LPIC1.pt1

Question 1

/etc/aliases.db

Answer 1

/etc/aliases.db
database file that your local MDA will read to determine where to send email, it has to be updated when any changes are made to the aliases on the system

Question 2

usermod

Answer 2

• modify the characteristics and/or membership of existing users
• -c [description] - modifies the user description in the /etc/passwd file
• -d [new home directory] - changes the user’s home directory
• -e [date] - change the date of account expiration
• -f [# days] - change the number of days after a password reaches max age the account will still allow login
• -g [GID] - change the user’s primary GID
• -G [GID] - change the user’s secondary GID(s) (can be multiple groups in a comma delimited list)
• -s [path and file of login shell] - changes the full path and name of the default login shell for the user
• -u [UID] - changes the UID (NOTE: will change home directory to match, but not any other user owned files)
• -L - locks the user’s account
• -U - unlocks the user’s account

Question 3

special UID’s

Answer 3

• UID 0 - root/admin user on any system
• UID 1 - ‘bin’ user (system binaries and nonlogin accounts)
• UID 48 - apache user (if installed)
• UID 99 - ‘nobody’ account (used for a variety of things, FTP anonymous access for example, may also map to a root account for certain NFS configurations (i.e. the root_squash option))

Question 4

dpkg-reconfigure [current desktop manager]

Answer 4

allows reconfiguration of display manager, screen should prompt for any installed DM (on Debian/Ubuntu systems)

Question 5

/etc/systemd/journald.conf

Answer 5

• configuration file for journald
• common settings are for size of log and whether logging is forwarded to syslog as well (or installed equivalent)

[Journal]
SystemMaxUse= how much disk space the journal can use. default is 10%
RuntimeMaxUse= how much ram the journal can use. Default is 10%
SystemMaxFileSize= how large individual log files can get
RuntimeMaxFileSize= hot large log files can get in RAM
MaxRetentionSet= how long log files will be kept. default is 1 month.

Question 6

cupsctl

Answer 6

used to control CUPS configuration, run with no options, displays the current configuration

Question 7

ip forwarding

Answer 7

• the ability for your host to forward packets to another location and respond
• allows your system to function as a router
• two methods to enable:
  1. echo 1 > /proc/sys/net/ipv4/ip_forward
  2. edit /etc/sysctl.conf and add ‘net.ipv4.ip_forward=1’
• NOTE: method one is not permanent but will take immediate effect, method two requires a reboot (or combined with method one)

Question 8

ect/securetty

Answer 8

defines where the root user is allowed to log in (if it does not exist, root can login from anywhere)

Question 9

xdm

Answer 9

• display manager that is part of the Xorg software package
• /usr/bin
• directory where it will exist if installed
• xorg-x11-xdm
• package for the display manager
• not generally installed/used unless no full desktop environment is being used
• /etc/X11/xdm
• configuration directory

Question 10

ntp / ntpd

Answer 10

• Network Time Protocol
• network time protocol daemon (service)
• allows you to define a pool of network servers that are synchronized to a globally distributed network of time servers
• those that get a time update from a ‘reference’ clock (like the naval observatory in the USA) are called ‘stratum 1 servers’

Question 11

var/log/journal

Answer 11

binary file wherein the systemd log is stored if configured to store log to disk (not default)

Question 12

run/log/journal

Answer 12

binary file wherein the systemd log is stored if configured to store log to disk (default)

Question 13

/var/lib/ntp/drift

Answer 13

file that track system time drift

Question 14

iconv

Answer 14

• a utility used to convert between character encodings
• -c - clears unknown characters
• -f [type] - from indicated type
• -t [type] - to the indicated type
• -l - lists all available encoding types
• -o - specify new file to create
• for example - iconv -c -f ASCII -t MACCYRILLIC VNCHOWTO > VNCHOWTO.new.cyrillic
• would clear any unknown characters in the file stream from VNCHOWTO, and convert from ASCII to MACCYRILLIC encoding, writing the new file the VNCHOWTO.new.cyrillic
• NOTE: this is not a language translator, simply a character encoding translator

Question 15

/etc/cups

Answer 15

• configuration directory for CUPS
• configuration file list:
• classes.conf - configures class definitions
• cupsd.conf - primary configuration file for the daemon
• cupsd.conf.default - sample default configuration file to revert to as backup
• printers.conf - configuration of each printer on the system
• ppd - directory of PPD (printer driver files) on each printer on the system

Question 16

lightdm

Answer 16

• works as a service
• systemctl status lightdm (systemd systems)
• /etc/lightdm/lightdm.conf
• if it exists, will contain the configuration for the display manager
• designed to be a lighter weight display manager (and replaced kdm)
• /usr/share/doc/lightdm
• directory containing sample configuration file

Question 17

xfs

Answer 17

• font server for X

* provides access to fonts for the X server

Question 18

/etc/motd

Answer 18

if exists, displays the contents of this file when someone logs onto the system

Question 19

logger

systemd-cat

Answer 19

• allows you or a command to log a message to /var/log/messages
• CTL-D to end and write the message
• -i - passed additional information to syslog

can also be used in a script

systemd-cat is the journald version of logger

Question 20

ssh

Answer 20

• secure shell
• related commands (also secure) - scp, ssh-agent ssh-add
• -l [user] [host] - logs in as the specified user to the host
• [user]@[host] - logs in as the specified user to the host
• -X - enable SSH XWindow forwarding
• -x - disable SSH XWindow forwarding
  -Y - new more secure way to forward XWindows
  ssh -Y user@host

Question 21

systemd (logging)

Answer 21

• uses it’s own logging system called ‘journal’ (with ‘journald’ being the daemon for it)
• adopted on most modern systemd based distributions
• primarily, the difference lies in that the logging is done to a binary rather than plain text file, allowing you the ability to query metadata, command line details, PIDs, binaries and security privileges (some of which just are not available with a plain text file)
• because it is part of the service management system, all daemon messaging is automatically logged rather than the sysvinit variant of syslog wherein each service is responsible for how and what messages are logged

Question 22

xwininfo

Answer 22

• displays a plethora of window information on the chosen window on the desktop
• running the command will present you with a special pointer to choose the window to query for info

Question 23

/ect/logrotate.conf

Answer 23

primary configuration for log rotation (defaults and system files to rotate)

• each file in logrotate.d adds or overrides settings to the defaults in the configuration file
• NOTE: files in logrotate.d are usually added/maintained by the package manager as part of the install/update/removal of packages

Question 24

hwclock

Answer 24

allows you to work with the hardware clock directly

• outputs the hardware clock date/time
• NOTE: the hardware clock is unaware of time zones

Question 25

set the hardware clock to the current system time by using this command:

Answer 25

hwclock –systohc

Set hwclock to UTC:
sudo hwclock –systohc –utc

Question 26

set the system time from the hardware clock by using the following command:

Answer 26

hwclock –hctosys

Question 27

/etc/X11/xorg.conf

Answer 27

• the primary configuration file for the XWindows system

newer versions of xorg/Xserver dont use xorg.conf, but instead put configuration files into the /etc/X11/xorg.conf.d directory.

• major sections (exam)
• ServerLayout: Settings for “screen / input devices”-combinations
• Files: files that are used by your X server (i.e. fonts)
• Module: used to specify which Xorg server modules should be loaded.
• InputDevice - keyboards and mice (and perhaps special keypads if detected)
• Device - Settings for graphics card(s) and any driver references
• Monitor: - monitor(s) detected
• Screen: - Settings for “graphics card / display”-combinations. description of resolutions and color depths that are supported for the detected monitor and X server
• ServerFlags: - Common X server settings
  Monitor: Settings for displays

Question 28

getent

Answer 28

• utility to allow you to search both local (/etc/passwd and /etc/shadow) for account information as well as network sources (i.e. LDAP)

Question 29

/etc/xinetd.conf

Answer 29

primary configuration file, including files in /etc/xinetd.d with files (one each) per service that is controlled
* the request will come to the daemon, which will check for the service type and port and then scan for the appropriate service configuration file in /etc/xinit.d

Question 30

/etc/ntp.conf

Answer 30

• pool of ntp servers

* defines drift file to track clock drift

Question 31

netstat

Answer 31

• can print network connections, routing tables, interface stats, etc
• -a - show all sockets on active interfaces
• -c - refresh stats every 1 second
• -p - shows name and PID for each socket
• -t - show TCP stats
• -r - show the routing table
• -n - do not attempt name resolution (IP only)
• -l - display listening sockets only

Question 32

ss

Answer 32

used to dump socket statistics. it allows showing information similar to netstat

Question 33

kdm

Answer 33

• KDM display manager (legacy)
• uses QT libraries
• replaced by kwin and later lightdm (see below)
• /etc/kde/kdm
• configuration directory
• /usr/bin
• executable location

Question 34

route

Answer 34

• displays the current routing table
• adds/removes routes as indicated
• for example - route add default gw 192.168.1.1
• would manually add a default gateway to the system going to 192.168.1.1

-n - dont do name resolution
del - delete a route.
add - add a new route.
-net - the target is a network.
-host - the target is a host.
netmask - when adding a network route, the netmask to be used.
gw - route packets via a gateway. NOTE: The specified gateway must be reachable first. This usually means that you have to set up a static route to the gateway beforehand.

Question 35

rsyslog

Answer 35

alternative ‘fast’ version of syslog

Question 36

/etc/adjtime

Answer 36

• contains values that track callibration to the clock and a final value to display time in LOCAL or UTC time
• if the file does not exist, no calibration has ever been done and time will default to UTC

Question 37

/etc/ssh/sshd_config

Answer 37

main configuration for sshd (the service)

Question 38

atq

Answer 38

• shows a summary of all jobs scheduled with ‘at’
• will not show the details, but a time and job id
• alias of: at -l

Question 39

/var/log/message

Answer 39

where all log messages go (except mail)

Question 40

/etc/nsswitch.conf

Answer 40

• determines the order that user account information is searched for on a system during login
• for example - password: files nis
  shadow: files nis
• will search for LOCAL files for account information and then search the remote user database configured if not found

Question 41

/usr/share/zoneinfo

Answer 41

• the top level directory containing all time zone definitions
• NOTE: these are binary files and cannot simply by viewed on the console

Question 42

/etc/default/useradd

Answer 42

contains the default values for the useradd command when those parameters are not used

Question 43

unicode

Answer 43

• defines every character as a number (code point)
• originally encoded in 2 bytes, giving you 16k possible characters (called UCS-2)
• once again, the number of characters in this spec was exceeded
• UTF-16 was introduced to allow any character over 16k to be represented with a second pair of bytes
• UTF-8—A character encoding format that encodes all characters in a variable width using blocks of 8 bits. That is, characters are from 1-4 bytes long. UTF-8 is also backward compatible to 8 bit ASCII.
• UTF is the dominant encoding type

Question 44

ntpdate

Answer 44

allows you to set the clock against the indicated ntp server

Question 45

set

Answer 45

• shows all variables and functions in the current environment
• also allows the enable/disable of various shell features

Question 46

/etc/localtime

Answer 46

the system time zone (can be a full time zone copy OR a link to the configured time zone)

Question 47

gdm

Answer 47

• Gnome display manager
• uses GTK+ libraries
• /etc/gdb
• configuration directory
• /usr/bin
• executable directory

Question 48

xinetd

Answer 48

replacement for inetd allowing more granular control of services

Question 49

/var/log/maillog

Answer 49

mail messages are written here

Question 50

xdpyinfo

Answer 50

• provides information on the current X session

* EXAM TOPIC - common question around utilities that can be used to display the screen resolution and color depth

Question 51

syslog-ng

Answer 51

alternative ‘next generation’ syslog

Question 52

~/.ssh/authorized_keys

Answer 52

stores public keys for logging in as the user that owns the directory

• authorized_keys file lets the server authenticate the user

Question 53

ssh_keygen

Answer 53

creates a public/private key pair for use with SSH

• -b [#] - encryption key size (i.e. 1024, 2048, etc) (default 4096)
• -t [type] - encryption key type (DSA or RSA) - (RSA is more secure and is currently the default)
• will prompt for a password - blank will allow you to use the key to login completely without password whereas entering a passphrase effectively creates two factor authentication (key + passphrase)
• file permissions on keys should be either 644 (older) or 600 (newer)

Question 54

timedatectl

Answer 54

• list-timezones - list all the timezones to choose from
• set-timezone [country/zone] - set to the indicated timezone
• make the actual changes, setting the /etc/localtime system setting to the time zone chosen

Question 55

useradd

• m
• d
• k
• g
• u
• e
• G
• f
• o
• s
• D
• c

Answer 55

• standard utility to add new users to a system
• can behave differently on Red Hat based vs. Debian based systems, best bet is to run the command with explicity parameters
• -m - create home directory
• -d [directory] - specify the home directory to create
• -k [skeleton directory] - copies the contents of the specified directory (usually /etc/skel) to new user’s home directory
• -g [primary GID] - specify the user’s primary GID
• -u [UID] - assign the indicated UID to the user (NOTE: will error if exists)
• -e [date] - the date this account is disabled after
• -G [secondary GID] - allows you to set a secondary group for the user
• -f [# days] - sets the number of days after a password reaches max age the account will still allow login
• -o [non-unique UID] - allows the creation of a user with a UID that is NOT unique (duplicate)
• -s [path and file of login shell] - a full path and name of the default login shell for the user
• -D [show defaults]
• -c [comments - i.e. full name]

Question 56

/etc/timezone

Answer 56

ocal file that Debian systems use to store the name of the time zone configured

Question 57

ssh-id-copy

Answer 57

• copies your public key to the user and host as indicated
• for example - ssh-copy-id user@user.mylabserver.com
• after the password is entered for the indicated user, will copy the public key from this host and user to the remote host and user’s ‘authorized_keys’ file and you can thereafter login on that system and account with this key
• manual method - copy/paste the contents of your public key into the remote user’s authorized_keys file and set the permissions at 600
• next connection will either work (no passphrase setup) or prompt just for passphrase

Question 58

.forward

Answer 58

• home directory file for user’s to define their own forwarding rules
• no alias needs to be indicated since it is for the account it exists within, only need to indicate the account to forward it to

Question 59

lpoptions

Answer 59

• allows the setting of printer options at the command line
• -d [printer] - sets the default printer to the indicated value
• -p [printer] - deals with the indicated printer
• -l - list options for the indicated printer/queue
• for example - lpoptions -p CUPS-PDF -l
• would display all options for the CUPS-PDF printer

Question 60

env

Answer 60

• when run alone, displays current environment variables and their values
• can be used to modify the current environment right before you run a command (or a script when used at the top)

Question 61

/etc/ssh/known_hosts

Answer 61

file used to check public keys of known/trusted hosts (does not exist by default)

The known_hosts file lets the client authenticate the server

Question 62

locale

Answer 62

• a way of representing your language, country and encoding type
• -a - show you the locales that are installed on your system

Question 63

/etc/X11/perfdm

Answer 63

script that tests for the preferred display manager (on Red Hat/CentOS systems)

Question 64

ssh-add

Answer 64

• will prompt you for your passphrase on your public key (if set)
• once entered, subsequent uses will not require entry until exited

Question 65

visudo

Answer 65

• special editing mode for vi that will allow editing and syntax/erro checking of the /etc/sudoers file
• NOTE: the editor used can be changed by setting the ‘EDITOR’ environment variable to any other available text editor

Question 66

TCP wrappers

Answer 66

Uses /etc/hosts.allow and /etc/hosts.deny to restrict access to network services.

sysntax for both files is the same:
services : clients [: option1 : option2 : …]

• services is a comma-separated list of services the current rule should be applied to.
• clients represent the list of comma-separated hostnames or IP addresses affected by the rule. The following wildcards are accepted:
  
  • ALL matches everything. Applies both to clients and services.
  • LOCAL matches hosts without a period in their
  • FQDN, such as localhost.
  • KNOWN indicate a situation where the hostname, host address, or user are known.
  • UNKNOWN is the opposite of KNOWN.
  • PARANOID causes a connection to be dropped if reverse DNS lookups (first on IP address to determine host name, then on host name to obtain the IP addresses) return a different address in each case.
• Finally, an optional list of colon-separated actions indicate what should happen when a given rule is triggered.
  You may want to keep in mind that a rule allowing access to a given service in /etc/hosts.allow takes precedence over a rule in /etc/hosts.deny prohibiting it. Additionally, if two rules apply to the same service, only the first one will be taken into account.

Question 67

edit /etc/hosts.allow and /etc/hosts.deny,

To allow SSH and FTP access only to 192.168.0.102 and localhost and deny all others

Answer 67

/etc/hosts.deny:

sshd,vsftpd : ALL
ALL : ALL

and the following line in /etc/hosts.allow:

sshd,vsftpd : 192.168.0.102,LOCAL

Question 68

gpasswd

Answer 68

administer /etc/group and /etc/gshadow

-a, –add user
Add the user to the named group.
-d, –delete user
Remove the user from the named group.
-r, –remove-password
Remove the password from the named group. Only
group members will be allowed to use newgrp to join
the named group.

Question 69

etc/syslog.conf

Answer 69

/etc/syslog.d/ - extra config files for programs to use the syslog daemon. daemon must be restarted before changes to syslog.conf or etc/syslog.d/ will take effect.

Examples
Here are some example, partially taken from a real existing site and configuration. Hopefully they rub out all questions to the configuration, if not, drop me (Joey) a line.

# Store critical stuff in critical
#
*.=crit;kern.none            /var/adm/critical
This will store all messages with the priority crit in the file /var/adm/critical, except for any kernel message.
# Kernel messages are first, stored in the kernel
# file, critical messages and higher ones also go
# to another host and to the console
#
kern.*                       /var/adm/kernel
kern.crit                    @finlandia
kern.crit                    /dev/console
kern.info;kern.!err          /var/adm/kernel-info
The first rule direct any message that has the kernel facility to the file /var/adm/kernel.
The second statement directs all kernel messages of the priority crit and higher to the remote host finlandia. This is useful, because if the host crashes and the disks get irreparable errors you might not be able to read the stored messages. If they're on a remote host, too, you still can try to find out the reason for the crash.

The third rule directs these messages to the actual console, so the person who works on the machine will get them, too.

The fourth line tells the syslogd to save all kernel messages that come with priorities from info up to warning in the file /var/adm/kernel-info. Everything from err and higher is excluded.

Messages of the priority alert will be directed
# to the operator
#
*.alert root,joey
This rule directs all messages with a priority of alert or higher to the terminals of the operator, i.e. of the users ‘‘root’’ and ‘‘joey’’ if they’re logged in.

*.debug ~
will not log these messages, but will delete them

Question 70

What is /etc/bash.bashrc?

Answer 70

The Debian version of bash is compiled with a special option (-DSYS_BASHRC) that makes bash read /etc/bash.bashrc before ~/.bashrc for interactive non-login shells. So, on Debian systems, /etc/bash.bashrc is to ~/.bashrc as /etc/profile is to ~/.bash_profile.

Question 71

~/.bash_profile

Answer 71

This is the preferred configuration file for configuring user environments individually. In this file, users can add extra configuration options or change default settings:

Question 72

~/.bash_login

Answer 72

This file contains specific settings that are normally only executed when you log in to the system. In modern system’s this file has basically been replaced with ~/.bash_profile or ~/.profile, as these files perform the same functions.

In the example, we use it to configure the umask value and to show a list of connected users upon login.

Question 73

File test operators (Returns true if…..

Answer 73

• e file exists
• f file is a regular file (not a directory or device file)
• s file is not zero size
• b file is a block device
• c file is a character device

Question 74

Wayland

Answer 74

Wayland is intended as a simpler replacement for X, easier to develop and maintain. GNOME and KDE are expected to be ported to it.

Question 75

xauth

Answer 75

program is used to edit and display the authorization information used in connecting to the X server.

Question 76

chage

Answer 76

-d, –lastday LAST_DAY
Set the number of days since January 1st, 1970 when
the password was last changed. The date may also
be expressed in the format YYYY-MM-DD (or the
format more commonly used in your area).

-E, –expiredate EXPIRE_DATE
Set the date or number of days since January 1, 1970
on which the user’s account will no longer be
accessible. The date may also be expressed in the
format YYYY-MM-DD (or the format more commonly
used in your area). A user whose account is locked
must contact the system administrator before being
able to use the system again.
Passing the number -1 as the EXPIRE_DATE will
remove an account expiration date.

-h, –help
Display help message and exit.

-I, –inactive INACTIVE
Set the number of days of inactivity after a password
has expired before the account is locked. The
INACTIVE option is the number of days of inactivity. A
user whose account is locked must contact the
system administrator before being able to use the
system again.
Passing the number -1 as the INACTIVE will remove
an account’s inactivity.

-l, –list
Show account aging information.

-m, –mindays MIN_DAYS
Set the minimum number of days between password
changes to MIN_DAYS. A value of zero for this field
indicates that the user may change his/her password
at any time.

-M, –maxdays MAX_DAYS
Set the maximum number of days during which a
password is valid. When MAX_DAYS plus LAST_DAY
is less than the current day, the user will be required
to change his/her password before being able to use
his/her account. This occurrence can be planned for
in advance by use of the -W option, which provides
the user with advance warning.
Passing the number -1 as MAX_DAYS will remove
checking a password’s validity.

-W, –warndays WARN_DAYS
Set the number of days of warning before a password change is required. The WARN_DAYS option is the number of days prior to the password expiring that a user will be warned his/her password is about to expire.

Question 77

/etc/localtime

Answer 77

/etc/localtime should be a symbolic link to a file under /usr/share/zoneinfo/. System management utilities such as timedatectl can change the setting, and they would do that by changing the target of the symbolic link.

Question 78

GNU gettext

Answer 78

• Library that handles internationalization
• Relies on environment variables to determine which locale is necessary
• LANGUAGE: Used when displaying messages, but does not affect formatting
• LC_ALL: Force the indicated locale even if other variables are set differently
• LC_XXX gives the administrator the power to override a locale for a particular element. For example, if LANG were set to en_US.UTF-8 the user could override currency display by setting LC_MONETARY.
• LANG: Encoding type

Question 79

LANG

Answer 79

Encoding type. The locale and language settings are defined in the LANG variable that you can see if you run echo $LANG

Set the English locale:

$ LANG=en_US.utf8
Set the Russian locale:

$ LANG=ru_RU.utf8

you can set it permanently. Put the following line to the ~/.bashrc or ~/.profile files, to change permanently the locale of the current user to en_US.utf8:

export LANG=en_US.utf8

Question 80

LC_ALL

Answer 80

LC_ALL is the environment variable that overrides all the other localisation settings (except $LANGUAGE under some circumstances). … The individual LC_xxx variables override a certain aspect. LC_ALL overrides them all. The locale command, when called without argument gives a summary of the current settings.

Question 81

tzselect

Answer 81

utility to view the installed
timezone. It comes handy when you want to know what time it is in other countries, or if
you just wonder what timezones exist.

Question 82

timedatectl

Answer 82

part of systemd system and service manager, a replacement for old traditional date command used in sysvinit daemon based Linux distributions.

Question 83

UTF-8

Answer 83

UTF-8 is a variable width character encoding capable of encoding all 1,112,064 valid code points in Unicode using one to four 8-bit bytes. The encoding is defined by the Unicode Standard, and was originally designed by Ken Thompson and Rob Pike.

Question 84

pool.ntp.org

Answer 84

The pool.ntp.org project is a big virtual cluster of timeservers providing reliable easy to use NTP service for millions of clients.

Question 85

journalctl

Answer 85

Examples:

shows newest log entries first
# journalctl -r
show only most recent entries and limits lines specified.
# journalctl -n
Show all messages from this boot:
# journalctl -b
However, often one is interested in messages not from the current, but from the previous boot (e.g. if an unrecoverable system crash happened). This is possible through optional offset parameter of the -b flag: journalctl -b -0 shows messages from the current boot, journalctl -b -1 from the previous boot, journalctl -b -2 from the second previous and so on – you can see the list of boots with their numbers by using journalctl –list-boots. See journalctl(1) for a full description; the semantics are more powerful than indicated here.
Show all messages from date (and optional time):
# journalctl –since=”2012-10-30 18:17:16”
Show all messages since 20 minutes ago:
# journalctl –since “20 min ago”
Follow new messages:
# journalctl -f
Show all messages by a specific executable:
# journalctl /usr/lib/systemd/systemd
Show all messages by a specific process:
# journalctl _PID=1
Show all messages by a specific unit:
# journalctl -u man-db.service
Show kernel ring buffer:
# journalctl -k
Cataloge
# journalctl -x
Show only error, critical and alert priority messages:
# journalctl -p err..alert
You can use numeric log level too, like journalctl -p 3..1. If single number/log level is used, journalctl -p 3, then all higher priority log levels are also included (i.e. 0 to 3 in this case).
Show auth.log equivalent by filtering on syslog facility:
# journalctl SYSLOG_FACILITY=10

Question 86

Clear systemd journal

Answer 86

Clear systemd journals older than X days
The first one is time-based, clearing everything holder than say 10 days.

$ journalctl –vacuum-time=10d
…
Vacuuming done, freed 2.3G of archived journals on disk.

Alternatively, you can limit its total size.

Clear systemd journals if they exceed X storage
This example will keep 2GB worth of logs, clearing everything that exceeds this.

$ journalctl –vacuum-size=2G
…
Vacuuming done, freed 720.0M of archived journals on disk.

Question 87

/etc/logrotate.conf

Answer 87

/etc/logrotate.conf: this file contains some default settings and sets up rotation for a few logs that are not owned by any system packages. It also uses an include statement to pull in configuration from any file in the /etc/logrotate.d directory.

Question 88

/etc/logrotate.d/

Answer 88

/etc/logrotate.d/: this is where any packages you install that need help with log rotation will place their Logrotate configuration. On a standard install you should already have files here for basic system tools like apt, dpkg, rsyslog and so on.

Question 89

~/.forward

Answer 89

Allows user to configure their own forwarding rules. You can have your mail forwarded to more than two addresses by adding more addresses, separated by a comma and a space.

example file contents:
username1@host1, username2@host2

For example, if you are user dvader and you want to forward your mail to vader@empire.gov, anakin@darkside.com, and darth@sithlord.org, you would enter:
vader@empire.gov, anakin@darkside.com, darth@sithlord.org

Question 90

/etc/aliases

Answer 90

Used to configure mail forwarding
Edit the /etc/aliases file (with vi editor)
Append / change an email alias in this format
alias_name: email_id1, email_id2, …

E.g. append this new email alias to the /etc/aliases
blogadmin: walkernews@walkernews.net, assist@walkernews.net
Save and exit the alias file
Execute the newaliases command followed by echo $? (suppose there is no error found, you will get a 0 returned by the echo command).
Alternatively, you can execute the equivalent sendmail -bi command (since this is a Sendmail system)

By now, you should test and confirm the works done so far. E.g. send an email to the email alias:

mail -s “testing with aliases name blogadmin” blogadmin

Question 91

/etc/resolv.conf

Answer 91

Lists nameservers that are used by your host for DNS resolution. If you are using DHCP, this file is automatically populated with DNS record issued by DHCP server.

example:
nameserver 192.168.1.2

Question 92

/etc/hosts/

Answer 92

static lookup method for resolution

Question 93

/etc/nsswitch.conf

Answer 93

Defines order of resolution. Who should it consult first for resolution, a DNS or a host file? For example, if the file has following configuration hosts: files dns then /etc/hosts file will be checked first for resolution, if domain is still un-resolvable, DNS will then be consulted.

Question 94

w (command)

Answer 94

w displays info about the - uptime, number of users currently on the machine, and system load: 1, 5, 15min.

also shows usersand their processes.

unlike ‘who’ which only display’s who is logged in to the system

Question 95

Which IP Addresses Are Private?

Answer 95

10. 0.0.0 to 10.255.255.255
11. 16.0.0 to 172.31.255.255
12. 168.0.0 to 192.168.255.255

Another range of private IP addresses is 169.254.0.0 to 169.254.255.255, but those addresses are for Automatic Private IP Addressing (APIPA) use only.

Question 96

Sourcing a file

Answer 96

Sourcing a file executes it in the current shell environment instead of creating a separate child environment. Thus variables set in the script are available in the current environment. If the script didn’t export the variable, it will not be available to child processes later on.

Question 97

env

Answer 97

The env command, and note that it’s a command not built into the shell, allows you to modify the environment prior to running a command. By itself it displays all environment variables.
The most common use of env is at the beginning of a shell script. In this case it’s /usr/bin/ruby. But what if ruby is somewhere other than /usr/bin? Using #!/bin/env ruby gets the shell to search for Ruby in the PATH

Question 98

ISO-8859

Answer 98

ISO-8859 standard—A series of standards that define standard 8-bit code pages for character encoding.

ISO-8859-1 is the Latin alphabet with English characters, ISO-8859-9 is the Latin alphabet with Turkish characters.

Question 99

TZ

Answer 99

environment variable that can be used to override the system timezone:

export TZ=US/Hawaii

Question 100

Toggle Keys:
Slow Keys:
Sticky:
Repeat Keys:
Bounce Keys:
Mouse Keys:

Answer 100

Toggle Keys - is capable of being configured to emit a sound when a key such as the Ctrl key is pressed.

Slow Keys - governs the duration of a key’s press before the system accepts it,

Sticky - Sticky Keys is a feature that allows the user to perform keyboard combinations, such as Ctrl+c, without having to hold down the modifier button while pressing the combination. For example, instead of holding down the Ctrl button while pressing the c key, the user can press the Ctrl button once and then press the c key.

Repeat Keys - governs how many times a key will be repeated with a single press.

Bounce Keys - governs how the system will ignore several quick or repeated presses on a key.

Mouse Keys - When Mouse Keys are enabled, the user can move the mouse cursor by using keys on the keyboard. On the number pad, keys 1-4 and 6-8 represent directions to move the mouse. Pressing on the 5 key represents clicking the mouse once. Double pressing 5 represents double-clicking. For this to work, the Num Lock feature must be turned off.

Question 101

If you do need to create a /etc/X11/xorg.conf file, make sure you are in a command-line environment and execute the __________ command.

Answer 101

X –configure

Question 102

xhost

Answer 102

xhost —Shows the current state.
xhost - —Enables security; only those that are authorized can connect.
xhost + —Disables security; anyone can connect.

xhost +host1 host2
host1 being added to the access control list. host2 being added to the access control list

xhost –host3 host4
host3 being blocked from access. host4 being blocked from acces

Question 103

chgrp

Answer 103

Users can have only a single primary group; if they need to create an object that has to be assigned to another group, the user can use the chgrp command.
chgrp [option] [group] [file]

For a single file, this is easy, but if the user wants to create a bunch of files owned by a different group, this technique can be tedious.

Another option is for users to temporarily change their primary group with the newgrp command.

Question 104

newgrp

Answer 104

Another option is for users to temporarily change their primary group with the newgrp command. For example:
newgrp users
The newgrp command doesn’t alter the /etc/passwd file or the /etc/group file; “it opens a new shell with a different primary group”. By default, a user can use the newgrp command to temporarily change her primary group to any group she is a member of. After creating the necessary files, the user can return to the shell that has the default primary group by executing the exit command. Note that users can change only to groups that they are a secondary member of.

Question 105

Here is a listing of the files and permissions on both Red Hat and Debian:
/etc/passwd"
Red Hat = -????????? (???)
Debian   = -????????? (???)
/etc/shadow"
Red Hat = -?????????  (???)
Debian   = -?????????  (???)

Answer 105

/etc/passwd"
Red Hat = -rw-r--r-- (644)
Debian   = -rw-r--r-- (644)
/etc/shadow"
Red Hat = -r--------  (400)
Debian   = rw-r-----  (640)

Question 106

The passwd utility includes some of the previous options, such as these:

• d
• n
• x
• w
• i
• S

Answer 106

The passwd utility includes some of the previous options, such as these:

• d—Disables a user account by removing its password
• n—Sets the minimum password lifetime in days
• x—Sets the maximum password lifetime in days
• w—Sets the warning number of days before the password expires
• i—Sets the number of days an account with an expired password can be inactive before it’s locked
• S—Shows the user password information, such as what encryption is used and whether a password is set

Question 107

The ulimit command accepts many options, including the following:

• a
• c
• d
• f
• n
• t
• u
• v
• m

Answer 107

NOTE: tp make changes permanant you will need to edit the /etc/security/limits.conf file.
maxlogins - max logins for particular user
maxsyslogins - max logins for the system

The ulimit command accepts many options, including the following:

• a - show user’s ulimit settings
• c—Limits the size of core (crash dump) files
• d—Limits the size of the user’s process data
• f—Limits the maximum size of files created in the shell
• n—Limits the number of open file descriptors or open files allowed
• t—Limits the amount of CPU time allowed to the user (expressed in seconds)
• u—Limits the number of processes that a given user can run
• v—Limits the maximum amount of virtual memory available to the shell
• m - max memory size

Question 108

ping

• b
• c
• s
• t

Answer 108

• b -allow ping of broadcast address
• c -count
• s -packetsize. default is 56
• t -ttl

Question 109

The at command uses a variety of time specifiers, some complex and some simple:

Answer 109

midnight—Runs the task at 00:00 on the current day.
noon—Runs the task at 12:00 on the current day.
teatime—Runs the task at 16:00 (at’s British roots are evident).
time-of-day—Such as 2:00 p.m. or 5:00 a.m.
date—You can specify a time on a specific day, such as 2pm jul 23 or 4am 121504.
now + time—You can specify any number of minutes, hours, days, and weeks from the current time, such as now + 30 minutes.

• -f - specifiy a file to run

Question 110

batch (command)

atrun

Answer 110

The batch command is used to run tasks or jobs at no specific time, but at a particular threshold of system utilization.

By default, batch runs jobs once at a future time when the system 1 minute load average is less than or equal to 0.8. This can be configured by specifying the desired utilization average with the atrun command, such as
atrun -l 1.6
This sets the threshold that batch will watch to 1.6, and if load average drops below that value, the batch job is run.

Question 111

lpadmin

Answer 111

• c class - Adds the named printer to class. If class does not exist it is created automatically.
• r class - Removes the named printer from class. If the resulting class becomes empty it is removed.
• u allow:user,user; -u deny:user,user; -u allow:all; -u deny:none - Sets user-level access control on a printer. The latter two forms turn user-level access control off.
• E - Enables the printer and accepts jobs; this is the same as running the accept(8) and enable(8) programs on the printer.
• L - location. Provides a textual location of the printer.

Question 112

lsof

Answer 112

• i - view active network connections
• n - don’t do name resolution
• u - specify user

Question 113

date

Answer 113

%A locale’s full weekday name (e.g., Sunday)

   %b     locale's abbreviated month name (e.g., Jan)

   %B     locale's full month name (e.g., January)

   %d     day of month (e.g., 01)

   %D     date; same as %m/%d/%y

   %F     full date; same as %Y-%m-%d

   %H     hour (00..23)

   %m     month (01..12)

   %M     minute (00..59)

   %s     seconds since 1970-01-01 00:00:00 UTC

   %S     second (00..60)

   %T     time; same as %H:%M:%S

   %U     week number of year, with Sunday as first day of week (00..53)

   %y     last two digits of year (00..99)

   %Y     year

   %z     +hhmm numeric time zone (e.g., -0400)

Question 114

timedatectl

Answer 114

list-timezones
set-timezone -e.g. “America/New_York”
set-time -e.g. “2018-12-1 01:00:00” (set time persistently)
set-ntp on/off

Question 115

var/log/dmesg
var/log/mesages
var/log/secure

Answer 115

var/log/dmesg - linux kernel boot messages (hardware issures)

var/log/mesages - standard system log messages

var/log/secure - security log messages, containing info on login attempts