Unit1 - Subjective Questions

Linux is a widely used open-source operating system. Its key characteristics include:

• Open Source: The source code is freely available for anyone to view, modify, and redistribute.
• Multi-User: Multiple users can access system resources like memory, RAM, and application programs simultaneously.
• Multi-Tasking: It allows the execution of multiple independent tasks or processes at the same time.
• Portability: Linux can be installed on various types of hardware platforms.
• Security: It offers robust security features like file access permissions, user authentication, and firewall capabilities (iptables/nftables).
• Hierarchical File System: It uses a standard file structure where files are arranged in a tree-like directory structure starting from the root (/).

Bash (Bourne Again SHell) acts as a command-line interpreter and an interface between the user and the Linux Kernel.

1. Command Interpretation: When a user types a command in the terminal, Bash reads the input.
2. Parsing: It parses the command to understand the request (identifying command name, options, and arguments).
3. System Calls: If the command requires system resources (like reading a file or creating a process), Bash makes specific System Calls to the Kernel.
4. Kernel Execution: The Kernel receives these requests, manages the hardware to perform the task, and returns the result to Bash.
5. Output: Bash displays the result (stdout) or error messages (stderr) to the user via the terminal.

These are three methods to access documentation in Linux:

• --help (Command Switch):

  • Usage: command --help
  • Description: Provides a quick, concise summary of the command's syntax and available options. It prints directly to standard output.

• man (Manual Pages):

  • Usage: man command
  • Description: Provides the classic, detailed system reference manuals. It uses a pager (like less) to scroll through descriptions, options, return values, and examples. It is divided into sections (e.g., User Commands, System Calls).

• info (Info Pages):

  • Usage: info command
  • Description: A hypertext-based documentation system. It is often more detailed than man pages and allows navigation between different nodes (chapters) using links, providing a structured tutorial-like experience.

The /etc/passwd file contains essential user account information. Each line represents a user and consists of 7 fields separated by colons (:).

Format: username:x:UID:GID:comment:home_directory:login_shell

1. Username: The name the user types to log in.
2. Password Placeholder (x): Historically held the hash; now x indicates the hash is stored in /etc/shadow.
3. UID (User ID): A unique numerical ID identifying the user (0 is root, 1-999 are system, 1000+ are regular).
4. GID (Group ID): The numerical ID of the user's primary group.
5. GECOS/Comment: Information about the user (Full Name, Phone Number, etc.).
6. Home Directory: The absolute path to the directory the user enters upon login (e.g., /home/john).
7. Login Shell: The absolute path to the command interpreter assigned to the user (e.g., /bin/bash or /sbin/nologin).

Purpose: The /etc/shadow file stores secure user account information, specifically encrypted passwords and password aging information. It is necessary because /etc/passwd must be readable by all users (to map UIDs to names), so storing password hashes there is a security risk. /etc/shadow is readable only by the root user.

Structure: username:encrypted_password:last_change:min:max:warn:inactive:expire

• Username: Matches the entry in /etc/passwd.
• Encrypted Password: The hashed password (often using SHA-512).
• Last Change: Days since Jan 1, 1970, that the password was last changed.
• Min: Minimum days required between password changes.
• Max: Maximum days the password is valid.
• Warn: Days before expiry to warn the user.
• Inactive: Days after expiry before the account is disabled.
• Expire: Absolute date when the account expires.

useradd is a low-level utility used to create a new user account on a Linux system. It updates system files like /etc/passwd, /etc/shadow, and /etc/group.

Common Flags:

1. -m: Creates the user's home directory if it does not exist.
2. -s /path/to/shell: Specifies the user's login shell (e.g., -s /bin/bash).
3. -g group_name: Defines the user's primary group (must already exist).
4. -G group_list: Adds the user to a list of supplementary (secondary) groups.
5. -u UID: Manually specifies the numerical User ID.

Example: useradd -m -s /bin/bash -G sudo,devs john

Primary Group:

• Every user must belong to exactly one primary group.
• It is defined by the GID field in /etc/passwd.
• When a user creates a new file, the file's group ownership is set to the user's primary group by default.
• Usually, this group has the same name as the username (User Private Group scheme).

Secondary (Supplementary) Groups:

• A user can belong to zero or more secondary groups.
• These are used to grant additional permissions (e.g., adding a user to the sudo group or docker group).
• Defined in the /etc/group file.
• A user manages their membership in these groups to access shared resources.

1. Locking a User Account:
This prevents the user from logging in without deleting their data.

• Command: usermod -L username
• Alternative: passwd -l username
• Mechanism: It puts a ! in front of the password hash in /etc/shadow.

2. Unlocking a User Account:

• Command: usermod -U username
• Alternative: passwd -u username

3. Deleting a User Account:

• Command: userdel username
• Delete with Home Directory: To remove the user along with their home directory and mail spool, use the -r flag.
  • userdel -r username

The Linux boot process involves several distinct stages:

1. BIOS/UEFI Stage:

   • The system performs the Power-On Self-Test (POST) to check hardware.
   • It identifies the bootable device (HDD, USB, Network) and loads the MBR (Master Boot Record) or GPT.

2. Boot Loader Stage (GRUB2):

   • The MBR/EFI executable loads the Boot Loader (Grand Unified Bootloader).
   • GRUB presents a menu to select the OS or kernel version.
   • It loads the selected Linux Kernel into memory.

3. Kernel Stage:

   • The Kernel initializes hardware drivers and mounts the initramfs (initial RAM file system) if needed.
   • It mounts the root file system (/) as read-only initially.
   • It executes the very first process, usually /sbin/init (or systemd), which has a PID of 1.

4. Init/Systemd Stage:

   • PID 1 (Systemd) takes over initialization.
   • It reads configuration files (Unit files) to determine the default target (e.g., graphical.target or multi-user.target).
   • It mounts file systems (from /etc/fstab), starts services, and sets up the network.

5. Login Stage:

   • Systemd starts a display manager (GUI) or getty (text) which presents the login prompt to the user.

Privilege Escalation is the act of a user gaining higher permissions than they standardly possess, typically to perform administrative tasks (Root access).

Distinction between su and sudo:

The /etc/sudoers file determines who can run commands as other users (typically root). It should always be edited using the visudo command, which checks for syntax errors before saving.

Syntax:
user machine=(target_user:target_group) command

• user: The username or %groupname.
• machine: The hostname (usually ALL for local).
• target_user: The user to run as (usually ALL).
• command: The commands allowed (usually ALL).

To grant full root privileges to user 'bob':

bob ALL=(ALL:ALL) ALL

To grant full root privileges to the 'admin' group:

%admin ALL=(ALL:ALL) ALL

NOPASSWD Option: To allow commands without password prompting:
bob ALL=(ALL) NOPASSWD: ALL

Administrators often face these user login issues:

1. Forgotten Password:

   • Symptom: Authentication failure.
   • Solution: Admin resets password using passwd username.

2. Account Locked:

   • Symptom: Message saying account is locked or multiple failed attempts.
   • Solution: Check status with passwd -S username and unlock using passwd -u username or pam_tally2 (on older systems) to reset failure count.

3. Shell Issues:

   • Symptom: Login successful but session closes immediately or shows "command not found".
   • Solution: Check /etc/passwd to ensure the user has a valid shell (e.g., /bin/bash vs /bin/false). Fix with chsh or editing the file.

4. Home Directory Missing/Permissions:

   • Symptom: Login works but errors about "Could not chdir to home directory".
   • Solution: Verify directory exists. Ensure the user owns it: chown -R user:user /home/user.

5. Password Expired:

   • Symptom: Forced to change password immediately or login denied.
   • Solution: Adjust expiry settings using chage.

While modern setups vary, a standard robust partitioning scheme includes:

1. Root Partition (/):

   • Contains the OS, kernels, and system utilities.
   • Mandatory partition.

2. Swap Partition:

   • Acts as virtual memory when physical RAM is full.
   • Traditionally to the size of RAM (though less needed on high-RAM systems). Also used for hibernation.

3. Home Partition (/home):

   • Stores user data, downloads, and configuration files.
   • Benefit: If the OS needs re-installation, /home can be kept intact, preserving user data.

4. Boot Partition (/boot):

   • Contains the kernel and bootloader files.
   • Often a separate small partition (approx 500MB - 1GB) to ensure the bootloader can read it regardless of the file system used on root.

They define the state of the machine (which services are running).

Runlevels (SysVinit - Legacy):

• Integer values from 0 to 6.
• 0: Halt/Shutdown.
• 1 (or S): Single-user mode (maintenance).
• 3: Multi-user mode (Command Line/Network).
• 5: Graphical User Interface (GUI).
• 6: Reboot.

Systemd Targets (Modern Linux):

• Uses .target units instead of numbers.
• poweroff.target: Equivalent to Runlevel 0.
• rescue.target: Equivalent to Runlevel 1.
• multi-user.target: Equivalent to Runlevel 3.
• graphical.target: Equivalent to Runlevel 5.
• reboot.target: Equivalent to Runlevel 6.

Systemd targets are more flexible as they can inherit from one another.

To reset a lost root password, one must interrupt the boot process:

1. Reboot the system.
2. At the GRUB menu, highlight the kernel version and press e to edit.
3. Find the line starting with linux or linux16.
4. Append rd.break (on RHEL/CentOS) or init=/bin/bash (on Debian/Ubuntu) to the end of the line.
5. Press Ctrl+x or F10 to boot with these parameters.
6. Remount Root: The file system will be read-only. Remount it as read-write:
   • mount -o remount,rw / (or /sysroot on RHEL).
7. Switch Root (RHEL/CentOS specific): chroot /sysroot.
8. Change Password: Run passwd and enter the new password.
9. SELinux Relabel (if applicable): touch /.autorelabel.
10. Reboot: Type exec /sbin/init or reboot the system.

1. groupadd:

• Used to create a new group definition in the system.
• Usage: groupadd [options] group_name
• Example: groupadd developers creates a group named developers.

2. groupmod:

• Used to modify an existing group.
• Usage: groupmod -n new_name old_name (rename) or groupmod -g new_gid group_name (change GID).

3. gpasswd:

• Used to administer /etc/group and /etc/gshadow.
• It allows setting a group password (rarely used) and, more importantly, managing group members.
• Add user: gpasswd -a user group
• Remove user: gpasswd -d user group
• Set Admin: gpasswd -A user group (allows a user to manage the group).

Linux permissions are calculated using the values:

• Read (r) = 4
• Write (w) = 2
• Execute (x) = 1

Calculation:

1. Owner (User): Needs Read + Write + Execute.
   

2. Group: Needs Read + Execute.
   

3. Others: Needs Read-only.
   

Result:
The octal permission value is 754.

Command to apply: chmod 754 filename

chmod (Change Mode):

• Used to change file or directory permissions.
• Symbolic Mode: chmod u+x file (Adds execute to user).
• Octal Mode: chmod 755 file (rwx for user, rx for group/others).
• Recursive: chmod -R 755 directory applies to all files inside.

chown (Change Ownership):

• Used to change the owner and/or group of a file.
• Syntax: chown owner:group file
• Change Owner only: chown alice file
• Change Group only: chown :developers file
• Change Both: chown alice:developers file
• Recursive: chown -R alice:developers /var/www/html

Linux treats input and output as streams of characters.

Standard Streams:

1. stdin (0): Standard Input. Usually the keyboard.
2. stdout (1): Standard Output. Usually the terminal screen (displays successful output).
3. stderr (2): Standard Error. Usually the terminal screen (displays error messages).

Redirection: Changing the source or destination of these streams.

• Output Redirection (>): Saves stdout to a file (overwrites).
  • ls > list.txt
• Append Redirection (>>): Appends stdout to a file.
  • echo "Log" >> system.log
• Input Redirection (<): Feeds a file content into a command.
  • wc -l < list.txt
• Error Redirection (2>): Redirects error messages only.
  • find / -name test 2> /dev/null (Hides permission errors).

Role of GRUB (GRand Unified Bootloader):

• It is the first software program that runs when the computer starts (after BIOS).
• It allows the user to select which Operating System to boot (Multi-boot support).
• It allows passing parameters to the kernel before loading it (e.g., single-user mode).
• It loads the initial RAM disk (initramfs) and the kernel into memory.

Configuration:

• Main Config File: /boot/grub/grub.cfg (or /boot/grub2/grub.cfg). Note: This file should not be edited manually.
• User Config File: /etc/default/grub. This is where administrators make changes (e.g., timeout duration, default kernel).
• Applying Changes: After editing /etc/default/grub, one must run update-grub or grub2-mkconfig -o /boot/grub2/grub.cfg to generate the final config.