Unit4 - Subjective Questions

The Linux design philosophy is inherited from Unix and is based on several core principles designed to make the system modular and efficient:

• Small, Single-purpose Tools: Programs should do one thing and do it well. Complex tasks are accomplished by combining these tools (piping).
• Text-based Data: System configuration and data streams are usually plain text, ensuring readability and universal compatibility.
• Everything is a file: This is the most distinct feature. In Linux, hardware devices (printers, hard drives), inter-process communications, and data structures are represented as files in the file system.

Impact on System Administration:
Because hardware and processes are treated as files (e.g., /dev/sda for a hard drive or /proc/cpuinfo for CPU stats), administrators can use standard file manipulation tools (like cat, echo, cp, or vi) to configure hardware, monitor system status, or send data to devices without needing specialized proprietary tools.

The Linux directory structure is a hierarchical tree that starts at the root directory, represented by a forward slash (/). It adheres to the Filesystem Hierarchy Standard (FHS).

Key Directories:

• /bin & /usr/bin: User binaries.
• /etc: Configuration files.
• /home: User home directories.
• /var: Variable data (logs, spool).

Path Types:

1. Absolute Path:

   • Always starts from the root directory (/).
   • It is the complete address of a file regardless of the user's current working directory.
   • Example: /home/user/documents/file.txt

2. Relative Path:

   • Does not start with a slash.
   • It describes the location relative to the current working directory.
   • Example: If the user is in /home/user, the relative path to the file is simply documents/file.txt.

1. man (Manual Pages):

• The primary source of documentation.
• Accessed via man [command].
• It opens a pager (usually less) displaying detailed information including syntax, options, and descriptions.
• Divided into sections (e.g., 1 for commands, 5 for file formats).

2. info (Info Pages):

• Accessed via info [command].
• Provided by the GNU project, these pages are often more detailed than man pages.
• Structured like a website with hyperlinks (nodes) allowing navigation between sections using the keyboard.

3. --help Option:

• Most commands support a --help flag (e.g., ls --help).
• Prints a concise summary of the command's syntax and available options directly to the standard output.
• Useful for quick reminders without leaving the command prompt.

su (Switch User):

• Command: su - (to switch to root with environment variables).
• Mechanism: It requires the target user's password (usually the root password).
• Session: Starts a new shell session as the target user until exit is typed.

sudo (SuperUser DO):

• Command: sudo [command].
• Mechanism: It requires the current user's password (not the root password).
• Session: Executes a single command with elevated privileges (unless sudo -i is used).

Security of sudo:

1. Granularity: Administrators can define specifically which commands a user can run in /etc/sudoers.
2. Audit Trail: sudo logs every command executed, providing accountability.
3. Root Password Protection: The root password does not need to be shared with multiple admins; they only use their own credentials.

When a user is created using the useradd command, the system performs several backend operations to establish the account identity and environment.

Files Modified:

1. /etc/passwd: A new line is added containing the username, UID, GID, home directory, and default shell.
2. /etc/shadow: A new line is added to store the encrypted password (initially locked/empty until passwd is run) and aging parameters.
3. /etc/group: The user is added to a new primary group (if a private group scheme is used) or an existing group.
4. /etc/gshadow: Stores group password and administrator information.

Directories Created:

• Home Directory: Usually created at /home/[username] (if the -m option is used or configured in /etc/login.defs).
• Skeleton Files: Configuration files (like .bashrc, .bash_profile) are copied from /etc/skel to the new home directory to provide default settings.

1. Create the Group:
To create a new group, use the groupadd command.
bash
sudo groupadd developers

2. Add User to Group:
To add an existing user to a secondary group, use usermod with the append (-a) and group (-G) flags. Omitting -a would remove the user from other secondary groups.
bash
sudo usermod -aG developers alice

3. Delete the Group:
To remove a group from the system, use the groupdel command.
bash
sudo groupdel developers

Note: You cannot delete a group if it is the primary group of an existing user.

User profiles are configured via initialization scripts that set environment variables (like PATH), aliases, and shell prompts.

The Role of /etc/skel:

• The /etc/skel (skeleton) directory contains default configuration files.
• When a new user is created with a home directory, the contents of /etc/skel are automatically copied to /home/[username]. This ensures every new user starts with a standard configuration.

Configuration Files:

1. .bash_profile (or .profile):
   • Read only when a login shell is started (e.g., logging in via SSH or a physical console).
   • Used for setting environment variables that should apply to the whole session.
2. .bashrc:
   • Read every time a non-login shell is opened (e.g., opening a new terminal window in a GUI).
   • Used for aliases, functions, and prompt customization.
   • Note: .bash_profile usually explicitly sources .bashrc to ensure consistency.

Linux uses a permission model based on three categories of users and three types of access.

Categories:

1. User (u): The owner of the file.
2. Group (g): Users belonging to the file's assigned group.
3. Others (o): Everyone else.

Access Types:

• Read (r): Value = 4. Allows reading file content or listing directory contents.
• Write (w): Value = 2. Allows modifying file content or creating/deleting files in a directory.
• Execute (x): Value = 1. Allows running a file as a program or traversing/entering a directory.

Numerical Calculation:

• User: Full permissions ()
• Group: Read and Execute ()
• Others: No permissions $0$

Resulting Octal Code: 750

1. Symbolic Notation:

• Owner (u): Read (r), Write (w), Execute (x) rwx
• Group (g): Read (r), Write (w), No Execute (-) rw-
• Others (o): Read (r), No Write (-), No Execute (-) r--

Combining these, the symbolic string is: -rwxrw-r-- (The leading - indicates it is a file).

2. Octal Notation Calculation:

• Owner:
• Group:
• Others:

Combining these digits, the octal permission is: 764

In Linux, every file and directory is owned by a specific user and a specific group. Ownership determines which permission sets apply to a user accessing the file.

1. chown (Change Owner):

• Used to change the user owner of a file or directory.
• Can also change the group simultaneously.
• Syntax: chown [owner][:group] file
• Example 1 (User only): sudo chown john report.txt (Changes owner to 'john').
• Example 2 (User and Group): sudo chown john:developers report.txt (Changes owner to 'john' and group to 'developers').
• Recursive: chown -R john /var/www/html changes ownership for the directory and all contents.

2. chgrp (Change Group):

• Used specifically to change the group ownership.
• Syntax: chgrp [group] file
• Example: sudo chgrp marketing budget.xls (Changes group to 'marketing').

Note: Only the root user can give file ownership to another user.

1. SUID (Set User ID):

• Function: When an executable file with SUID is run, it executes with the permissions of the file owner, not the user running it.
• Representation: s in the user execute position (e.g., rwsr-xr-x).
• Example: The passwd command needs root privileges to modify /etc/shadow, so it has SUID set.

2. SGID (Set Group ID):

• On Files: Runs with the permissions of the file's group.
• On Directories: New files created inside the directory inherit the directory's group rather than the user's primary group. Essential for shared folders.
• Representation: s in the group execute position (e.g., rwxr-sr-x).

3. Sticky Bit:

• Function: Used primarily on shared directories. It ensures that only the file owner (or root) can delete or rename a file, even if others have write permissions on the directory.
• Representation: t in the others execute position (e.g., rwxrwxrwt).
• Example: /tmp directory allows everyone to create files, but prevents users from deleting others' files.

Difference:
Standard permissions (rwx) control access (who can read/write/execute). Attributes control underlying file system properties regarding how data is handled, regardless of the user (even root).

Commands:

1. chattr (Change Attributes):

   • Used to set or unset attributes on a file.
   • Syntax: chattr [operator][attribute] filename
   • Operators: + (add), - (remove), = (set only).
   • Common Attributes:
     • i (Immutable): File cannot be modified, deleted, or renamed, even by root.
     • a (Append only): File can only be opened in append mode (useful for logs).

2. lsattr (List Attributes):

   • Used to view the attributes set on a file.
   • Example Output: ----i--------- /home/user/secure.conf

Example: To make a file immutable: sudo chattr +i important.txt.

To troubleshoot a "Permission Denied" error, follow these steps:

1. Verify Identity: Check who the user is currently logged in as using whoami and their group memberships using id.
2. Check File Permissions: Use ls -l filename.
   • Does the user match the Owner column?
   • If yes, is the Read (r) bit set for the owner?
3. Check Directory Permissions: Permissions on the parent directory override file permissions.
   • Use ls -ld directoryname.
   • The user needs Execute (x) on the directory to enter it and Read (r) to list files.
4. Check ACLs (Access Control Lists): If standard permissions look correct, check for extended ACLs using getfacl filename. A mask or specific user entry might be blocking access.
5. Check Immutable Attribute: Run lsattr filename. If the i bit is set, the file cannot be modified even if permissions allow it.
6. SELinux/AppArmor: If enabled, security context contexts might prevent access. Check logs (/var/log/audit/audit.log) for denial messages.

Process using fdisk:

1. Identify Disk: Run lsblk or fdisk -l to find the device name (e.g., /dev/sdb).
2. Launch fdisk: Run sudo fdisk /dev/sdb.
3. Command Mode:
   • n: Create a new partition.
   • p: Select primary partition.
   • Select partition number (1-4).
   • Define First/Last sector (size).
   • t: Change partition type (e.g., 8e for LVM, 83 for Linux).
   • w: Write changes to disk and exit.
4. Update Kernel: Run partprobe to update the kernel partition table without rebooting.

Limitations of MBR (Master Boot Record):

• Size Limit: Supports disks only up to 2 TB.
• Partition Limit: Supports only 4 primary partitions. To have more, one must be an Extended partition containing Logical partitions.
• Note: GPT (GUID Partition Table) overcomes these limits.

Architecture:
LVM creates an abstraction layer between the physical storage and the file system using three components:

1. Physical Volumes (PV): The actual hard drives or partitions initialized for LVM use (e.g., /dev/sdb1).
2. Volume Groups (VG): A pool of storage created by combining one or more PVs. It acts as a single large virtual disk.
3. Logical Volumes (LV): Partitions created from the space available in the VG. The file system is created on the LV.

Advantages:

• Flexibility/Resizing: LVs can be extended or reduced dynamically. If a file system runs out of space, you can add a new disk to the VG and extend the LV without unmounting or formatting.
• Snapshots: LVM supports snapshots, allowing you to save the state of a volume at a specific point in time for backups.
• Span Multiple Disks: A single Logical Volume can span across multiple physical hard drives, creating a volume larger than any single physical disk.

1. Initialize Physical Volumes (PV):
First, mark the disks for use by LVM.
bash
sudo pvcreate /dev/sdb /dev/sdc

2. Create Volume Group (VG):
Combine the physical volumes into a volume group named data_vg.
bash
sudo vgcreate data_vg /dev/sdb /dev/sdc

3. Create Logical Volume (LV):
Carve out a 10GB logical volume named backup_lv from the volume group.
bash
sudo lvcreate -n backup_lv -L 10G data_vg

4. Create File System:
Format the new logical volume.
bash
sudo mkfs.ext4 /dev/data_vg/backup_lv

Role of mkfs:
mkfs (Make File System) is used to format a partition or logical volume, creating the structures (inodes, superblocks) necessary to store files. It essentially "erases" data and prepares the storage.

Comparison:

1. ext4 (Fourth Extended Filesystem):

• Default: The standard for many years, widely supported.
• Features: Journaling, supports volumes up to 1 EB (Exabyte), backward compatible with ext3/ext2.
• Use Case: Excellent for general-purpose workstations and smaller storage arrays. Can be reduced (shrunk) easily.

2. XFS:

• Performance: High-performance, 64-bit journaling file system.
• Features: specifically designed for parallel I/O operations and handling very large files. It formats very quickly.
• Limitation: XFS file systems cannot be shrunk (reduced in size); they can only be grown.
• Use Case: Enterprise servers, large databases, and massive storage arrays.

Mounting:
In Linux, storage devices are not automatically available as drive letters (like C: or D:). They must be attached to the existing directory tree at a specific location called a mount point. The mount command attaches the device (e.g., /dev/sdb1) to a directory (e.g., /mnt/data).

Persistent Mounting (/etc/fstab):
The mount command is temporary; configurations are lost on reboot. To make it persistent, an entry must be added to the /etc/fstab file.

Entry Format:
[Device] [Mount Point] [File System Type] [Options] [Dump] [Pass]

Example Entry:
text
/dev/sdb1 /mnt/data ext4 defaults 0 2

• Device: Can be device path or UUID (recommended).
• Options: defaults includes rw, suid, dev, exec, auto, nouser, and async.
• Dump/Pass: Used for backup and fsck checks.

What is fsck?
fsck (File System Consistency Check) is a utility used to check and repair the integrity of a Linux file system. It scans for corrupt inodes, missing blocks, or directory structure errors.

When to use:

• After an improper shutdown (power failure).
• When the system fails to boot due to filesystem errors.
• Periodically for preventive maintenance.

Critical Precaution:
NEVER run fsck on a mounted file system.
Doing so can cause severe data corruption because the operating system might be writing to the disk while fsck is trying to repair it. You must unmount the partition first (e.g., umount /dev/sdb1) or boot into a rescue mode/live CD if checking the root partition.

1. id:

• Displays the current user's or a specific user's identity information, including User ID (UID), Primary Group ID (GID), and Secondary Group memberships.
• Example: id alice uid=1001(alice) gid=1001(alice) groups=1001(alice),27(sudo)

2. who:

• Shows a list of users currently logged into the system.
• Displays the username, the terminal line (tty/pts), login time, and remote host address.
• Example: alice pts/0 2023-10-10 09:00

3. w:

• Provides a more detailed view than who. It shows who is logged in and what they are doing.
• Includes system uptime, load averages, and the specific command currently being run by the user (JCPU/PCPU usage).

4. getent:

• Queries system databases (like passwd or group) even if users are stored in LDAP/AD.
• Example: getent passwd alice.