finals Flashcards
1
Q
what does a package manager do?
A
makes it easy for users to manage software on their system. Allows you to do stuff like install, remove, update software
2
Q
What is an advantage of package manager?
A
generally handle dependencies. If a package needs additional software to run, the package manager will install it too
3
Q
What is one of the few tools that makes one Linux distro different from another?
A
the package manager. And diff distros will have different packages in their package repositories
4
Q
What’s the package manager for Arch Linux?
A
pacman
5
Q
What’s the package manager for Ubuntu?
A
apt
6
Q
What’s the package manager for Nix?
A
nix
7
Q
What is one of the reasons Arch Linux is so popular?
A
it has a lot of packages and those packages are generally up-to-date
8
Q
Which distro has the largest package repository? By how much?
A
Nix. By ~30% more
9
Q
pacman command to refresh local package repository?
A
pacman -Sy
10
Q
pacman command to upgrade isntalled packages
A
pacman -Syu
11
Q
pacman command to install one or more packages and any dependencies
A
pacman -S <packages>
12
Q
pacman command to search for a packages
A
pacman -Ss <search term>
13
Q
pacman command to remove a package, configuration files, and package dependencies
A
packman -Rns <packages>
14
Q
pacman command to display remote information about a package. To display extensive info about a given package??
A
pacman -Si <package>
15
Q
what is getopts? What arguments does it take?
A
it’s a shell builtin that can be used to handle options in shells scripts.
it takes 3 arguments:
- valid options that will be handled
- a variable populated with option arguments (ie “${opt}” )
- a list of options and arguments to be processed $@
16
Q
what is optarg?
A
when a flag is set to expect an argument, the argument for that flag is held in the OPTARG variable (eg. my_script -n “ted” <– the OPTARG for -n is the string “ted”)
17
Q
how to tell getopts to run in silent error checking mode?
A
Put a colon in the options string
eg. “:a:b:”
the first : tells it to run in silent error checking mode
18
Q
what does “shift” do?
A
Shift positional parameters n characters to the LEFT (default is 1 character).
Cannot undo it (no “unshift”).
Shifts are cumulative
19
Q
how to shift positional parameters to remove any options handled by getopts
A
shift $(($OPTIND -1))
20
Q
do the flags and flag options come first or the positional arguments?
A
flags and flag options should be provided before positional arguments
21
Q
how to check if there are positional parameters
A
shift $(($OPTIND -1))
if [[ $# -lt 1 ]]; then
echo “….”
exit 1
fi
22
Q
What’s FTP?
A
File Transfer Protocol
Popular method of transferring files to and from remote servers
23
Q
Why was FTP deprecated?
A
Lack of security features
24
Q
What’s SFTP?
A
Secure(or SSH) File Transfer Protocol
provides functionality similar to FTP, but uses SSH for security
25
How to get the help menu for sftp?
?
or
help
26
What's the sftp command to make a local directory? To make a remote directory?
local directory:
lmkdir dir-name
remote directory:
mkdir dir-name
27
how to download a file from remote server?
Connect via sftp. Then:
get file-path
28
How to upload a file via sftp?
put file-path
file will be uploaded to the users home directory
29
Vim: what does gg do?
go to beginning of file
30
Vim: what does =G do?
indent and go to file end
31
Vim: how do you move to the first instance of a character in a line?
`f `
eg. f g
will move to the first instance of the letter g on the current line
32
What can pacman do?
can install, update, remove packages
33
What's a package and what does it contain?
A package is an archive.
It contains:
o All of the compiled files of an application
o Metadata about the app (eg. app name, version, dependencies, etc)
o Installation files and directives for pacman
o (optionally) extra files to make your life easier (eg. a start/stop script)
34
benefits of using packages instead of compiling and installing programs yourself
o Easily updatable
o Dependency checks
o Clean removal
35
why should you use "pacman -Syu package_nam" instead of "pacman -Sy package_name"
in practice, do not run "pacman -Sy package_name" cuz it can lead to dependency issues
36
How to install single package or list of packages?
pacman -S package_name1 package_name2
37
What's a virtual package?
Special package that does not exist by itself but is provided by 1 or more other packages. Virtual packages cannot be installed by their name; they’re installed when you have installed a package providing the virtual package
38
To remove a single package but leave its dependencies installed
pacman -R package_name
39
To remove package and its dependencies not required by other packages
pacman -Rs package_name
40
To remove package that’s required by another packages without removing the dependent package
pacman -Rdd package_name
41
To search for already installed package
pacman -Qs string1 string2
42
To list all packages no longer required as dependencies (orphans)
pacman -Qdt
43
Pacman stores downloaded packages where?
/var/cache/pacman/pkg/
44
Does pacman remove old or uninstalled versions automatically? Yes or no, and what are the advantages?
No.
o Allows downgrade without having to retrieve previous version through other means
o Package that has been uninstalled can easily be reinstalled directly from cahce directory without new download from the repository
45
How to delete all cached versions of installed and uninstalled packages except for the most recent 3
paccache -r
46
To remove all cached packages not currently installed and unused sync databases
pacman -Sc
47
How to download package without installing it
pacman -Sw package_name
48
What is a "unit"?
any resource/object that systemd knows how to manage
49
What is a unit file?
Where are systemd unit files found?
unit file is a plain text ini-style file that encodes information about a service, socket, device,... controlled and supervised by systemd
/usr/lib/systemd/system
/run/systemd/system
/etc/systemd/system
50
Where are the system's copy of unit files? The systemd unit files distributed with installed RPM
/usr/lib/systemd/system
51
Where are dynamically created unit files created at runtime
/run/systemd/system
52
What should you do if you need to modify the system’s copy of a unit file?
create a unit file here: /etc/systemd/system
53
Order of precedence for unit files?
1. /etc/systemd/system
2. /run/systemd/system
3. /usr/lib/systemd/system
54
How can you override specific directives from the system’s unit file?
Create subdirectory named after the unit file with .d appended to the end
eg. for unit called example.service, create a subdir called example.service.d and in this directory a file ending with .conf will override or extend the attributes of the system’s unit file
55
What are the types of unit files?
.service
.socket
.device
.mount
.automount
.swap
.target
.path
.timer
.snapshot
.slice
.scope
56
what do service files do?
Manages services/applications (start/stop, auto-start conditions, dependencies, ordering info for related software).
57
what are the sections of a service unit file?
[Unit]
...
[Service]
...
[Install]
...
58
What is "WantedBy=" in a unit file? Which section does it go in?
In [Install]
Specifies how unit should be enabled. Lets you specify dependency relationship.
eg. WantedBy=multi-user.target
59
What are template unit files? How do you identify it?
can be used to make multiple instances of units. They have a @ after base unit file and before unit (eg. example@.service)
60
What is systemd?
it's an init system and system manager
61
what's the fundamental purpose a an init system?
initialize components that must be started after linux kernel is booted
62
How to start service?
sudo systemctl start application.service
63
how to stop service
sudo systemctl stop application.service
64
how to restart or reload a service?
sudo systemctl reload-or-restart application.service
65
How to enable service? Disable?
sudo systemctl enable application.service
sudo systemctl disable application.service
66
What does enabling a service do?
Tells systemd to start the service automatically at boot. It will create a symbolic link from the system's copy of the service file (usually at /usr/lib/systemd/system or /etc/systemd/system) into a location where systemd looks for autostart files (usually etc/systemd/system/some_target.target.wants)
67
how to check status of service?
systemctl status application.service
68
how to check if unit is currently active?
systemctl is-active application.service
exit code 0 if it's active
69
How to check if unit is enabled?
systemctl is-enabled application.service
exit code 0 if enabled, exit code 1 if disabled
70
How to get a list of all "active/running" units that systemd knows about?
How to see every available unit file within systemd path (all installed; including those systemd didn't try to load)?
systemctl list-units
systemctl list-unit-files
71
how to show process status for a PID? Status of a unit?
systemctl status
systemctl status
72
what is systemctl?
a tool used to manage services. eg. find information about services, start/stop service, enable/disable service
73
How to see unit's dependency tree?
systemctl list-dependencies sshd.service
74
What is masking a unit and how do you do it?
sudo systemctl mask nginx.service
marks the unit as completely unstartable
75
Command that will open a unit file snippet? What does it do?
sudo systemctl edit nginx.service
make a blank file that can be used to override or add directives. A dir is created in /etc/systemd/system that contains the name of the unit w/ .d appended. In that dir, a snippet called override.conf is created
76
how to reload systemd manager configuraiton? (reload configuration files)
sudo systemctl daemon-reload
Reload the systemd manager configuration. When you modify unit files or other systemd configuration files
77
What is a target?
A group of services that are attached through dependencies that start all of the services required to meet some sort of system state. Special unit files that describes a system state or synchronization point.
Have suffix .target
78
How to find default target for system?
systemctl get-default
79
how to list available targets?
how to see current targets loaded into memory?
systemctl list-unit-files --type=target
systemctl list-unit --type=target
80
list all active targets
systemctl list-units --type==target
81
How to isolate a target?
sudo systemctl isolate multi-user.target
82
how to restart systemctl?
sudo systemctl reboot
83
how to put system into rescue (single-user) mode?
sudo systemctl rescue
84
What's nginx?
open-source, high-performance HTTP web server
85
What's a web server? What's the purpose of it?
a web server is software we can run on our hardware server. The purpose is to server documents over the internet. Usually using HTTP(s). Web severs help provide secure access to documents. Many provide additional features like load balancing and proxy forwarding
86
What is a firewall?
A security system which monitors and governs the network traffic. Kind of like having a gatekeeper. Allows certain things in and out.
87
What port is SSH?
22
88
What's port number for HTTP?
80
89
Why use a firewall?
Main use care is for security. It can intercept incoming malicious traffic before it reaches network. Can prevent sensitive information from leaving network.
Also filters content.W
90
What's UFW?
a program that makes it easier to manage a netfilter firewall. UFW manages nftables or iptables
91
how to install ufw?
sudo pacman -S ufw
92
what are the 2 parts to enabling ufw?
1. enable ufw service managed by systemd
2. enable configured firewall (managed by ufw utility itself)
93
how to enable and start ufw with systemctl? When happens when you use this command?
sudo systemctl enable --now ufw.service
creates a symbolic link: /etc/systemd/system/multi-user.target.wants/ufw.service -> /usr/lib/systemd/system/ufw.service
94
where are the system-wide configuration files for ufw?
/etc/ufw
95
how to check status of ufw? What does it show?
sudo ufw status verbose
shows port it's connecting to ("To"), if it's allowing/denying/etc ("Action"), and connection from where ("From")
96
what's the defult ufw configuration?
deny all incoming traffic
allow all outgoing traffic
97
how to set default for ufw? eg. default to not allow anything in?
sudo ufw default...
sudo ufw default deny incoming
sudo ufw default allow outgoing
98
what happens when you use "sudo ufw limit ssh"?
UFW sets up rules to limit new incoming connections to the SSH port (port 22) to a threshold that typically allows 6 connections from a single IP address within a period of 30 seconds. If this rate is exceeded, subsequent connection attempts are blocked for a period of time
99
how to allow addresses in the range 203.0.113.0/24 to connect via ssh?
sudo ufw allow from 203.0.113.0/24 to any port 22
100
how to deny traffic from the address 203.1.113.4?
sudo ufw deny from 203.1.113.4
101
how to rate limit ssh connection?
how to allow ssh from anywhere?
ufw limit ssh
sudo ufw allow ssh
102
what's port 22?
ssh
103
what's port 80?
http
104
ufw - how to see list of application commands?
sudo ufw app list
105
ufw how to allow http connections?
sudo ufw allow http
106
how to turn on firewall?
sudo ufw enable
107
how to delete a rule in ufw? Eg. delete ssh
sudo ufw delete allow SSH
108
how to get number list/status of ufw rules?
sudo ufw status numbered
shows the rules but numbered and you can remove it with its number (eg. sudo ufw delete 2)
109
what's an advantage of cloud service provider offering a firewall over a tool like UFW?
you can configure a firewall in the cloud service provider than put it in front of multiple servers
110
when would you use UFW instead of a cloud service providers firewall?
- need firewall rules for specific application (lets you manage rules tailored to the needs of the applications on that server without affecting the other systems)
- When you don't have a cloud firewall tool you can use.
111
what's a proxy server?
intermediary server that sits b/w the client and destination server on the internet. It acts on behalf of the client, making requests to resources on other servers and then returning the data back to the client.
112
describe where a REVERSE proxy sits. What does it do? Benefits?
user's device --> internet --> reverse proxy --> original server
Reverse proxy sits in front of 1 or more web servers. It receives requests intended for the servers, processes them, then forwards it to the appropriate server. Client doesn't know anything about the actual server.
Useful for load balancing, web acceleration, security
113
describe where a FORWARD proxy sits. What does it do? benefits?
user's device <-- forward proxy <-- internet <-- server
sits between client and internet. Retrieves data from internet on behalf of client.
Useful for: privacy/anonymity, malware prevention, content control/filtering, caching
114
what is "proxy_pass"? Where is it used/set?
It's a directive used in web server configuration (like nginx) to forward requests received by server to another server. "proxy_pass" is key component to set up reverse proxy. Enables nginx to act on behalf of the client to retrieve resources from another server (the proxy server or backend server) and then send t back to the client.
Configured in location blocks in nginx configuration file. In a server block
115
What is the "proxy_set_header"?
it's a directive used to pass headers from the original request to the proxy server.
In the nginx configuration --> in the server block --> in the location block
116
vim: what does 0 do?
go to start of line
117
vim: what does $ do?
go to end of a line
118
vim: what does M do?
move to middle of screen
119
What has a PID 1?
systemd
120
how to create symlink?
ln -s /source/location /destination/location
121
how to disable a site?
unlink the active symlink in /etc/nginx/sites-enabled
eg.
unlink /etc/nginx/sites-enabled/example.conf
122
what is the SaaS version of nginx?
the .com version
123
what is the .org version of nginx?
open source web server
124
how to start nginx service?
sudo systemctl start nginx.service
125
where is the main nginx configuration file?
/etc/nginx/nginx.conf
126
what's a common dir for storing web content served by nginx? (There's no default, it's based on the distro)
/var/www/html
127
what's https port number?
443
128
what command validates nginx.conf file for syntax errors?
sudo nginx -t
129
Where is the HTML document nginx is serving by default? (But it depends on the distro)
/usr/share/nginx/html/index.html
130
when do you use "sudo systemctl reload nginx"
reloads the configuration of the Nginx
131
where is default configuration of systemd?
/etc/systemd/system. conf
132
vim: what's gg
go to the file beginning
133
what's a service? what are 2 examples of services?
any background process that runs without a user interface. Services generally wait for events to occur that trigger some response. "Service" sometimes used interchangeably with "daemons".
2 examples: web server (waits for response from client before returning response), sshd (waits for remote user to login via ssh)
134
what is multi-user.target?
when all of the services needed for a minimal working server have started. this is a common one for servers
135
what's grphical.target?
when all services needed for graphical login have started. when you can login through graphical login manager. this is a common one for desktop. graphical.target first loads the multi-user.target and adds several additional dependencies to tit
136
What does in the /etc/systemd/system/ directory?
- Systemd files created by "systemctl enable"
- unit files added for extending a service
137
How do you handle dependency when: unit A needs unit B to be running before A is started?
in [Unit] section of A, add Requires=B and After=B
Note: with After= then the two units can be started in parallel
138
What happens with WantedBy= ?
When unit with this directive is enabled, a dir will be made in /etc/systemd/system named after the specified unit (that you want) with .wants appended to the end. Then a symbolic link to the current unit will be placed inside.
139
What are some thing in the [Unit] section of a unit file?
usually used for metadata and configuring relationships
eg.
Description=
Requires=
Before=
140
vim: c, ci", ca"
c key in normal mode is "change".
ci" will delete contents inside of matching quotes as long as cursor is anywhere inside of the quotes.
ca" will also delete the quotation marks
can also be ci( and stuff. a = around, i=inside
Eg. when you press c then w, it deletes from the cursor position to the end of the word under the cursor.
