.
/etc/redhat-release         Redhat/Slackware version info (Linux kernel                                                                                   /etc/lpd.conf              LPRng configuration file.
/etc/slackware-version      version with “uname –a”)                        pppsetup           setup PPP connection (Slackware).
                                                                                                                                                                                     permissions control file for the LPRng line
                                                                                                                                                          /etc/lpd.perms             printer spooler
                                                                                               setup Ethernet during boot, for example
Commands
                                                                                                                                                          /etc/hosts.lpd             Access control (BSD lpd).
                            script to create an new user interactively                         /sbin/ifconfig eth0 ${IPADDR} broadcast
adduser                     (slackware) or link to useradd (Redhat).                           ${BROADCAST} netmask ${NETMASK}                            /etc/hosts.equiv           trusted hosts.

useradd, userdel,           create, delete, modify an new user or update    ifconfig                                                                      PRINTER                    Environment variable of default printer.
                                                                                               /sbin/route add -net ${NETWORK} netmask
usermod                     default new user information..                                     ${NETMASK} eth0                                            /dev/lp0                   parallel port.
newusers                    update and create new users (batch mode).
                                                                                                /sbin/route add default gw ${GATEWAY} netmask             Commands
groupadd, groupdel,         add, delete or modify group.                                       0.0.0.0 metric 1
groupmod                                                                                                                                                                             line printer control program, print queue
                                                                                                                                                          lpc, lpq, lprm             maintain
                                                                            host               lookup host name or IP (similar to nslookup).
                            modify account policy (password length,
                            expire data etc.) or finger information (full   dnsdomainname show DNS domain name.
chage. ch fn, chsh
                            name, phone number etc.) change default login   arping; arp        find out Ethernet address by first arping then arp.        Sendmail
                            shell.
                                                                            ipchains           firewall and NAT (/etc/sysconfig/ipchains on Redhat)       Files
                            gain root access during boot prompt without
linux init=/bin/sh rw                                                       iptables           firewall and NAT (/etc/sysconfig/iptables on Redhat)
                            password, can be used to fix some problems.                                                                                                      “sendmail.cf” is the configuration file. “sendmail.mc” is
                            mount –w -n –o remount /                                                                                                      sendmail.cf        a macro file which can be used to generate “sendmail.cf”
                                                                                                                                                          sendmail.mc        by: m4 sendmail.mc > sendmail.cf
                                                                            Redhat files in /etc/sysconfig
                                                                                                                                                                             mail aliases, must run “newaliases” after change. use
Network Configuration                                                       Configuration Files                                                           aliases            :include: to include external list in a file.
Files                                                                                         keyboard map, e.g.,                                                            mail access control, FEATURE(access_db) should be set
                                                                            keyboard          KEYBOARD=”/usr/lib/kdb/keytables/us.map”                                       in sendmail.mc. For example, in /etc/mail/access
/etc/rc.d/rc.inet1
(Slackware)                     IP address, Network mask, Default gateway                                                                                                    cyberpromo.com REJECT
                                                                                              Mouse type, e.g.,
/etc/sysconfig/nework-          are in these files. May edit manually to                                                                                  access             mydomain.com RELAY
                                                                            mouse             MOUSETYPE=Microsoft                                                            spam@somewhere.com DISCARD
scripts/ifcfg-eth0 (Redhat)     modify network parameters.                                    XEMU3=yes
                                                                                              network settings, contains                                                     makemap hash /etc/mail/access < /etc/mail/access
/etc/HOSTNAME                   hostname is set by “/bin/hostname” during   network           NETWORKING=yes
                                                                                                                                                          /etc/mail/relay- list all host/domain accepted for relaying.
domains                                                                     Manage Modules                                                       crontab                 show or edit cron jobs.

Commands                                                                                                                                         sys-unconfig            unconfigure system
                                                                            insmod, lsmod, modinfo,
                                                                            modprobe, rmmod,        Manage loadable modules.                     chkconfig --list        list services started at different run level.
newaliases       rebuild the data base for the mail aliases file.
                                                                            depmod                                                                                       probe for new hardware (Redhat).
                 build access database, e.g,                                                                                                     kudzu
makemap                                                                                                                                                                  rpm -i INSTALL a package
                 makemap hash access.db<access
                                                                            Miscellaneous                                                        rpm
                                                                                                                                                                         rpm -e UNINSTALL a package
                                                                                                                                                                         rpm -q QUERY a package
Useful Configuration Files                                                  Files                                                                                        rpm -U UPDATE a package

Files                                                                       /etc/shells       allowed login shells                                                       save a man page as a text file and remove control
                                                                                                                                                 man cmd | col –b
                                                                                                                                                                         characters.
                                                                            /etc/ftpusers     user names NOT allowed to use ftp.                 >cmd.txt
httpd.conf                  Apache web server configuration file.
                                                                            /etc/host.allow
smb.conf                    Samba server (file and print for Windows).
                                                                            /etc/host.deny
                                                                                              TCP wrapper host control files.                    Configure Apache 2.0 with SSL
lilo.conf                   LILO boot loder configuration file.                                                                                  mod_ssl
                                                                            /etc/sysconfig    contains system configuration files.
syslog.conf                 System log daemon (syslogd) configuration.      (redhat)                                                                   (1)  when compile apache, specify –enable-ssl for configure script.
ssh_config                  SSH client and server configuration files.      /dev/fd0          floppy drive A                                                By default, ssl is not enabled. After compiling, use “httpd –l”
sshd_config                                                                                                                                                 to list the modules. “mod_ssl” should be in them.
                                                                            /etc/inittab      system run level control file.                           (2) generate private key with command:
ld.so.conf                  default dynamic library search path (run        /etc/init.d                                                                openssl genrsa -out server.key 1024
                            ldconfig).
                            mtool configuration file (access DOS file).
                                                                            Commands                                                                   (3)     generate certificate request
mtools.conf
                                                                            fromdos, todos                                                                    openssl req -new -key server.key -out server.csr
named.conf                  DNS name server (BIND).
                                                                            (Slackware)
sysctl.conf                 kernel parameters by sysctl (Redhat).           dos2unix,         convert text file from/to linux format.                  (4) generate self-signed certificate
                                                                            unix2dos                                                                   openssl x509 -req -days 60 -in server.csr -signkey server.key -out
ntp.conf                    net time server.                                                                                                           server.crt
                                                                            (Redhat)
inetd.conf                  Internet super server.
                                                                            pwck, grpck       verify integrity of password and group files.            (5) modify “ssl.conf” which is included in “httpd.conf”. Note,
Xinetd.conf, Xinet.d        Extended inetd configuration.                                                                                              specify “httpd –DSSL”, otherwise, commented out <IfDefine SSL>
                                                                            pwconv,
directory                                                                                                                                              in ssl.conf.
                                                                            pwunconv,         convert to and from shadow passwords and groups.
proftpd.conf                proftpd FTP server.                             grpconv,
amanda.conf                 network backup server.                          grpuncov
                                                                            shadowconfig      toggle shadow passwords on and off.
                                                                                                                                                 Syslog.conf
/etc/pine.conf              PINE mail client system wide settings.
/etc/pine.conf.fixed                                                        quota,                                                                Each line consists of a selector and an action. A selector has two parts:
                                                                            edquota,                                                              facilities and priorites, separated by a period (.),You may precede every
                                                                            quotacheck,                                                           priority with an equation sign (``='') to specify only this single priority
                                                                                              Manage disk quota.
Rebuild Kernel                                                              quotaon,                                                              and not any of the above. You may also (both is valid, too) precede the
                                                                            quotaoff,                                                             priority with an exclamation mark (``!'') to ignore all that priorities, either
Configure Kernel Parameters                                                 repquota,                                                             exact this one or this and any higher priority.
make config                 Configuring the kernel with interactive, menu   lilo -D dos       set LILO default OS (default=dos in lilo.conf)     Example:
make menuconfig                                                                                                                                  mail.notice                /var/log/mail # log to a file
                            or X window interface.                          ldd               find out shared library dependencies.              *.emerg                    @myhost.mydomain.org          # log to remote host
make xconfig
                                                                            lsof              list opened files.
Compile Kernel Source                                                                                                                                                    auth, auth-priv, cron, daemon, kern, lpr, mail, mark,
                                                                            fuser filename    show processes that using the file.
                                                                                                                                                 facilities              news, syslog, user, uucp, local0 – local7.
make dep
                                                                            ifdown            bring up/down a network interface (Redhat)
make zImage                                                                                                                                      priorities              debug, info, notice, warning, err, crit, alert, emerg.
                            Building and installing a new kernel.           ifup
make zdisk
make zlilo                                                                  sysctl            configure kernel parameters (Redhat).                                      Regular File:
                                                                                                                                                 action                  File with full pathname beginning with “/”.
make bzImage                                                                                  list opened socked.
                                                                            socklist
Compile Modules                                                                                                                                                          Terminal and Console:
                                                                            shutdown [–r|h]                                                                              Specify a tty, same with /dev/console.
                                                                            now               reboot / halt computer
make modules                Building and installing modules.                                                                                                             Remote Machine:
make modules_install                                                                                                                                                     @myhost.mydomain.org
                                                                            nmap              scan a host for opened ports.
IPtables (Netfilter)                                                             -insert | -I               Inserts a rule in a chain at a particular point.         X Window (XFree86)
Command Syntax                                                                   Other commands:                                                                     Files
                                                                                 (1) --new | -N (2) --delete | -D (3) --replace | -D (4) --zero | -Z                 To set screen resolution, in “Screen” section and Subsection “Display”,
 iptables [-t <table >] <command > <chain > <parameters>                         (5) –check | -C (6) delete-chain | -X (7) rename-chain | -E                         specify a mode. For example: Modes “1024x768”
Save and Restore rules
/sbin/iptables-save > /etc/sysconfig/iptables                                    Parameters                                                                          To specify screen refresh rate, in “Monitor” section, specify vertical rate.
/sbin/iptables-restore < /etc/sysconfig/iptables                                                                                                                     For example: VertRefresh 70-120
                                                                                 --proto | -p [!] name               protocol: by number or name, including tcp,
Firewall script sample                                                                                               udp, icmp or all.                               /etc/X11/xinit/xinitrc    clients to run after X server started
http://tiger.la.asu.edu/iptables_examples.htm                                                                                                                        $HOME/.xinitrc
                                                                                 --source | -s [!] addr/mask         source IP address.
                                                                                                                                                                     /etc/X11/fs/config        configure X11 font path (font server).
Build-in Table                                                                   --destination | -d addr/mask destination IP address.
filter          This is the default table for handling network packets. Build-   --in-interface | -i                 incoming interface name, e.g. eth0 or ppp0.     Commands
                in chains are:                                                                                       outgoing interface name.                        startx                    start X window system.
                                                                                 --out-interface | -o
                      1. INPUT — This chain applies to packets received
                            via a network interface.                             --jump | -j                         jump to a particular target when matching a     Xconfigurator
                      2. OUTPUT — This chain applies to packets sent                                                 rule. Standard options: ACCEPT, DROP,           (Redhat)
                            out via the same network interface which received                                        QUEUE, RETURN, REJECT. May jump                 xfree86setup              setup X server and generate XF86config.
                            the packets.                                                                             to a user defined chain.                        (Slackware)
                      3. FORWARD — This chain applies to packets                                                                                                     xf86config
                                                                                 --fragment | -f                     match second or further fragments only.
                            received on one network interface and sent out on                                                                                                                  XFreee86 auto configuration (Plug-n-Play),
                                                                                                                                                                     XFree86 -configure
                                                                                 Options for TCP and UDP protocol
                            another.                                                                                                                                                           generate a template named “XF86Config.new”
nat             This table used to alter packets that create a new connection.                                                                                       Ctrl+Alt+Del              stop X server (on some system Ctrl+Alt+ESC).
                Build-in chains:                                                 --sport | --source-port             source and/or destination port. Can specify a
                      1. PREROUTING — This chain alters packets                                                                                                      Ctrl+Alt+F1               F1 temporary switch to text mode, F7 switch
                                                                                 --dport | destination-port          range like 0:65535, use exclamation                                       back to graphic mode.
                            received via a network interface when they arrive.                                                                                       Ctrl+Alt+F7
                                                                                                                     character (!) to NOT match ports.
                      2. OUTPUT — This chain alters locally -generated                                                                                               SuperProbe                detect graphic hardware.
                            packets before they are routed via a network
                            interface.
                                                                                 Options for TCP only                                                                xvidtune                  adjust X server origin and size.
                      3. POSTROUTING — This chain alters packets                 --syn                 Match SYN packets.                                            xmodmap                   modifying key map and mouse button map.
                            before they are sent out via a network interface.                                                                                        xhost                     server access control program for X.
                ## Masquerade everything out ppp0.                               --tcp-flags           Match TCP packets with specific bits set. For example, -p
                iptables -t nat -A POSTROUTING -o ppp0 -j                                              tcp –tcp-flags ACK,FIN,SYN SYN will only match TCP            xsetroot                  root window parameter setting utility for X.
                MASQUERADE                                                                             packets that have the SYN flag set and the ACK and FIN
                                                                                                       flags unset.                                                  xlsfonts                  server font list displayer for X.
                ## Change source addresses to 1.2.3.4.                                                                                                               xset                      ser preference utility for X.
                iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to              Options for ICMP only
                1.2.3.4
                                                                                 --icmp-type [!] type Match specified ICMP type. Valid ICMP type can be              XF86Config
mangle          This table is used for specific types of packet alteration.                           list by
                Build-in chains:
                                                                                                      iptables –p icmp -h
                      1. PREROUTING — This chain alters packets

                                                                                 Option for state module (-m state --state)
                            received via a network interface before they are
                            routed.
                      2. OUTPUT — This chain alters locally-generated                                          The matching packet is associated with other
                                                                                 ESTABLISHED
                            packets before they are routed via a network                                       packets in an established connection.
                            interface.
                                                                                 RELATED                       The matching packet is starting a new connection
Commands                                                                                                       related in some way to an existing connection.
                                                                                 NEW                           The matching packet is either creating a new
--flush | -F            Flush (delete) rules in the selected chain.                                            connection or is part of a two-way connection not
                                                                                                               previously seen.
--policy | -P           Set default policy for a particular chain.
                        List all rules in filter table, use [–t tablename] to    INVALID                       The matching packet cannot be tied to a known
--list | -L
                        specify other tables.                                                                  connection.

--append | -A           A appends a rule to the end of the specified chain.
XFree86 uses a configuration file called XF86Config for its initial setup.    Option "OffTime" "time"                                                      EXAMPLE
This file is normally located in “/etc/X11” or “/etc” directory. The          Sets the inactivity timeout for the "off" phase of DPMS mode, default 40           Section "InputDevice"
XF86Config file is composed of a number of sections which may be              min.                                                                                 Identifier    "Generic Keyboard"
present in any order. Each section has the form:                                                                                                                   Driver        "keyboard"
                                                                              Option "DefaultServerLayout" "layout_id"                                             Option "AutoRepeat" "500 30"
                                                                              Specify the default ServerLayout section to use. Default is the first
       Section "SectionName"                                                                                                                                       Option        "CoreKeyboard"
                                                                              ServerLayout section.
         SectionEntry                                                                                                                                            EndSection
         ...                                                                  EXAMPLE
       EndSection                                                                   Section "ServerFlags"                                                             Section "InputDevice"
                                                                                      Option "BlankTime" "99999"                                                        Identifier    "PS2 Mouse"
The graphics boards are described in the Device sections, and the monitors            Option "StandbyTime" "99999"                                                      Driver        "mouse"
are described in the Monitor sections. They are bound toget her by a Screen           Option "SuspendTime" "99999"                                                      Option        "CorePointer"
section. Keyboard and Mouse are described in InputDevice sections,                    Option "OffTime" "99999"                                                          Option        "Device"      "/dev/mouse"
although Keyboard and Pointer are still recognized. ServerLayout section            EndSection                                                                          Option        "Protocol"    "PS/2"
is at the highest level and bind together the InputDevice and Screen                                                                                                    Option        "Emulate3Buttons" "true"
sections.                                                                                                                                                             EndSection
                                                                              Module Section
A special keyword called Option may be used to provide free-form data to
various components of the server. The Option keyword takes either one or      Load "modulename"
two string arguments. The first is the option name, and the optional second   Load a module. The module name given should be the module's standard         Device Section
argument is the option value. All Option values must be enclosed in quotes.   name, not the module file name.                                              Specifies information about the video card used by the system. You must
                                                                              EXAMPLE                                                                      have at least one Device section in your configuration file. The active device
File Section                                                                        Section "Module"                                                       is in ServerLayout->Screen.
FontPath "path"                                                                       Load         "extmod"
                                                                                                                                                           Identifier
Font path elements may be either absolute directory paths, or a font server           Load         "type1"                                                 Specify an unique name for this graphics card.
identifier                                                                          EndSection
                                                                                                                                                           Driver
RGBPath "path"                                                                                                                                             Specify the name of the driver to use for this graphics card.
Sets the path name for the RGB color database.
                                                                              InputDevice Section                                                          EXAMPLE
ModulePath "path"                                                                                                                                                Section "Device"
Allows you to set up multiple directories to use for storing modules loaded   There are normally at least two InputDevice sections, one for Keyboard and           Identifier     "ATI Mach64"
by the XFree86 server.                                                        one for Mouse.                                                                       VendorName "ATI MACH64"
EXAMPLE                                                                       Identifier                                                                           VideoRam       2048
      Section "Files"                                                         Specify an unique name for this input device.                                      EndSection
        RgbPath "/usr/X11R6/lib/X11/rgb"
        FontPath "unix/:7100"                                                 Drive r
                                                                              Specify the name of the driver to use for this input device..
      EndSection                                                                                                                                           Monitor Section
                                                                              Option "CorePointer"
Serverflags Section                                                           This input device is installed as the primary pointer device.                Monitor section describes a monitor. There must be at least one monitor
                                                                                                                                                           section and the active one is used in ServerLayout ->Screen.
Option "DontZap" "boolean"                                                    Option "CoreKeyboard"
Disable use Ctrl+Alt+Backspace to termin ate X server.                        This input device is the primary Keyboard.                                   Identifier
                                                                                                                                                           Specify an unique name for this monitor.
Option "DontZoom" "boolean"
Disable use ‘Ctrl+Alt +Keypad +’ and ‘Ctrl+Alt +Keypad -’ to switch video                                                                                  HorizSync horizsync-range
mode.                                                                                                                                                      Gives the range(s) of horizontal sync frequencies of this monitor in kHz.
Option "BlankTime" "time"                                                                                                                                  VertRefresh vertrefresh-range
Sets the inactivity timeout for the blanking phase of the screensaver in                                                                                   Gives the range(s) of vertical sync frequencies of this monitor in Hz.
minutes. Default 10 min.
                                                                                                                                                           EXAMPLE
Option "StandbyTime" "time"                                                                                                                                      Section "Monitor"
Sets the inactivity timeout for the "standby" phase of DPMS mode in                                                                                                Identifier "Generic Monitor "
minutes. Default 20 min.                                                                                                                                           VendorName "Monitor Vendor"
                                                                                                                                                                   ModelName "Monitor Model"
Option "SuspendTime" "time"                                                                                                                                        HorizSync 31.5-56.6
Sets the inactivity timeout for the "suspend" phase of DPMS mode, default                                                                                          VertRefresh 40-70
30 min.                                                                                                                                                          EndSection
Screen Section                                                                      Identifier
                                                                                    An unique name for this ServerLayout Section.
Screen Section binds Device and Monitor sections. There must be at least
one Screen Section. The active one is in ServerLayout section.                      Screen screen-num "screen-id" position-information
                                                                                    The screen-id field is mandatory, and specifies the Screen section being
Identifier                                                                          referenced.
Specify an unique name for this Screen Section.
                                                                                    InputDevice "idev-id" "option" ...
Device "device-id"                                                                  Normally at least two are required, one for the core pointer and the other for
This specifies the Identifier of Device section to be used for this screen.         the primary keyboard devices.
Monitor "monitor-id"                                                                EXAMPLE
This specifies the Identifier of Monitor section to be used for this screen.              Section "ServerLayout"
                                                                                            Identifier    "Default Layout"
DefaultDepth depth                                                                          Screen        "My Screen"
Default color depth, like 8, 16 or 24.
                                                                                            InputDevice "Generic Keyboard"
Option "Accel"                                                                              InputDevice "PS/2 Mouse"
Enables XAA (X Acceleration Architecture), default is ON.                                 EndSection
DISPLAY SUBSECTION
Each Screen section must have at least one Display Subsection which
matches the depth values in DefaultDepth.
Depth depth
This entry specifies what color depth of this Display Subsection.
Virtual xdim ydim
Specifies the virtual screen resolution to be used.
ViewPort x0 y0
Sets the upper left corner of the initial display.
Modes "mode-name" ...
Secifies the list of video modes to use. Each mode-name specified must be
in double quotes. They must correspond to those specified in the appropriate
Monitor section (including implicitly referenced built -in ESA standard
modes). mode can be switched with Ctrl+Alt+Keypad-Plus or
Ctrl+Alt+Keypad-Minus.
EXAMPLE
Section "Screen"
              Identifier "My Screen”
              Device " ATI Mach64"
              Monitor " Generic Monitor"
              DefaultDepth 16
              SubSection "Display"
                Depth 16
                Modes "1024x768" "800x600" "640x480"
              EndSubSection
              SubSection "Display"
                Depth 24
                Modes "1024x768" "800x600" "640x480"
              EndSubSection
EndSection


ServerLayout Section
ServerLayout section binds a Screen section and one or more InputSection
to form a complete configuration. The active ServerLayout section is
specified in ServerFlags. If not, the first ServerLayout section is active. If no
ServerLayout sections are present, the single active screen and two active
(core) input devices are selected as described in the relevant sections.

								
To top