Unit - V

Managing Files and Directories : create and edit text files, search for files, perform operations on
files and directories, process text files, manipulate file output, explore the linux kernel, install and
configure kernel modules, monitor kernel modules
Managing the Linux Boot Process : configure linux boot components, configure GRUB2
Managing Kernel Modules : explore the linux kernel, install and configure kernel modules, monitor
kernel modules
Create and Edit Text Files
• TEXT EDITORS: A text editor is an application that enables you
to view, create, or modify the contents of text files.

• Vim
• Nano
vim

• Press i to enter into insert mode

• Then write your content
• After writing, exit from insert
mode by pressing escape key
• To save write :wq
nano
• nano
• Ctrl + O to save
• Ctrl + C to cancel the current
work
• Ctrl + X to exit
• Then press Y
Search for Files
• There will be times that you create a file and forget where in the
directory structure you put it.

• There will also be times when you don't know the exact location
of files created by the system, applications, or other users.
THE locate COMMAND
• The locate command performs a quick search for any
specified string in file names and paths stored in the mlocate
database.
• If locate command is not working, then needs to update the db used
by locate command.

• sudo updatedb
locate COMMAND OPTIONS
THE find COMMAND
• The find command enables you to search a specific location
for files and directories that adhere to some search criteria.

• The -type option enables you to specify the type of object

you're looking for, such as d for directory or f for file. The -
name option is where you specify the name of the object you're
looking for.

• find /home/user -type f -name 2019_report

find VS. locate COMMANDS
• The locate command searches a database and retrieves
information on files present on your system.
• However, failure to keep this database updated may produce
outdated results.
• The find command, on the other hand, performs a live search
of the file system and may concentrate on a specific location.
• The find command may take more time to complete a search
than the locate command.
• What are some advantages of using the find command over
using the locate command?

• The locate command requires that a database be updated in

order to perform accurate searches, whereas find does not.
Also, locate cannot filter its search by specific directories,
whereas find can. However, locate may be able to perform
searches more quickly in certain cases.
THE which COMMAND
• The which command displays the complete path of a specified
command by searching the directories assigned to the PATH
variable.
THE whereis COMMAND
• The whereis command is used to display various details
associated with a command.

• Where /bin/ls indicates the location of the ls command

and /usr/share/man/man1/ls.1.gz
/usr/share/man/man1p/ls.1p.gz
indicates the location of the man pages for the ls command.
Displaying location information for a command.
Perform Operations on Files and
Directories
• There are many ways you can manage a file once you've
created and edited it to your liking.

• THE cat COMMAND: The cat command, short for

concatenate, can display, combine, and create text files.
It is most frequently used to display the contents of small text
files, as it does not have a screen scrolling capability.
THE head AND tail COMMANDS
• The head command displays the first 10 lines of each file. The tail
command displays the last 10 lines of each file.

• These commands are useful when you only need to see the beginning
or the end of a file.
head
• displays the first 10 lines
tail
• displays the last 10 lines
THE cp COMMAND
• The cp command enables you to copy and then paste a file or
directory.
• The initial object is left where it is, but an exact duplicate of that
object is created at the destination you specify.
• When you copy directories, you must specify the -R option to
copy the specified directory recursively.
THE mv COMMAND
• The mv command moves files and directories to other
locations.

• It is similar to the cp command, but does not leave the initial

object in place.

• Therefore, mv is more like a cut and paste operation.

ls COLORS
• In the Bash shell, when you execute the ls command, you may
have noticed that the results sometimes appear in different colors.

• These colors distinguish different types of files.

• By default, some of the colors are:

• Default color: Normal/text file
• Blue: Directory
• Sky blue: Symbolic link or audio file
• Green: Executable file
• Yellow with black background: Device
• Pink: Image file
• Red: Archive file
• Red with black background: Broken link
THE mkdir AND rmdir COMMANDS
• The mkdir command is used to create (or make) a directory. You
supply the name of the directory as an argument.

• The rmdir directory is used to remove directories, but only those that
are empty (i.e., contain no files or subdirectories).
• In order to delete a with actual contents, you must use the rm -R
command.
Process Text Files
• THE echo COMMAND
The echo command is used to display a line of text on the
terminal.
• You can also use the echo command to write text to a file by
providing the string after the echo command and redirecting to
the file.
• The echo command can overwrite the content in the file by
redirecting and not appending.

• echo “Hello all…” >> test.txt

• The above command will not overwrite, it will append
THE printf COMMAND
• The printf command is similar to echo, but provides the
user with much more control over how the output is formatted.

• You can supply various format characters within the text you
want to output, using a backslash (\) to indicate when they are
being used.
THE tr COMMAND
• The tr command is used to translate a string of characters.

• It is predominantly used to change the case of letters in a file.

• This command acts only on a stream of characters and does

not accept file names as arguments.

• You must use redirection to actually change a file.

THE wc COMMAND
• The word count (wc) command is used to count the number of
lines, words, and characters in a text file.
• The wc command provides various options that enable you to
specify the nature of the output.
• -c Display the byte count.
• -m Display the character count.
• -l Display the newline count.
• -w Display the word count.
• The sort command arranges the lines in a file.
• -k{column numbers} Specify field values. For example, -k2 indicates
the second field.
• -r Sort fields in descending order.
• By default, the fields are sorted in ascending order.
THE cut COMMAND
• -c Specify the number of the character to cut from each
line.
THE paste COMMAND
• The paste command is used to merge lines from text files
horizontally.
THE diff COMMAND
• The diff command is used to compare text files. The command
displays the two files and the differences between them.

• 1c1 means that line 1 in the first file needs to be changed to match line
number 1 in the second file.
THE diff COMMAND
THE diff COMMAND
THE diff COMMAND
THE diff COMMAND
THE diff COMMAND
THE diff COMMAND
THE diff COMMAND
THE diff COMMAND

• Lines preceded by < are lines from the first file.

• Lines preceded by > are lines from the second file.

• The less-than symbol (<) with a line after it means that line should be removed
from the first file because it doesn’t appear in the second. The greater than
symbol (>) with a line after it means that line should be added from the second
file.

• d stands for deletion, a stands for adding and c stands for changing. the number
on the left of the character is the line number in file1.txt, the number on the
right is the line number in file2.txt.
THE awk COMMAND
• The awk command performs pattern matching on files.
THE sed COMMAND
• The sed or stream editor command is a program that you can
use to modify text files according to various parameters. The
sed command can also be used for global search and replace
actions.

• s Substitute the first occurrence of the string in the file.

• $ sed 's/sem1/SEM1/2' tab_data.txt

• $ sed 's/sem1/SEM1/g' tab_data.txt

THE ln COMMAND
• The ln command is used to create a link to a file.
• Linking enables a file name in one directory (the link) to point to
a file in another directory (the target).
• A link does not contain data of its own, only a reference to the
target file.
• Any changes to the link will reflect in the target file.
• If you don't specify the link name, the ln command will create
the link in your current working directory.
• TYPES OF LINKS
Using the ln command, you can create two types of links: hard and symbolic (soft).

• Hard and symbolic links are a feature of the file system and are common in most file
systems supported by Linux. The ext2, ext3, ext4, and XFS file systems all support hard
and symbolic links.

• A hard link is a reference to another file; it enables the file's data to have more than
one name in different locations in the same file system. Applications treat a hard link
as a real file. If the original file is deleted after a hard link is created, all its contents will
still be available in the linked file. This is because the inode of a hard link is the same as
its target; in other words, it points to the same object on the file system. Hard links
cannot be created between two directories, nor can they be created between two files
in different file systems.
• A symbolic link is a reference to a file or directory that can span
multiple file systems.
If the original file or directory is deleted after a symbolic link is
created, then the original content is lost.
• This is because the inode of a symbolic link is different than its
target; in other words, it points to a different object on the file
system.
• A symbolic link is also known as a soft link.
• A link in UNIX is a pointer to a file.
• Like pointers in any programming languages, links in UNIX are pointers
pointing to a file or a directory.
• Creating links is a kind of shortcuts to access a file.
• Links allow more than one file name to refer to the same file,
elsewhere.
• There are two types of links :
1.Soft Link or Symbolic links
2.Hard Links
• These links behave differently when the source of the link (what is
being linked to) is moved or removed.
• Symbolic links are not updated (they merely contain a string which is the path
name of its target);
• hard links always refer to the source, even if moved or removed.
• If we create a hard link to the file and then delete the file, we can
still access the file using hard link.

• But if we create a soft link of the file and then delete the file, we can’t
access the file through soft link and soft link becomes dangling.
• This naming convention might be confusing for some people, so it’s
probably helpful to remind ourselves that ln is like cp and mv: the
source (A) needs to come first, followed by the destination (B).
• Or we can just say it naturally: We are creating a symbolic link to A,
and we want to call it B.
Soft Link
Manipulate File Output
• TEXT STREAMS: A text stream is a sequence of one or more
lines of text that applications can leverage to read from or write
to a particular device or system component.
• Standard input, or stdin, is a text stream that acts as the source
for command input.
Standard input for the Linux command-line is usually generated
from the keyboard. In
the case of the GUI, the standard input can also come from the
mouse.
• Standard output, or stdout, is a text stream that acts as the
destination for command
output. By default, standard output from a Linux command is
directed to the CLI.

• Standard error, or stderr, is a text stream that is used as the

destination for error
messages. By default, the standard error stream prints error
messages at the CLI.
• INPUT/OUTPUT REDIRECTION
Redirection is the process of accepting input data from a source
other than the
keyboard and sending output data to a destination other than
the display device.

• REDIRECTION OPERATORS
There are several operators that are used to redirect input or
output.
PIPING
• Piping is the process of combining the standard I/O streams of commands. It
uses the
standard output of one command as the standard input for another
command. The
output format of the first command should be compatible with the format that
the
second command works with. The pipe operator (|) can be used with most
commands
in Linux.

• Pipes are a mechanism by which the output of one program can be sent as the input
to another program. Individual programs can be chained together to become
extremely powerful tools.
• Redirection is a Linux feature. Inputs and outputs of a command can be
redirected to another command or a file using redirection operators.
• Linux programmers use:
• 1) Input redirection operator to redirect the input given
• 2) Output redirection operator to redirect the output.
• A less-than sign (<) represents input redirection. On the other hand, a
greater than sign (>) is used for the output redirection. “<” and “>” are
also called angled brackets.
• But what’s the need for using “>” and “>>” both to redirect the output?
Let’s find the reason for using both of these as output redirects.
Input redirection operator to redirect the
input given
• The “>” Operator
• “>” overwrites an already existing file or a new file is created
providing the mentioned file name isn’t there in the directory. This
means that while making changes in a file you need to overwrite
certain any existing data, use the “>” operator.
• This sign is used to redirect the output to something else than stdout.
Example 1:
• echo “Welcome to Linux” > my_file_1.txt
• After executing the above command, you’ll find that a text file “my_file_1.txt” is created in the
directory. It’ll contain the text “Welcome to Linux” in it.
• To check whether the file has been created successfully or not, type:
• ls
• The following command helps read the file type.
• cat my_file_1.txt
• Now, let’s execute the same command with a different text.
• echo “Learn latest tips about Linux” > my_file_1.txt
• And type the command below to read the file.
• cat my_file_1.txt
• You’ll see that the new text has successfully overwritten the earlier text.
Example 2:
• ls > allmyfiles.txt
• This is another example using the “>” operator. The above command
creates the file called “allmyfiles.txt”. And fills it up with the directory
listing given by the “ls” command.
Example 3:
• > newzerobytefile
• Here a zero byte file is created having the name “newzerobytefile”.
• Alternatively, this command can overwrite a file that is already
present with the same name. And it’ll make the file zero bytes in size.
• The “>>” Operator
• “>>” operator appends an already present file or creates a new file if
that file name doesn’t exist in the directory.
Example 1:
• echo “Welcome to Linux” >> my_file_2.txt
• The above command will create a file by the name “my_file_2.txt” in your current directory.
• Once the command is executed, type:
• ls
• This will verify if the file has been created successfully.
• Read the file by:
• cat my_file_2.txt
• Let’s alter the text, now, into:
• echo “Learn latest tips about Linux” >> my_file_2.txt
• Since you’re using a file that was created previously, to check all the modifications made by “>>”, run the
following command:
• cat my_file_2.txt
• And you’ll see instead of overwriting the previously entered text, the “>>” operator has appended the
text.
Example 2:
• echo "End of directory listing" >> allmyfiles.txt
• The above command will add “End of directory listing” at the end of a
file called “allmyfiles.txt”
• file descriptors are 0, 1 and 2. 0 corresponds to STDIN, 1 to STDOUT,
and 2 to STDERR.
• File descriptor 1 is stdout and File descriptor 2 is stderr.
• Using > to redirect output is the same as using 1>. This says to
redirect stdout (file descriptor 1).
• Normally, we redirect to a file. However, we can use >& to redirect
to stdout (file descriptor 1) or stderr (file descriptor 2) instead.
• Therefore, to redirect stdout (file descriptor 1) to stderr (file
descriptor 2), you can use >&2.
• & means both standard output (1>) and standard error(2>).

• Using “2>” re-directs the error output to a file and nothing is

displayed on STDOUT.

• 2>&1 means that STDERR redirects to the target of STDOUT. More

formally, the error message generated by “2” gets merged with the
current output “1“.
 • root@malhi-virtual-machine:~# cat rough2.txt
• root@malhi-virtual-machine:~# touch rough.txt • cat: rough2.txt: No such file or directory

• root@malhi-virtual-machine:~# cat rough.txt • root@malhi-virtual-machine:~# cat rough2.txt > rough.txt

• root@malhi-virtual-machine:~# ls • cat: rough2.txt: No such file or directory

• root@malhi-virtual-machine:~# cat rough.txt

• f6.txt jcameron-key.asc packages.microsoft.gpg
• root@malhi-virtual-machine:~# cat rough2.txt 2> rough.txt
rough.txt snap
• root@malhi-virtual-machine:~# cat rough.txt
• root@malhi-virtual-machine:~# ls > rough.txt
• cat: rough2.txt: No such file or directory
• root@malhi-virtual-machine:~# cat rough.txt • root@malhi-virtual-machine:~# cat rough2.txt &> rough.txt

• f6.txt • root@malhi-virtual-machine:~# cat rough.txt

• cat: rough2.txt: No such file or directory

• jcameron-key.asc
• root@malhi-virtual-machine:~# ls &>> rough.txt
• packages.microsoft.gpg
• root@malhi-virtual-machine:~# cat rough.txt
• rough.txt • cat: rough2.txt: No such file or directory

• snap • f6.txt

• jcameron-key.asc

• packages.microsoft.gpg

• rough.txt

• snap
Another example:
One more example:
Display the top 5 files/directories according to their size
in the current working directory
THE xargs COMMAND (extended
arguments)
• The xargs command reads from standard input and executes
a command for each
argument provided.

• It shows the content of file.(read from file instead of standard input)

THE tee COMMAND
• The tee command reads the standard input, sends the output
to the default output
device (the CLI), and also copies the output to each specified
file.
Managing Kernel Modules
• The kernel is the core of an operating system. All other
components rely on it.
• The kernel manages file system access, memory, processes,
devices, and resource allocation on a system.
• The kernel also controls all the hardware devices plugged into
the system.
• It is one of the first elements to be loaded on startup and
remains in the main memory during the computer's operation.
• The kernel also contains system-level commands and other
functions that are normally hidden from users.
• The kernel space is simply where the kernel executes the
services that it provides.

• The user space is the area of memory that includes everything

outside of kernel space.
TYPES OF KERNELS
• Kernels can be classified as monolithic or microkernel. In a monolithic
kernel, all
system modules, such as device drivers or file systems, run in kernel
space. As a result,
a monolithic kernel can interact quickly with devices.

• In a microkernel architecture, the kernel itself runs the minimum amount of

resources necessary to actually implement a fully functional operating
system.
Compared to monolithic kernels, microkernels have smaller kernel spaces
and instead
have larger user spaces.
• A device driver is a software program that enables a
computer's operating system to
identify the characteristics and functions of a hardware device,
communicate with it,
and control its operations. It acts as an interface between the
operating system and
hardware devices such as storage drives, printers, scanners,
monitors, and keyboards.
Device drivers can be included in the operating system or
installed on demand.
THE uname COMMAND
• By default, uname prints the name of the kernel—Linux. You
can view the kernel version number of your current system by
using the uname -r command. You can also enter uname -i
to view the hardware platform. To print all information, enter the
uname -a command.
KERNEL LAYERS
• The kernel performs various functions to control and manage
the operations of a
system. It is composed of several layers that operate in kernel
space.

• System Call
Interface (SCI): Handles system calls sent from user
applications to the kernel.
• Process
management: Handles different processes by allocating
separate execution
space on the processor and ensuring that the running of one
process does not interfere with other processes.
Memory Management
• Manages the computer's memory, which is one of the complex
tasks performed by the kernel. Like processor sharing, the
system's memory also needs to be shared among different user
space resources.
The kernel maps or allocates the available memory to
applications or programs on request and frees the memory
automatically when the execution of the programs is complete,
so that it can be allocated to other programs.
• File system
management:
Manages the filesystem, which involves storing, organizing, and
tracking files and data on a computer.

• Device
management: Manages devices by controlling device access
and interfacing
between user applications and hardware devices of the
computer.
Install and Configure Kernel Modules
• A kernel module is a system-level object that extends the functionality of the kernel.
It
can be dynamically loaded into the kernel or unloaded from the kernel when required.
It enables the kernel to update or recompile itself without requiring the system to
reboot.

• The advantages of kernel modules are:

• They reduce the burden on the kernel because otherwise all of the modules'
functionality would have to be added directly to the kernel.
• Dynamic loading of kernel modules facilitates lower memory consumption.
• They avoid having to rebuild and reboot the system when new functionality is
required.
Kernel module file consists of a .ko extension. Modules built for a specific kernel
version may not be compatible with another version of the kernel.
KERNEL MODULE MANAGEMENT
COMMANDS
• Kernel module management commands enable you to view,
load, unload, or modify
kernel modules.

• lsmod: Display the currently loaded kernel modules, their

sizes, usage
details, and their dependent modules.
THE modprobe COMMAND
• The modprobe command is used to add or remove modules
from a kernel.
THE depmod COMMAND
• In order for modprobe to accurately install dependent
modules, it reads the
modules.dep file to identify how modules are linked to one
another. The depmod
command is used to update this database of dependencies so
that modprobe can
function properly.
KERNEL MODULE CONFIGURATION
• The /etc/modprobe.conf file is a configuration file that
contains settings that apply persistently to all the modules
loaded on the system.

• It is used to configure modules and their dependencies and also

specify module aliases.

• An alias is just an alternative name to use for a module.

KERNEL PARAMETERS
• In addition to loading modules into the kernel at runtime, you
can also change some of the kernel's parameters while it is
running.

• You can use these parameters to improve system performance,

harden security, configure networking limitations, change virtual
memory settings, and more.
THE sysctl COMMAND
• The sysctl command is used to view or set kernel
parameters at runtime. It has various options.
• -a Display all parameters and their current values.
Monitor Kernel Modules
• After you install and configure kernel modules, it's a good idea
to monitor those modules.

• In this, you'll verify that the modules you installed were actually
loaded into the kernel, and that any configurations you made
were implemented properly.
THE /proc/ DIRECTORY
• The /proc/ directory is a virtual file system (VFS) that
provides significant information about the kernel's running
process.
THE /proc/version FILE
• The /proc/version file specifies several points of
information about the Linux kernel:

• The version of the Linux kernel currently running.

• The version of the GNU Compiler Collection (GCC) used to
compile the kernel.
• The user name of the kernel compiler.
• The time the kernel was compiled.
THE dmesg COMMAND
• The dmesg ("display message" or "driver message") command
is used to print any messages that have been sent to the
kernel's message buffer during and after system boot. Device
drivers send messages to the kernel indicating the status of
modules and parameters that the drivers interface with. These
drivers can also send diagnostic messages to the kernel in case
they encounter errors.
Managing the Linux Boot Process
• Configure Linux Boot Components: Booting is the process of
starting or restarting a computer and loading an operating
system for the user to access. In the boot process, a booting
environment reads a small program that is stored in read-only
memory (ROM). This program then executes various operations
in RAM that bootstrap the operating system and make it
available for use.
• A boot loader is the small program stored in ROM that
loads the kernel from a storage device, and then starts the
operating system. A boot environment like BIOS reads the boot
loader from ROM so that the boot loader can execute the
necessary operations to start the process.
• The Basic Input/Output System (BIOS) is a
standard for firmware interfaces and is stored on a computer
motherboard's ROM chip. When a computer with BIOS is
powered on, the BIOS firmware is the first to run; this enables it
to test the various hardware components in a computer, as well
as run a boot loader so that an operating system can start.
UEFI
• Unified Extensible Firmware Interface (UEFI) is
newer firmware technology that has largely replaced BIOS by
bringing with it several key advantages. UEFI runs faster than
BIOS, can operate within a greater amount of memory, can
access storage drives of currently unattainable sizes, can
access more hardware types, and has improved security
protections. Most modern motherboards, as well as the pre-
assembled PCs that use them, ship with UEFI.
• A sector is the smallest unit of storage read from or written to
a drive. A sector stores 512 bytes of data by default. On hard
disk drives, a collection of sectors is called a track. The number
of sectors in a track may vary, and so does their capacity to
hold data.
• The master boot record (MBR) is the first physical
sector on a storage drive and a type of partition structure. The
MBR boot sector contains the boot loader that loads the
operating system into memory. It also contains the partition
table of the storage drive. MBR determines what sectors are
available to each partition, as well as which partition is
considered bootable and which partitions are not.
• The GUID Partition Table (GPT) is a successor to
MBR that makes up for the latter’s shortcomings. Like MBR, it is
a partition structure, but it employs a more modern design and
is part of the UEFI standard. Every partition on a drive is
assigned a globally unique identifier—a GUID—to distinguish it
from every other partition on (theoretically) every drive.
initrd
• The initial ramdisk (initrd) refers to the root file system that is temporarily
loaded
into memory upon system boot. The initrd loads along with the kernel,
which controls
its functionality. The initrd enables the system to be started in two
phases. In the first
phase, the system is booted with the minimal set of modules required to
load the main
or the permanent root file system. In the second phase, when the main
root file system
is mounted, the previously mounted initrd file system is removed and
the user space
boot process continues.
THE initrd IMAGE
• The Linux initrd image is an archive file containing all the
essential files that are required for booting the operating
system.
THE mkinitrd COMMAND
• The mkinitrd command is used to create the initrd image for
preloading the kernel modules.
THE /boot/ DIRECTORY
• As defined by the Filesystem Hierarchy Standard (FHS), the
/boot/ directory contains files that are used to facilitate the
Linux boot process.
THE dracut COMMAND
• The dracut command is used to generate an initramfs image,
similar to how mkinitrd is used to generate an initrd image.
THE BOOT PROCESS
• The boot process is repeated each time your computer is
started by loading the operating system from a storage device.
It involves a series of sequential steps that can be divided into
BIOS/UEFI initialization, boot loader, kernel and initrd/initramfs
initialization, and boot scripts.
• 1. The processor checks for the BIOS/UEFI firmware and executes it. This is also
where the power-on self-test (POST) occurs.
•
2. BIOS/UEFI checks for bootable media from internal storage devices or peripherals
like USB thumb drives and DVD-ROMs. It locates a valid device to boot the system.
•
3. BIOS/UEFI loads the primary boot loader from the MBR/GPT partition into
memory. It also loads the partition table along with it.
•
4. The user is prompted by GRUB 2 to select the operating system they want to boot.
If the user does not respond, then the default operating system will be booted.
• 5. The boot loader determines the kernel and locates the corresponding kernel
binary. It then uploads the respective initrd image into memory and transfers
control of the boot process to the kernel.
•
6. The kernel configures the available hardware drivers, including processors, I/O
subsystems, and storage devices. It decompresses the initrd image and mounts it
to load the necessary drivers. If the system implemented any virtual devices, such
as LVM or software RAID, then they are initialized.
•
7. The kernel mounts the main root partition and releases unused memory. To set
up the user environment, the systemd program is run. It becomes process ID 1.
•
8. The systemd program searches for the default.target file, which
contains details about the services to be started. It mounts the file system based
on the /etc/fstab file and begins the process of starting services. On most
systems, the target will either be multi-user.target or
graphical.target.
9. If graphical mode is selected, then a display manager like XDM or KDM is started
and the login window is displayed on the screen.

10. The user enters a user name and password to log in to the system.

• 11. The system authenticates the user. If the user is valid, then various profile files are
executed.
•
12. The shell is started and the system is ready for the user to work on.
KERNEL PANIC
Kernel panic is a mechanism by which the system detects there
has been a fatal error and responds to it. A fatal error typically
results in the system becoming unstable or
totally unusable. Software that handles kernel panics will display
an error message to the user and dump the current state of
kernel memory to a storage device for later debugging.
Depending on how the system is configured, the panic handler
will either reboot the system automatically, or wait for the user to
do so.
Configure GRUB 2
• GNU GRUB:
The GNU GRand Unified Bootloader (GNU GRUB) is a boot
loader developed by the
GNU Project that became popular on Unix-like systems. It
enables users to choose
which operating system or kernel version to boot in a multi-
platform environment.
GRUB 2 IMPROVEMENTS
• GRUB 2 is more than simply a newer version of GRUB; it is a
complete redesign and
rewrite of the GRUB system. GRUB 2 offers administrators
more control over the boot
process, boot devices, and boot behavior.
GRUB 2 INSTALLATION
• The grub2-install command is used to install the GRUB 2
boot loader on a
storage device. It copies GRUB 2 files into the /boot/grub2
directory and, on some
platforms, installs GRUB 2 into the boot sector. However,
grub2-install applies
to BIOS systems, not UEFI. To install GRUB 2 on a UEFI
system, use a package manager
to install the grub2-efi package. Installing this package will
copy GRUB 2 files onto
the EFI system partition (ESP) in the /boot/efi directory.
THE grub.cfg FILE
• The grub.cfg file is the main configuration file for the GRUB
2 boot loader. On BIOS
systems, it is located in the /boot/grub2/ directory. On UEFI
systems, it is located
in the /boot/efi/EFI/<distro>/ directory.
THE /etc/grub.d/ DIRECTORY
• The /etc/grub.d/ directory contains scripts that are used to
build the main
grub.cfg file.
THE /etc/default/grub FILE
• The /etc/default/grub file contains GRUB 2 display menu
settings that are
read by the /etc/grub.d/ scripts and built into the
grub.cfg file. It enables you to change options such as how
many seconds GRUB 2 will wait before
automatically selecting the default boot option.
THE grub2-mkconfig COMMAND
• The grub2-mkconfig command generates a new grub.cfg
configuration file,
and is used to update an existing grub.cfg file.
Here is a reminder of what these commands
do:
• sudo <command>: executes a command with administrator rights
• ls <directory>: lists the files in a directory
• mv <old_name> <new_name>: moves or renames a file from the old
name to the new name
• tail <file>: shows the last lines of a file
• cat <file>: prints the whole contents of a file
• grep <pattern> <file>: filters the text of a file according to the pattern
• less <file>: lets you browse a file
• We can combine these commands using the | sign. For example:

sudo cat /var/log/syslog | grep error | tail

will first print the output of /var/log/syslog, then keep only the lines that say
"error" and then the last 10 lines of that output.

NOTE: Remember that we can always read the manual page using man
<command_name> to learn more about a command.
Listing system services
• Let's look at the services that are installed in the machine. In order to
do this, we will use the service command.
• If you run service with parameters --status-all, it lists the state of
services controlled by System V.
• If we are interested in seeing only the services that are running, you
can use the following command:

sudo service --status-all

• Here we will see the following notations with respect to the services.
• +: Service is active/running
• -: Service is inactive/stopped
• ?: Can't determine whether service is active or not
PRACTICAL: Stopping and starting
services

• Alright, now that we've listed the services let's practice stopping and
starting some of them. The first service that we are going to stop is
the rsyslog service. This service is in charge of writing content to the log files,
as in /var/log/syslog, /var/log/kern.log, /var/log/auth.log and others.
Processes that generate output will send that output to the rsyslog service and
the service will write it to the corresponding log files depending on how the
system was configured.
• Let's first start by checking the status of the service. We do this by using
the service command with the status action:
sudo service rsyslog status
• This is showing us a lot of information about the service: it's loaded
(which means that the OS has the information about the service in
memory), it's enabled (which means that it will start automatically on
boot), it's active and running. It also tells us where to find some
documentation about the service and more. Finally, it shows us the
last log lines that this service generated.
• We can see this service in action by using the logger command:
logger This is a test log entry

NOTE: The logger command provides an interface to the syslog

subroutine, which writes entries to the system log.
• The logger command will send the text to the rsyslog service and the
service will then write it into /var/log/syslog. We can check that this is
the case by looking at the last lines in /var/log/syslog.
sudo tail -1 /var/log/syslog

NOTE: -1 means from end of file, it displays only last line

Let's now go ahead and stop the rsyslog
service:
sudo service rsyslog stop
• We need to execute the command with sudo, because while all users
can query the status of services, only users with administrator rights
can stop or start services.
To see the current state, we can query the
status of the service again:
sudo service rsyslog status
• We see that the service is now stopped. We can also see what the
command logged to /var/log/syslog when finishing:
sudo tail -5 /var/log/syslog

In the last line, we see that the rsyslog service has exited and is no longer
running.
• We can try sending text with our logger command again:
logger This is another test log entry

And then check that the contents of /var/log/syslog:

sudo tail /var/log/syslog
• We can see that nothing was logged, because rsyslog wasn't running.
Let's start it back up:
sudo service rsyslog start
 sudo service rsyslog status

And see that it's running again. Let's try our logger command one more
time: logger This is another test log entry
• And then check that the contents of /var/log/syslog:
sudo tail /var/log/syslog
Fixing a failing service
• In order to list the state of services controlled by System V, you can use the
following command:
• sudo service --status-all

• Unix System V (pronounced: "System Five") is one of the first commercial

versions of the Unix operating system.
• Here you will find - with the cups service, which means it is
inactive/stopped. This is the service used to manage printers on Linux
systems. We can get more information about this service by checking
the status:
• sudo service cups status
• We see here that the cups service is in a failed state. So, let's look at
the contents of that directory:
• sudo ls -l /etc/cups

• or
• There's no cupsd.conf, but there is cupsd.conf.old. Apparently the
configuration file was deleted. Good thing we kept a copy! Let's move
that file so that cups can find it and start successfully:

• sudo mv /etc/cups/cupsd.conf.old /etc/cups/cupsd.conf

• As with the other commands, we get no output after executing this.
We can run ls again to see that the file was renamed correctly:

• sudo ls -l /etc/cups
• Now that the file was renamed successfully, we can start cups:
• sudo service cups start
• And then check the status:
• sudo service cups status
Restarting services
• Let's go back to the cups service that we just fixed. The logs generated
by cups are written into the /var/log/cups directory. We can see the
contents of the directory using the ls command:

• sudo ls -l /var/log/cups
• The error log file isn't yet created. That's expected because by default
cups will only write warning or error messages into that file. If you
want cups to log debug messages into that file, you'll need to change
the LogLevel parameter in the configuration file. Let's do that.
• Let's edit /etc/cups/cupsd.conf using the nano editor.
• sudo nano /etc/cups/cupsd.conf
• In one of the first lines of the file you'll see there's a line that
says LogLevel warn. We want to replace warn with debug:
• Once you've done this, press "Ctrl-X" to exit the editor. It will ask you
if you want to save your changes, press "Y" for yes and then enter at
the filename prompt.
• If we now restart cups, the service will notice the change to its
configuration file. You could do this by using sudo service cups
stop and sudo service cups start, but there is a shortcut.
• sudo service cups restart
• Restarting the service command is a handy way of stopping a service
and then starting it immediately back up. And once we've done that,
we can see that there's now a lot of content
in /var/log/cups/error_log.
• sudo cat /var/log/cups/error_log
Reloading Services
• Finally, let's look at the reload action. Take this action when you want
a service to re-read its configuration without actually doing a full stop
and start.
• Let's return the cups log level back to its default. One more time, let's
edit /etc/cups/cupsd.conf using the nano editor.
•
sudo nano /etc/cups/cupsd.conf
• Let's change LogLevel debug, replacing debug with warn:
• Once you've done this, press "Ctrl-X" to exit the editor. It will ask you
if you want to save your changes, press "Y" for yes and then enter at
the filename prompt.
• Once we've done this, we can reload cups:
• sudo service cups reload
• If you check the status of the service, you'll see that it was not
restarted (it's been running since we last restarted it).
• sudo service cups status

• By using the reload action, we caused the service to re-read its

configuration without being stopped at any point.
• You've successfully listed all the services that are running on the
machine, practiced stopping and starting some of these services, and
queried their status. You also fixed a problem in the service that was
failing to start and edited the configuration of another service.
• These are important commands and problem-solving skills that you'll
use on a daily basis as a system administrator.
MCQs
• Google’s GSuite (now called Google Workspace) is an example of
which Cloud service?
• Software as a Service (SaaS)
• Directory as a Service (DaaS)
• Infrastructure as a Service (IaaS)
• Platform as a Service (PaaS)
MCQs
• Google’s GSuite (now called Google Workspace) is an example of
which Cloud service?
• Software as a Service (SaaS)
• Directory as a Service (DaaS)
• Infrastructure as a Service (IaaS)
• Platform as a Service (PaaS)
• You are the sole IT professional at your company and you need to
know how many users or computers are in your organization. Which
of the following services helps manage users in your company?
• Network services
• Platform services
• Directory services
• Physical infrastructure services
• You are the sole IT professional at your company and you need to
know how many users or computers are in your organization. Which
of the following services helps manage users in your company?
• Network services
• Platform services
• Directory services
• Physical infrastructure services
• What happens when you virtualize a server?
• It provides remote access to other computers in another part of the
world.
• It puts many instances on a single physical server.
• It provides access to software maintained on the Cloud.
• It keeps all the machines on a network synchronized.
• What happens when you virtualize a server?
• It provides remote access to other computers in another part of the
world.
• It puts many instances on a single physical server.
• It provides access to software maintained on the Cloud.
• It keeps all the machines on a network synchronized.
• The boss at your company wants a way to block certain websites from
employees. As the sole IT professional at the company, what can you
set up to help with this request?
• A Proxy server
• DNS
• An Intranet
• FTP
• The boss at your company wants a way to block certain websites from
employees. As the sole IT professional at the company, what can you
set up to help with this request?
• A Proxy server
• DNS
• An Intranet
• FTP
• As an IT systems administrator, what can you set up to make sure that
your client machines and server times are in sync?
• A proxy
• NTP
• A: FTP
• An intranet
• As an IT systems administrator, what can you set up to make sure that
your client machines and server times are in sync?
• A proxy
• NTP
• A: FTP
• An intranet
• Which of the following file transfer protocols is the most secure?
• NTP
• SFTP
• TFTP
• FTP
• Which of the following file transfer protocols is the most secure?
• NTP
• SFTP
• TFTP
• FTP
• Which one of the following options allows you to access a system
remotely?
• SSH
• FTP
• NTP
• Server
• Which one of the following options allows you to access a system
remotely?
• SSH
• FTP
• NTP
• Server
• You are setting up a website for your company. You have purchased a
domain name for the site and have decided to host your web content
yourself. What might you need to set up to point your new domain
name to where web content is located?
• A proxy server
• A TFTP server
• An authoritative DNS server
• A VNC client
• You are setting up a website for your company. You have purchased a
domain name for the site and have decided to host your web content
yourself. What might you need to set up to point your new domain
name to where web content is located?
• A proxy server
• A TFTP server
• An authoritative DNS server
• A VNC client
• What does DHCP do?
• DHCP maps domain names to IP addresses.
• DHCP sets up an authoritative DNS server a network.
• DHCP assigns IP addresses to computers on a network.
• DHCP keeps the clock synchronized on machines connected to a
network.
• What does DHCP do?
• DHCP maps domain names to IP addresses.
• DHCP sets up an authoritative DNS server a network.
• DHCP assigns IP addresses to computers on a network.
• DHCP keeps the clock synchronized on machines connected to a
network.
• A network technician sets up an internal DNS server for a local
network. When the technician types in a URL, which is checked first?
• External ISP DNS servers
• External public DNS servers
• The local host file
• Local DNS servers
• A network technician sets up an internal DNS server for a local
network. When the technician types in a URL, which is checked first?
• External ISP DNS servers
• External public DNS servers
• The local host file
• Local DNS servers
• What are some communication services you can utilize in your
organization? Check all that apply.
• Email
• Chat applications
• DNS
• Phones
• What are some communication services you can utilize in your
organization? Check all that apply.
• Email
• Chat applications
• DNS
• Phones
• What's the difference between POP3 and IMAP? Check all that apply.
• POP3 can only download email to one local device.
• IMAP can only download email to one local device.
• POP3 is used for sending emails.
• IMAP can download emails onto multiple devices.
• What's the difference between POP3 and IMAP? Check all that apply.
• POP3 can only download email to one local device.
• IMAP can only download email to one local device.
• POP3 is used for sending emails.
• IMAP can download emails onto multiple devices.
• True or false: Commercial-use and personal-use software licenses are
essentially the same thing.
• True
• False
• True or false: Commercial-use and personal-use software licenses are
essentially the same thing.
• True
• False
• What are the differences between TLS and SSL? Check all that apply.
• TLS is the successor to SSL.
• TLS is more secure than SSL.
• SSL is more secure than TLS.
• SSL is the successor to TLS.
• What are the differences between TLS and SSL? Check all that apply.
• TLS is the successor to SSL.
• TLS is more secure than SSL.
• SSL is more secure than TLS.
• SSL is the successor to TLS.
• What is the name of a protocol that lets users share files over a
network?
• Apache
• CUPS
• DNS
• NFS
• What is the name of a protocol that lets users share files over a
network?
• Apache
• CUPS
• DNS
• NFS

• NFS is a protocol that lets users share files over a network.

• Which two of these methods could you use to set up printing in an
organization?
• Using a Cloud service to set up printers
• Setting up a print server
• Using MySQL
• Using FAT32
• Which two of these methods could you use to set up printing in an
organization?
• Using a Cloud service to set up printers
• Setting up a print server
• Using MySQL
• Using FAT32
• When you have a web server, what service is used to enable HTTP
requests to be processed?
• A database server
• HTTP status codes
• The web server
• An HTTP server
• When you have a web server, what service is used to enable HTTP
requests to be processed?
• A database server
• HTTP status codes
• The web server
• An HTTP server
• Fill in the blank: You can use a(n) ______________to store large
amounts of customer data for a website.
• HTTP server
• DNS server
• NFS server
• database server
• Fill in the blank: You can use a(n) ______________to store large
amounts of customer data for a website.
• HTTP server
• DNS server
• NFS server
• database server
• What is software that can modify, steal or delete data, and is a threat
to the practice of BYOD (Bring Your Own Device)?
• MDM software
• MFA software
• DLP software
• Malware
• What is software that can modify, steal or delete data, and is a threat
to the practice of BYOD (Bring Your Own Device)?
• MDM software
• MFA software
• DLP software
• Malware
• HTTP status codes that begin with 4xx, like 404, indicate:
• Client-side errors
• Server-side errors
• Redirections
• Nowhere; these codes are successful
• HTTP status codes that begin with 4xx, like 404, indicate:
• Client-side errors
• Server-side errors
• Redirections
• Nowhere; these codes are successful
• HTTP status codes that begin with 5xx, like 501, indicate:
• Redirections
• Nowhere; these codes are successful
• Server-side errors
• Client-side errors
• HTTP status codes that begin with 5xx, like 501, indicate:
• Redirections
• Nowhere; these codes are successful
• Server-side errors
• Client-side errors
• What are tools that are built into browsers to help diagnose issues
with the browsers?
• HTTP web servers
• Platform services
• Developer tools
• Database servers
• What are tools that are built into browsers to help diagnose issues
with the browsers?
• HTTP web servers
• Platform services
• Developer tools
• Database servers
• What do HTTP status codes beginning with 2xx indicate?
• Redirection
• Successful request
• Server-side errors
• Client-side errors
• What do HTTP status codes beginning with 2xx indicate?
• Redirection
• Successful request
• Server-side errors
• Client-side errors
• Which of these leads to a 404 error?
• You type in the URL of a site instead of the human readable name
(something ending with.com, .edu or any dot ending).
• You type in the human readable name for a site that no longer exists.
• You type in a good address or readable name for a site, but the server
holding the site is having problems.
• You accidentally type in the wrong readable name, and you get to a
different site than you wanted.
• Which of these leads to a 404 error?
• You type in the URL of a site instead of the human readable name
(something ending with.com, .edu or any dot ending).
• You type in the human readable name for a site that no longer
exists.
• You type in a good address or readable name for a site, but the server
holding the site is having problems.
• You accidentally type in the wrong readable name, and you get to a
different site than you wanted.
• Which of the following statements is true of XMPP? Select all that
apply.
• XMPP is an open source protocol used in instant messaging
applications.
• XMPP is a paid-for application for instant communication.
• XMPP is used in social networking services.
• XMPP is used in Internet of Things applications.
• Which of the following statements is true of XMPP? Select all that
apply.
• XMPP is an open source protocol used in instant messaging
applications.
• XMPP is a paid-for application for instant communication.
• XMPP is used in social networking services.
• XMPP is used in Internet of Things applications.
• Which of these is NOT an email protocol?
• POP3
• IMAP
• IRC
• SMTP
• Which of these is NOT an email protocol?
• POP3
• IMAP
• IRC
• SMTP
• When a person inside your company is licensed to use software, what
usually happens to their license if they leave the company?
• The license expires.
• The person takes the license with them.
• A new license must be purchased by your company.
• The license can be transferred to someone else in the company.
• When a person inside your company is licensed to use software, what
usually happens to their license if they leave the company?
• The license expires.
• The person takes the license with them.
• A new license must be purchased by your company.
• The license can be transferred to someone else in the company.
• Which statements are true about HTTPS and security protocols?
Select all that apply.
• HTTPS is a secure version of the Hypertext Transfer Protocol.
• HTTPS can be secured with Transport Layer Security protocol (TLS)
• HTTPS can be secured with Secure Socket Layer protocol (SSL)
• SSL is more secure than TLS
• Which statements are true about HTTPS and security protocols?
Select all that apply.
• HTTPS is a secure version of the Hypertext Transfer Protocol.
• HTTPS can be secured with Transport Layer Security protocol (TLS)
• HTTPS can be secured with Secure Socket Layer protocol (SSL)
• SSL is more secure than TLS
• Which of the following activities can users do on a properly
configured file storage server?
• Modify shared files
• Share files
• Access a shared directory
• Grant a digital certificate of trust
• Which of the following activities can users do on a properly
configured file storage server?
• Modify shared files
• Share files
• Access a shared directory
• Grant a digital certificate of trust
• Company A is setting up a network of mostly Windows machines.
Which networking file system protocol would you recommend for
maximum interoperability?
• NFS
• SMB
• Fat32
• Ext4
• Company A is setting up a network of mostly Windows machines.
Which networking file system protocol would you recommend for
maximum interoperability?
• NFS
• SMB
• Fat32
• Ext4
• Which printing language is device-dependent?
• PS
• Ruby
• PCL
• Python
• Which printing language is device-dependent?
• PS
• Ruby
• PCL
• Python
• When browsing a website, what is a quick way to know that the site is
secure?
• The website has a banner that says it's secure
• The URL begins with https
• The URL begins with tls
• The URL begins with http
• When browsing a website, what is a quick way to know that the site is
secure?
• The website has a banner that says it's secure
• The URL begins with https
• The URL begins with tls
• The URL begins with http
• Which of these are examples of database software? Select all that
apply.
• CUPS
• PostgreSQL
• MySQL
• Apache
• Which of these are examples of database software? Select all that
apply.
• CUPS
• PostgreSQL
• MySQL
• Apache
• When a website is having issues on the client side, what number does
the HTTP status code start with?
• 2xx
• 4xx
• 6xx
• 5xx
• When a website is having issues on the client side, what number does
the HTTP status code start with?
• 2xx
• 4xx
• 6xx
• 5xx
• What does a directory server provide?
• A replication service.
• A network time service.
• A lookup service for an organization.
• A real-time communication service.
• What does a directory server provide?
• A replication service.
• A network time service.
• A lookup service for an organization.
• A real-time communication service.

• A directory service allows members of an organization to lookup

information about the organization, like network resources and their
addresses.
• What benefits does replication provide? Check all that apply.
• Virtualization
• Decreased latency
• Enhanced security
• Redundancy
• What benefits does replication provide? Check all that apply.
• Virtualization
• Decreased latency
• Enhanced security
• Redundancy

• Directory server replication grants redundancy by having multiple copies of

the database being served by multiple servers. The added servers that provide
lookup services also reduce the latency for clients querying the service.
• What is the most popular directory services protocol used today?
• Directory Access Protocol
• Directory System Protocol
• Directory Operational Binding Management Protocol
• Lightweight Directory Access Protocol
• What is the most popular directory services protocol used today?
• Directory Access Protocol
• Directory System Protocol
• Directory Operational Binding Management Protocol
• Lightweight Directory Access Protocol

• LDAP is the most popular and widely used directory access protocol
today.
• Active Directory is the LDAP implementation for ________________.
• Ubuntu
• Linux
• MAC
• Microsoft
• Active Directory is the LDAP implementation for ________________.
• Ubuntu
• Linux
• MAC
• Microsoft

• Active Directory or AD has some customization and added features of

LDAP for the Windows platform.
• The containers in a Directory Service are referred to as
_____________.
• subfolders
• organized structure
• organizational units (OUs)
• user accounts
• The containers in a Directory Service are referred to as _____________.
• subfolders
• organized structure
• organizational units (OUs)
• user accounts

• Organizational units (OUs) can contain individual files or objects for a

directory service. OUs can also contain additional folders.
•ADDITIONAL READING IS
STRONGLY RECOMMENDED