Course Code: FUD-CYB 204

Course Title: Linux System Administration

Level: Undergraduate
Credit Hours: 3 Units
Duration: 14 Weeks
Delivery: Lectures + Lab Practicals
Week 1: Introduction to Linux
• What is Linux?
• History of Linux
• Basic Linux commands
• Linux file system structure
Week 2: Installation and Configuration
• Linux installation
• Linux boot process
• System configuration
• Managing system services
Week 3: User and Group Management
• Creating and managing user accounts
• Setting user and group permissions
• User environment configuration
Week 4: File Systems and Storage Management
• File system types
• Mounting and unmounting file systems
• Disk partitioning
• Logical Volume Management (LVM)
Week 5: Networking
• Network configuration
• Network interfaces and IP addresses
• Domain Name System (DNS)
• Network File System (NFS)
Week 6: User & Permission Management
• User authentication and authorization
• Firewall configuration
• Secure Shell (SSH)
• Security updates and patches
Week 7: Web Server Administration
• Apache HTTP server
• NGINX web server
• Virtual hosts and DNS
• SSL/TLS encryption
Week 8: Database Server Administration
• MySQL/MariaDB database server
• PostgreSQL database server
• Database backup and recovery
• Database replication
Week 9: Automation and Scripting
• Shell scripting
• Cron jobs
• Automation tools like Ansible and Puppet
Week 10: Essential Services
 SSH server setup (sshd)
  Apache/Nginx web server basics
 FTP/SFTP configuration
 Firewalls (ufw, iptables)
Week 11: System Logs & Monitoring
 Syslog and log file structure (/var/log)
 journalctl, logrotate
 Monitoring with top, iotop, vmstat, uptime
 Introduction to Nagios and Zabbix
Week 12: Backups and Recovery
 tar, rsync, dd, cron jobs for backup
 Snapshot tools (LVM, Timeshift)
 Disaster recovery strategies
Week 13: Security Essentials
 Securing SSH
 File integrity checks
 Basic firewall rules
 SELinux and AppArmor (introductory)
Week 14: Final Project Presentation & Review
 Final project presentation: "Set up a secure web server on Linux with SSH access and automated backup"
 Course wrap-up and career paths in Linux/DevOps/System Admin
A Brief History of Linux
In popular usage, “Linux” often refers to a group of operating system distributions built around the
Linux kernel. In the strictest sense, though, Linux refers only to the presence of the kernel itself. To
build out a full operating system, Linux distributions often include tooling and libraries from the
GNU project and other sources.
More developers and Cybersecurity professionals are increasingly using Linux to build, secure,
and run systems and applications. Linux plays a crucial role not only in mobile application
development but also in securing cloud infrastructures, configuring firewalls, managing system
logs, and monitoring for threats. It has also contributed significantly to the development of
affordable devices such as Chromebooks, which run operating systems based on the Linux kernel.
Within cloud computing, Cybersecurity, and server environments, Linux is a popular choice for
several practical reasons:
 Its distributions remain current and are supported by large communities of developers and
Cybersecurity experts.
 It runs on a wide range of hardware and installs alongside other operating systems—an
advantage in multi-environment testing and local development.
 It supports centralized software installation from secure repositories, which simplifies
patching and vulnerability management.
 Its low resource requirements make it ideal for lightweight and embedded deployments,
including security appliances and penetration testing environments.
 It is widely adopted in building server-side tools and ecosystems, offering high compatibility
for defensive and offensive Cybersecurity tools.
 It allows deep customization of system behavior—vital for hardened security environments
and forensic investigations.
Linux also traces its roots to the free and open-source software (FOSS) movement. Many
developers and Cybersecurity professionals choose Linux for a mix of ethical and operational
reasons:
 For some, using Linux reflects a commitment to transparency, accessibility, and freedom of
expression in software.
 The extensive and active Linux community offers valuable support: when professionals
encounter problems or need help securing systems, they can draw from a wealth of
community knowledge and documentation or directly contact maintainers and contributors.
To understand Linux’s vital role in both development and Cybersecurity, this lesson will explore
its historical roots in Unix, and introduce some of the most widely used Linux distributions, many
of which are purpose-built for system administration and Cybersecurity tasks.

Roots in Unix
Linux has its roots in Unix and Multics, two projects that shared the goal of developing a robust
multi-user operating system.
The Beginnings of Unix
Unix developed out of the Multics project iteration at the Bell Laboratories’ Computer Sciences
Research Center. The developers working on Multics at Bell Labs and elsewhere were interested in
building a multi-user operating system with single-level storage, dynamic linking (in which a
running process can request that another segment be added to its address space, enabling it to
execute that segment’s code), and a hierarchical file system.

Bell Labs stopped funding the Multics project in 1969, but a group of researchers, including Ken
Thompson and Dennis Ritchie, continued working with the project’s core principles. In 1972-3 they
made the decision to rewrite the system in C, which made Unix uniquely portable: unlike other
contemporary operating systems, it could both move from and outlive its hardware.

Research and development at Bell Labs (later AT&T) continued, with Unix System Laboratories
developing versions of Unix, in partnership with Sun Microsystems, that would be widely adopted
by commercial Unix vendors. Meanwhile, research continued in academic circles, most notably the
Computer Systems Research Group at the University of California Berkeley. This group produced
the Berkeley Software Distribution (BSD), which inspired a range of operating systems, many of
which are still in use today. Two BSD distributions of historical note are NeXTStep, the operating
system pioneered by NeXT, which became the basis for macOS, among other products, and MINIX,
an educational operating system that formed a comparative basis for Linus Torvalds as he
developed Linux.

Key Features of Unix

Unix is oriented around principles of clarity, portability, and simultaneity.

 Clarity: Unix’s modular design allows functions to run in a limited and defined way. Its file
system is unified and hierarchical, which simplifies the manipulation of data. Unlike some
of its predecessors, Unix implements hundreds (rather than thousands) of system calls, each
of which is designed to be straightforward and clear in goal.
 Portability: By writing Unix in C, the group at Bell Labs positioned Unix for wide-scale
use and adoption. C was designed to have low-level access to memory, minimal run-time
support, and an efficient relationship between language and machine instructions. A basis in
C means Unix is adaptable and easy to run on a variety of hardware.
 Simultaneity: The Unix kernel is tailored toward the goal (shared by the Multics project) of
sustaining multiple users and workflows. Kernel space remains distinct from user space in
Unix, which allows multiple applications to run at the same time.

The Evolution of Linux

Unix raised important questions for developers, but it also remained proprietary in its earliest
iterations. The next chapter of its history is thus the story of how developers worked within and
against it to create free and open-source alternatives.

Open-Source Experiments
Richard Stallman was a central figure among the developers who were inspired to create non-
proprietary alternatives to Unix. While working at MIT’s Artificial Intelligence Laboratory, he
initiated work on the GNU project (recursive for “GNU’s not Unix!”), eventually leaving the Lab in
1984 so he could distribute GNU components as free software. The GNU kernel, known as GNU
HURD, became the focus of the Free Software Foundation (FSF), founded in 1985 and currently
headed by Stallman.
Meanwhile, another developer was at work on a free alternative to Unix: Finnish undergraduate
Linus Torvalds. After becoming frustrated with licensure for MINIX, Torvalds announced to a
MINIX user group on August 25, 1991 that he was developing his own operating system, which
resembled MINIX. Though initially developed on MINIX using the GNU C compiler, the Linux
kernel quickly became a unique project with a core of developers who released version 1.0 of the
kernel with Torvalds in 1994.

Torvalds had been using GNU code, including the GNU C Compiler, with his kernel, and it remains
true that many Linux distributions draw on GNU components. Stallman has lobbied to expand the
term “Linux” to “GNU/Linux,” which he argues would capture both the role of the GNU project in
Linux’s development and the underlying ideals that fostered the GNU project and the Linux kernel.
Today, “Linux” is often used to indicate both the presence of the Linux kernel and GNU elements.
At the same time, embedded systems on many handheld devices and smartphones often use the
Linux kernel with few to no GNU components.

Key Features of Linux

Though the Linux kernel inherited many goals and properties from Unix, it differs from the earlier
system in the following ways:

 Its core component is the kernel, which is developed independently from other operating
system components. This means that Linux borrows elements from a variety of sources
(such as GNU) to comprise an entire operating system.
 It is free and open-source. Maintained by a community of developers, the kernel is licensed
under the GNU General Public License (an offshoot of the FSF’s work on the GNU Project),
and available for download and modification. The GPL stipulates that derivative work must
maintain the licensing terms of the original software.
 It has a monolithic kernel, similar to Unix, but it can dynamically load and unload kernel
code on demand.
 It has symmetrical multiprocessor (SMP) support, unlike traditional Unix implementations.
This means that a single operating system can have access to multiple processors, which
share a main memory and access to all I/O devices.
 Its kernel is preemptive, another difference from Unix. This means that the scheduler can
force a context switch on a driver or another part of the kernel while it is executing.
 Its kernel does not differentiate between threads and normal processes.
 It includes a Command Line Interface (CLI) and can also include a Graphic User Interface
(GUI).

Popular Linux Distributions

Developers maintain many popular Linux distributions today. Among the longest-standing is
Debian, a free and open-source distribution that has 50,000 software packages. Debian inspired
another popular distribution, Ubuntu, funded by Canonical Ltd. Ubuntu uses Debian’s deb package
format and package management tools, and Ubuntu’s developers push changes back upstream to
Debian.

A similar relationship exists between Red Hat, Fedora, and CentOS. Red Hat created a Linux
distribution in 1993, and ten years later split its efforts into Red Hat Enterprise Linux and Fedora, a
community-based operating system that utilizes the Linux kernel and elements from the GNU
Project. Red Hat also has a relationship with the CentOS Project, another popular Linux distribution
for web servers. This relationship does not include paid maintenance, however. Like Debian,
CentOS is maintained by a community of developers.
Major Linux Distribution Families
1. Debian Family:
• Characteristics: Known for its strong commitment to free software, stability, and a
robust package management system (apt and .deb packages). It's community-
driven and has a very large number of derivatives.
• Distributions in this family:
• Debian (the base)
• Ubuntu (and its many flavors like Kubuntu, Xubuntu, Lubuntu, Ubuntu
MATE, Pop!_OS, elementary OS)
• Linux Mint (has a Debian-based edition and an Ubuntu-based edition)
• Kali Linux
• MX Linux
• Devuan (a fork of Debian without systemd)
• Many, many more...
2. Red Hat Family (RPM-based):
• Characteristics: Commercial focus (Red Hat Enterprise Linux - RHEL), but also
strong community involvement (Fedora). Uses RPM packages and dnf (or yum in
older versions) for package management. Often at the forefront of adopting new
technologies.
• Distributions in this family:
• Fedora (the upstream community project)
• Red Hat Enterprise Linux (RHEL)
• CentOS (historically a free rebuild of RHEL, now CentOS Stream as an
upstream for RHEL)
• AlmaLinux (a community-driven RHEL fork)
• Rocky Linux (another community-driven RHEL fork)
• Oracle Linux (Oracle's RHEL derivative)
3. SUSE Linux Family (RPM-based):
• Characteristics: Known for its user-friendly tools like YaST (Yet another Setup
Tool), focus on enterprise use, and being one of the oldest commercial Linux
distributions. Also uses RPM packages.
• Distributions in this family:
• openSUSE (the community project)
• SUSE Linux Enterprise Server (SLES)
 • SUSE Linux Enterprise Desktop (SLED)

Other Independent/Base Distribution Families

While the above three are often considered the "big three," there are other independent distributions
that have established their own ecosystems and spawned derivatives:
4. Arch Linux Family:
• Characteristics: Adheres to the "KISS" (Keep It Simple, Stupid) principle,
providing a minimalist base system with a rolling release model. Known for its
extensive documentation (Arch Wiki) and the Arch User Repository (AUR). Uses
pacman for package management.

• Distributions in this family:

• Arch Linux (the base)
• Manjaro
• EndeavourOS
• ArcoLinux
• BlackArch
• Many smaller community-driven projects.
5. Gentoo Linux Family:
• Characteristics: Source-based distribution where most software is compiled from
source code during installation and updates. Offers extreme customization and
optimization. Uses the "Portage" package management system.
• Distributions in this family:
• Gentoo Linux (the base)
• ChromeOS (yes, Google's ChromeOS is based on Gentoo!)
• Funtoo Linux (a fork of Gentoo)
• Calculate Linux
6. Slackware Linux Family:
• Characteristics: One of the oldest surviving Linux distributions (first released in
1993). Known for its simplicity, stability, and adherence to the "Unix-like"
philosophy. It has a very manual approach to package management (no automatic
dependency resolution).
• Distributions in this family:
• Slackware (the base)
• Salix OS
• VectorLinux
 • (Historically, SUSE Linux itself was initially based on Slackware, though it
has long since evolved into its own distinct family.)
7. NixOS Family (Emerging/Unique):
• Characteristics: A relatively newer but distinct family based on the Nix package
manager and a declarative configuration model. Focuses on reproducibility, atomic
upgrades, and solving "dependency hell."
• Distributions in this family:
• NixOS (the primary distribution)
• Guix System (uses the GNU Guix package manager, similar principles)
8. Linux From Scratch (LFS):
• As discussed, LFS is not a "family" in the sense of having many derivatives. It's a set
of instructions for building your own custom Linux system from source. Any system
built this way is effectively its own unique "distribution" based on the LFS
principles.
These families represent different philosophies in terms of package management, system design,
and target user bases, leading to the rich diversity we see in the Linux ecosystem today.
Basic Linux Commands and File System Structure
PART 1: Basic Linux Commands
When working with operating systems like Windows and macOS, users typically run applications
like web browsers, word processors, spreadsheets, and games. These applications are usually
packed with features and are designed to operate independently.
In contrast, the Linux command line operates differently. Instead of large, feature-rich
applications, Linux provides thousands of small, single-purpose commands. These tools follow
the Unix philosophy: "Do one thing and do it well."
Linux commands are the essential tools used to interact with the system via the terminal or shell.
Understanding these commands is the first step to mastering Linux system administration.

Example of Basic Commands

 cat: Prints files to the screen.

 ls: Lists files in a directory.

 mv: Renames or moves files.

Each command serves a well-defined and simple purpose.

Combining Commands
If you need to perform more complex tasks, Linux enables you to combine multiple commands.
This transforms your mindset:
 From: "Which app should I launch?"
 To: "Which commands should I combine?"
This modular approach is powerful and flexible.

Focus of This Chapter

You will learn how to combine six Linux commands using pipes. These commands are:
 wc
 head
 cut
 grep
 sort
 uniq
This is similar to learning to cook with just six ingredients. We will focus on combining them for
various practical and illustrative tasks.
Input, Output, and Pipes
Linux commands typically:
 Read input from the keyboard
 Write output to the screen

Terminology:
 stdin (standard input): Input stream from the keyboard.

 stdout (standard output): Output stream to the screen.

Introducing Pipes (|)

You can connect the stdout of one command to the stdin of another using the pipe symbol |.

Example:
$ ls -l /bin

This command lists the contents of /bin in long format. However, if the output is too long, it
scrolls off the screen.
Instead, use the less command:
$ less myfile

To combine both:
$ ls -l /bin | less

This displays the directory contents one screenful at a time.

Explanation:
 ls writes output to stdout.

 less reads input from stdin.

 Using a pipe (|) connects them:

 The output of ls becomes the input of less.

This construct is known as a pipeline.

Commands do not need to be aware they are in a pipeline. Each continues to function as if it is
reading from or writing to the terminal.

Summary
 Linux favors small, composable commands.
 You can combine commands using pipes.
 This modularity enables powerful, flexible workflows.
The next sections will introduce more commands and demonstrate complex use cases using
pipelines.

1.1 What is the Linux Shell?

 The shell is a command-line interface (CLI) that allows users to interact with the Linux
operating system.
 The most common shell is Bash (Bourne Again SHell), though others like Zsh, Fish, and Sh
are also used.

1.2 Basic Command Syntax

command [options] [arguments]

 command – the name of the command you want to run.

 options – flags that modify the command behavior (usually start with - or --).

 arguments – the targets or values the command operates on.

1.3 Frequently Used Linux Commands

Command Description Example Usage
pwd Prints current directory pwd
ls Lists files and directories ls -l /home
cd Changes directory cd /var/log
touch Creates a new empty file touch file.txt
mkdir Creates a new directory mkdir new_folder
rm Deletes files or directories rm file.txt
cp Copies files and directories cp file1.txt /backup/
mv Moves or renames files mv file.txt newfile.txt
cat Views file contents cat file.txt
less/more Views file contents with paging less longfile.log
man Displays manual for a command man ls
echo Displays a line of text echo Hello World
chmod Changes file permissions chmod 755 script.sh
chown Changes file ownership chown user:group file.txt
top Real-time process monitoring top
ps Displays process snapshot ps aux
df Disk usage of filesystems df -h
du Disk usage of directories/files du -sh *
find Finds files and directories find /home -name "*.pdf"
grep Searches for patterns in files grep "root" /etc/passwd
history Shows command history history
clear Clears terminal screen clear
1.4 Navigation and Shortcuts
 ~ : Home directory

 . : Current directory

 .. : Parent directory

 TAB : Autocomplete file/folder names

 Ctrl + C : Stop running command

 Ctrl + D : Logout or EOF

 Ctrl + L : Clear screen

PART 2: Linux File System Structure

The Linux file system follows a hierarchical tree structure, starting from the root (/) directory.

2.1 Key Directories in Linux

Directory Description
/ Root directory, top of the file system
/bin Essential command binaries (e.g., ls, cp)
/boot Boot loader files and kernel
/dev Device files (e.g., /dev/sda1)
/etc Configuration files
/home User directories (e.g., /home/alice)
/lib Essential shared libraries
/media Mount point for removable media (USB, CDs)
/mnt Temporary mount point for filesystems
/opt Optional software packages
/proc Virtual filesystem for kernel and process information
/root Home directory for the root user
/run Temporary files for system processes
/sbin System binaries (used for system admin)
/srv Data for services like web and FTP
/sys Kernel and hardware information
/tmp Temporary files (often cleared on reboot)
/usr Secondary hierarchy for read-only user data and applications
/var Variable files like logs, mail, spool
2.2 File Types in Linux
Linux categorizes files into several types:
 Regular files (-) — e.g., text, binary, scripts.

 Directories (d) — folders containing files.

 Symbolic links (l) — shortcuts to other files.

 Character special files (c) — devices like keyboards.

 Block special files (b) — storage devices like hard disks.

 Sockets (s) — inter-process communication endpoints.

 Pipes (FIFO) (p) — used for process communication.

2.3 File Permissions

 File permissions use a triplet model: owner, group, and others.
 Each triplet can have:
 r: Read
 w: Write
 x: Execute
-rwxr-xr-- 1 root staff 2345 Jan 1 10:00 script.sh

2.4 Important Configuration Files

File Purpose
/etc/passwd User account information
/etc/group Group account information
/etc/shadow Secure user password data
/etc/fstab Filesystem mounting information
/etc/hostname System hostname
/etc/resolv.conf DNS resolver settings
/etc/hosts Static hostname/IP mappings

Summary
 Basic commands are essential for navigating, managing files, users, and processes in Linux.
 Linux file system is structured and modular, with specific directories serving distinct
purposes.
 Permissions and file types are integral to maintaining security and functionality in Linux
environments.
Practice Exercise
1. Use ls -l to check file permissions in your home directory.

2. Create a directory my_project and a file readme.txt inside it.

3. Use chmod to make readme.txt read-only for others.

4. Use df -h and du -sh to check disk usage.

5. Use cd /etc, then list 3 important configuration files.

Week 2: Installation and Configuration in Linux
1. Linux Installation
1.1. Preparation Before Installation
 Choose a Linux Distribution: e.g., Ubuntu, Fedora, Debian, CentOS, Arch Linux.
 System Requirements: CPU, RAM, disk space, etc.
 Download ISO Image: From the distribution’s official website.
 Create Bootable Media: Use tools like:
 Rufus, balenaEtcher (Windows)
 dd (Linux/macOS)

1.2. Installation Steps

1. Boot from USB/DVD:
 Enter BIOS/UEFI settings to change boot order.
2. Select Installation Type:
 Install alongside another OS
 Erase disk and install Linux
 Custom partitioning
3. Set Up User Details:
 Username, hostname, and password
4. Partitioning (Manual or Automatic):
 / (Root)

 /home (User files)

 swap (virtual memory)

 /boot, /var, etc. (optional)

5. Begin Installation:
 Files copied and configured
6. Reboot & Log In

1.3. Post-Installation Tasks

 Update package repositories (apt update, yum update)

 Install missing drivers (e.g., Wi-Fi, GPU)

 Set up software (Office suite, media players, etc.)
2. Linux Boot Process
The boot process consists of six major steps:

2.1. BIOS/UEFI
 Basic Input/Output System performs hardware checks (POST).
 Loads the bootloader from the MBR or EFI partition.

2.2. Bootloader (GRUB/LILO)

 GRUB (GRand Unified Bootloader) is the most common.
 Allows selection of the OS/kernel version.
 Loads the Linux kernel into memory.

2.3. Kernel Initialization

 Detects hardware
 Mounts root file system (initramfs or initrd)

2.4. init/systemd
 Starts the first user-space process, usually init or systemd.

 systemd is the default in most modern distros.

2.5. Runlevel/Target Loading

 Based on target/runlevel, loads services and daemons:
 multi-user.target, graphical.target, etc.

2.6. Login Prompt

 Text-based (TTY) or graphical login screen (GDM, LightDM, etc.)

3. System Configuration
3.1. Host and Network Configuration
 Hostname: hostnamectl set-hostname yourhostname

 IP Configuration:
 Static IP: edit /etc/network/interfaces (Debian),
/etc/sysconfig/network-scripts/ifcfg-* (RedHat)

 DHCP: configure NetworkManager or systemd-networkd

3.2. Users and Groups

 Create user: adduser username or useradd

 Change password: passwd username

  Add user to group: usermod -aG groupname username

 View groups: groups

3.3. Time and Locale

 Set timezone: timedatectl set-timezone Africa/Lagos

 Sync with NTP: timedatectl set-ntp true

 Set locale: edit /etc/locale.conf, or use localectl

3.4. Package Management

 Debian-based: apt, dpkg

 RedHat-based: yum, dnf, rpm

 Arch-based: pacman

Examples:
 apt update && apt upgrade

 dnf install httpd

 rpm -ivh package.rpm

4. Managing System Services

Modern Linux systems use systemd to manage services.

4.1. Service Management Commands

Action Command
Start service sudo systemctl start sshd
Stop service sudo systemctl stop sshd
Restart service sudo systemctl restart sshd
Enable at boot sudo systemctl enable sshd
Disable at boot sudo systemctl disable sshd
Check status sudo systemctl status sshd
List all services systemctl list-units --type=service
4.2. Checking Boot Targets
 View current target: systemctl get-default

 Change boot target:

systemctl set-default multi-user.target
systemctl set-default graphical.target

4.3. Using journalctl for Logs

journalctl -u sshd
journalctl -xe
Summary
Area Key Tools / Commands
Linux Installation ISO, partitioning, bootable USB, live boot
Boot Process BIOS → GRUB → Kernel → systemd
System Configuration hostnamectl, useradd, timedatectl, apt/dnf
Managing Services systemctl (start, stop, enable, status)

5. Linux Package Management Systems

Package management is a critical part of Linux system administration. It simplifies installing,
upgrading, configuring, and removing software packages in a consistent and reliable manner.
Linux has several package management systems, each associated with specific distributions.
Understanding them is essential for maintaining system integrity and ensuring smooth operation.

5.1. What is a Package Management System?

A package in Linux is a compressed archive that contains all the files needed to install a piece of
software, including:
 The application binary or source code
 Dependency information
 Metadata (such as version, description, maintainer info)
A package manager is a tool that automates the installation, upgrade, configuration, and removal
of software. It resolves dependencies, checks package authenticity, and ensures consistency across
the system.

5.2. Types of Package Managers

There are two main types of package management systems in Linux:
1. Binary Package Managers – handle precompiled software (e.g., apt, yum, dnf,
zypper)

2. Source Package Managers – compile from source (e.g., portage, pkgsrc)

Let’s explore the most popular package managers used across Linux distributions.

5.3. APT (Advanced Package Tool) – Debian-based Systems

Used in: Ubuntu, Debian, Linux Mint
APT is the default package management system for Debian-based distributions. It works with .deb
packages and simplifies working with dpkg.

Common commands:
 sudo apt update # Update package list

 sudo apt upgrade # Upgrade all packages

  sudo apt install nginx # Install nginx

 sudo apt remove nginx # Remove nginx

 sudo apt search apache # Search for a package

Configuration files:
 /etc/apt/sources.list – Defines software repositories

5.4. DNF/YUM – Red Hat-based Systems

Used in: Fedora, Red Hat Enterprise Linux (RHEL), CentOS, AlmaLinux
yum was the traditional package manager in RHEL and CentOS. dnf is its more modern
replacement, used by default in Fedora and newer RHEL versions.
Common commands (DNF/YUM):
 sudo dnf install httpd # Install Apache

 sudo dnf update # Update all packages

 sudo dnf remove httpd # Remove Apache

 sudo dnf search nginx # Search for nginx

Repository config location:

 /etc/yum.repos.d/ – Directory containing .repo files

5.5. Zypper – SUSE-based Systems

Used in: openSUSE, SUSE Linux Enterprise Server (SLES)
zypper is a command-line interface to ZYpp, the package management engine for SUSE-based
systems.
Common commands:
 sudo zypper refresh # Refresh repositories

 sudo zypper install apache2

 sudo zypper update # Update installed packages

 sudo zypper remove apache2

5.6. Pacman – Arch-based Systems

Used in: Arch Linux, Manjaro
Pacman is a lightweight and powerful package manager that uses .pkg.tar.zst format.

Common commands:
 sudo pacman -Syu # Update system

 sudo pacman -S firefox # Install Firefox

 sudo pacman -R firefox # Remove Firefox

  sudo pacman -Ss nginx # Search for nginx

Configuration:
 /etc/pacman.conf – Configuration file

 Repositories: /etc/pacman.d/mirrorlist

5.7. Snap, Flatpak, and AppImage – Universal Package Systems

Modern Linux also supports universal packaging systems that work across distributions.

System Description Example

Snap Canonical-backed, sandboxed apps snap install code
flatpak install flathub
Flatpak Red Hat-backed, supports portals org.gimp.GIMP
Portable apps as single executable ./AppName.AppImage
AppImage
files
These systems are ideal for cross-distro application packaging and desktop apps.

5.8. Summary of Major Package Managers

Package Manager Distributions Format
APT (apt) Ubuntu, Debian .deb
DNF/YUM RHEL, CentOS, Fedora .rpm
Zypper openSUSE, SLES .rpm
Pacman Arch, Manjaro .pkg.tar.zst
Snap / Flatpak Universal varies

5.9. Best Practices for Package Management

 Always run update before installing to get the latest packages.

 Use upgrade cautiously, especially on production systems.

 Avoid mixing package managers (e.g., don’t install .deb on .rpm systems).

 Regularly audit and remove unused packages.

 Secure packages by verifying their origin or GPG signatures.
Week 3: User and Group Management in Linux
User and group management is a fundamental aspect of Linux system administration. It's crucial for
maintaining security, controlling access to resources, and organizing user environments. This note
covers the essential concepts and commands for creating, managing, and configuring user and
group accounts.

1. Creating and Managing User Accounts

Linux is a multi-user operating system, meaning multiple users can log in and interact with the
system simultaneously, each with their own isolated environment and permissions.

1.1 Key Concepts

• User ID (UID): A unique numerical identifier assigned to each user account. UIDs range
from 0 to 65535 or higher.
• 0 (root): Reserved for the superuser (administrator).
• 1-999 (system accounts): Typically reserved for system services (e.g., daemon,
bin, lp).

• 1000+ (regular user accounts): Default starting point for normal user accounts on
most modern distributions.
• Username: A human-readable name for the user account (e.g., john_doe, sysadmin).

• Password: Used for authentication. Stored securely (hashed) in /etc/shadow.

• Home Directory: The default directory where a user lands after logging in (e.g.,
/home/john_doe). This is where users store their personal files.

• Login Shell: The command-line interpreter that starts when a user logs in (e.g.,
/bin/bash, /bin/zsh, /bin/sh).

• Primary Group: Every user must belong to at least one group, which is designated as their
primary group. By default, a private group with the same name as the username is often
created.
• Secondary Groups: Users can also be members of additional (secondary) groups, granting
them permissions associated with those groups.

1.2 User Account Management Commands

useradd (or adduser) - Creating User Accounts
Used to create new user accounts. adduser is often a more user-friendly wrapper around
useradd.

• Basic Usage:
$ sudo useradd [options] username

• Common Options:
 • -m: Create the user's home directory if it doesn't exist. (Often implicit with
adduser).

• -s /path/to/shell: Specify the login shell (e.g., /bin/bash).

• -c "Comment": Add a comment (e.g., full name) to the user's entry in

/etc/passwd.

• -u UID: Specify a specific UID.

• -g GROUP: Specify the user's primary group by name or GID.

• -G GROUP1,GROUP2: Add the user to specified secondary groups.

• -d /path/to/home: Specify a custom home directory.

• Example (using useradd):

$ sudo useradd -m -s /bin/bash -c "Alice Smith" -g users -G
sudo,developers alice

This creates user alice, creates her home directory, sets bash as her shell, adds a comment,
sets users as her primary group, and adds her to sudo and developers secondary
groups.
• Example (using adduser - more interactive/scripted):
$ sudo adduser bob # Prompts for password and other details

passwd - Setting/Changing Passwords

Used to set or change a user's password.
• Basic Usage:
$ sudo passwd username # For root to set/change another user's password
$ passwd # For a user to change their own password

• Example:
sudo passwd salsafh
# Prompts for new password and confirmation

usermod - Modifying User Accounts

Used to modify existing user account properties.
• Basic Usage:
sudo usermod [options] username

• Common Options: Many options are similar to useradd.

• -l new_username: Change the username. (Requires extra steps to fix home

directory path).
• -s /path/to/shell: Change the login shell.
 • -c "Comment": Change the comment.

• -u new_UID: Change the UID.

• -g new_primary_group: Change the primary group.

• -G GROUP1,GROUP2: Replace secondary groups. Use -aG to add to secondary

groups.
• -aG GROUP: Add the user to a secondary group without removing existing ones.

• -d /path/to/new_home: Change the home directory (doesn't move contents).

• -m: Use with -d to move the contents of the old home directory to the new one.

• Example:
$ sudo usermod -s /bin/zsh salsafh # Change shell to zsh
$ sudo usermod -aG marketing salsafh # Add salsafh to 'marketing' group
$ sudo usermod -d /home/salsafh_new_home -m salsafh # Change home
directory and move contents

userdel - Deleting User Accounts

Used to delete user accounts.
• Basic Usage:
sudo userdel [options] username

• Common Options:
• -r: Remove the user's home directory and mail spool. Highly recommended.

• Example:
sudo userdel -r bob # Deletes user bob and his home directory

1.3 Group Management Commands

Groups are used to organize users and manage permissions for collections of users.

1.3.1 Key Concepts

• Group ID (GID): A unique numerical identifier assigned to each group.
• Group Name: A human-readable name for the group (e.g., developers, accounting).

• Primary Group: Every user has one primary group. Files and directories created by the
user typically have their primary group as the owning group.
• Secondary (Supplemental) Groups: Users can belong to multiple secondary groups,
inheriting permissions from all of them.
1.3.2 Group Management Commands
groupadd - Creating Groups
Used to create new groups.
• Basic Usage:
sudo groupadd [options] groupname

• Common Options:
• -g GID: Specify a specific GID.

• Example:
$ sudo groupadd developers

$ sudo groupadd -g 6000 accounting

groupmod - Modifying Groups

Used to modify existing group properties.
• Basic Usage:
$ sudo groupmod [options] groupname

• Common Options:
• -n new_groupname: Change the group name.

• -g new_GID: Change the GID.

• Example:
$ sudo groupmod -n devteam developers # Rename 'developers' to 'devteam'

groupdel - Deleting Groups

Used to delete groups. A group cannot be deleted if it is the primary group of any existing user.
• Basic Usage:
$ sudo groupdel groupname

• Example:
$ sudo groupdel accounting

gpasswd - Managing Group Membership

A convenient command for managing users within groups.
• Basic Usage:
$ sudo gpasswd [options] groupname

• Common Options:
• -a username groupname: Add a user to a group.
 • -d username groupname: Remove a user from a group.

• Example:
$ sudo gpasswd -a charlie developers # Add charlie to 'developers'

$ sudo gpasswd -d charlie developers # Remove charlie from 'developers'

1.4 Checking User and Group Information

• /etc/passwd: Stores user account information (username, UID, GID, comment, home
directory, shell). No password information.
• /etc/shadow: Stores encrypted user passwords and password aging information. Only
readable by root.
• /etc/group: Stores group information (group name, GID, list of members).

• id [username]: Displays UID, GID, and all group memberships for a user.
$ id salsafh

uid=1000(salsafh) gid=1000(salsafh)
groups=1000(salsafh),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),100(use
rs),114(lpadmin),126(vboxusers)

• groups [username]: Displays group memberships for a user.

$ groups salsafh

salsafh : salsafh adm cdrom sudo dip plugdev users lpadmin vboxusers

2. Setting User and Group Permissions

Permissions determine who can access files and directories and what actions they can perform
(read, write, execute). This is a cornerstone of Linux security.

2.1 File System Permissions (Basic)

Linux uses a system of three types of permissions for three categories of users:
• Permission Types:
• r (Read):

• Files: View content.

• Directories: List contents (filenames).
• w (Write):

• Files: Modify, save, or delete the file.

• Directories: Create, delete, or rename files within the directory.
• x (Execute):

• Files: Run the file as a program or script.

• Directories: Enter or "cd" into the directory.
 • User Categories:
• User (u): The owner of the file/directory.
• Group (g): Members of the owning group.
• Others (o): Everyone else on the system.
• All (a): All three categories (u, g, o).

2.2 Viewing Permissions (ls -l)

The ls -l command shows detailed information about files and directories, including
permissions.
• Example Output:
-rw-r--r-- 1 user group 1234 May 1 10:00 myfile.txt
drwxr-xr-x 2 user group 4096 Apr 20 09:30 mydir/

• The first character indicates file type (- for regular file, d for directory, l for
symbolic link, etc.).
• The next nine characters are the permissions, grouped into three sets of rwx for User,
Group, and Others.

2.3 Changing Permissions (chmod)

Used to change file and directory permissions.

2.3.1 Symbolic Mode

Uses u, g, o, a and +, -, =, along with r, w, x.

• +: Add permission.

• -: Remove permission.

• =: Set exact permissions (overwrite existing).

• Examples:
$ chmod u+x myscript.sh # Add execute permission for owner
$ chmod go-w myfile.txt # Remove write permission for group and others
$ chmod u=rw,go=r mydata.txt # Set owner to rw, group/others to r
$ chmod a+x mydir # Add execute for all on mydir (allows entering)
$ chmod -R u+w myproject/ # Recursively add write for owner in myproject/
2.3.2 Numeric (Octal) Mode
Each permission (r, w, x) has a numerical value:
• r = 4
• w = 2
• x = 1
Sum the values for each category (User, Group, Others) to get a three-digit octal number.
• Common Permissions:
• 755 (rwxr-xr-x): Owner has full permissions, group and others can read and
execute (common for directories and executable files).
• 644 (rw-r--r--): Owner can read/write, group and others can only read (common
for text files).
• 700 (rwx------): Only owner has full permissions (private files/directories).

• Examples:
$ chmod 755 myscript.sh # Set rwxr-xr-x
$ chmod 644 myfile.txt # Set rw-r--r--
$ chmod 700 private_dir/ # Set rwx------

2.4 Changing Ownership (chown and chgrp)

chown - Change File/Directory Owner

Used to change the owner and/or the owning group of a file or directory. Only root can change the
owner of a file.
• Basic Usage:
$ sudo chown new_owner file_or_dir
$ sudo chown :new_group file_or_dir # Change only group
$ sudo chown new_owner:new_group file_or_dir # Change both

• Common Options:
• -R: Recursive (for directories).

• Examples:
$ sudo chown salsafh myfile.txt # Change owner to salsafh
$ sudo chown :developers project_dir/ # Change group to developers
$ sudo chown salsafh:developers project_file # Change owner to salsafh,
group to developers
$ sudo chown -R salsafh:developers project_data/ # Recursively change
owner/group
chgrp - Change File/Directory Group
Used specifically to change the owning group of a file or directory. More limited than chown.

• Basic Usage:
$ sudo chgrp new_group file_or_dir

• Common Options:
• -R: Recursive.

• Example:
$ sudo chgrp marketing reports.csv

2.5 Special Permissions

These add extra layers of control beyond basic rwx.

• SUID (Set User ID): (Set on executable files)

• When an executable with SUID is run, it executes with the permissions of the file's
owner, not the user running it.
• Indicated by s in the user's execute permission slot (-rwsr-xr-x).

• Use with caution: Can be a security risk if misused (e.g., passwd command uses
SUID to write to /etc/shadow).

• Numeric value: 4000 (chmod 4755).

• SGID (Set Group ID):

• On executable files: Executes with the permissions of the file's group owner.
Indicated by s in the group's execute permission slot (-rwxr-sr-x).
• On directories: New files/directories created within an SGID directory
automatically inherit the group ownership of the parent directory, not the primary
group of the user who created them. This is very useful for collaborative work.
Indicated by s in the group's execute permission slot (drwxrwsr-x).

• Numeric value: 2000 (chmod 2775 for directories).

• Sticky Bit: (Primarily on directories)

• Users can create files within the directory, but only the owner of a file (or root) can
delete or rename files they created, even if they have write permission on the
directory.
• Commonly used on /tmp (drwxrwxrwt).

• Indicated by t in the others' execute permission slot (-rwxrwxrwt).

• Numeric value: 1000 (chmod 1777).

• Setting Special Permissions (Numeric Mode):

$ chmod 4755 /usr/bin/some_program # Set SUID
 $ chmod 2770 /shared_project # Set SGID on directory
$ chmod 1777 /tmp # Set Sticky Bit

3. User Environment Configuration

The "user environment" refers to the set of variables, paths, and configurations that define how a
user's shell session behaves.

3.1 Key Environment Variables

• PATH: A colon-separated list of directories the shell searches for executable commands.
When you type ls, the shell looks in directories listed in PATH (e.g.,
/usr/local/bin:/usr/bin:/bin).

• HOME: The user's home directory.

• SHELL: The user's default login shell.

• USER / LOGNAME: The current username.

• TERM: The type of terminal emulation (e.g., xterm, linux).

• LANG / LC_ALL: Locale settings for language, character encoding, etc.

• PS1: The primary prompt string (what you see before you type a command).

• Viewing Environment Variables:

$ echo $PATH
$ env # Lists all environment variables
$ printenv # Lists all environment variables

3.2 Shell Configuration Files

When a user logs in or opens a new terminal, the shell reads specific configuration files to set up the
environment. The exact files depend on the shell (e.g., Bash, Zsh) and whether it's a login shell or a
non-login interactive shell.

For Bash (/bin/bash):

• /etc/profile:

• System-wide configuration for login shells.

• Executed once when any user logs in.
• Sets global environment variables, PATH, umask, etc.
• /etc/bash.bashrc (or /etc/bashrc on some systems):

• System-wide configuration for interactive non-login shells.

• Executed every time a new interactive non-login shell is started (e.g., opening a new
terminal window).
• Often sources ~/.bashrc.
 • ~/.bash_profile (User-specific login shell):

• Executed for login shells.

• Reads ~/.bashrc for interactive non-login shells.

• Ideal for environment variables that should apply to the entire session (e.g.,
JAVA_HOME, PATH modifications).

• ~/.bashrc (User-specific interactive non-login shell):

• Executed for interactive non-login shells.

• Ideal for aliases, shell functions, and interactive shell options.
• ~/.profile (User-specific, general login shell):

• If ~/.bash_profile doesn't exist, Bash will look for ~/.profile.

• Used for settings that should apply to any POSIX-compliant shell.

• ~/.bash_logout:

• Executed when a login shell exits.

• Used for cleanup tasks.

For Zsh (/bin/zsh):

Zsh has a similar but distinct set of configuration files:
• /etc/zshenv: Always sourced.

• /etc/zprofile: Sourced by login shells.

• /etc/zshrc: Sourced by interactive shells.

• /etc/zlogin: Sourced by login shells after zshrc.

• /etc/zlogout: Sourced when a login shell exits.

• ~/.zshenv: User-specific, always sourced.

• ~/.zprofile: User-specific, sourced by login shells.

• ~/.zshrc: User-specific, sourced by interactive shells. (This is where most users put their
configurations).
• ~/.zlogin: User-specific, sourced by login shells after zshrc.

• ~/.zlogout: User-specific, sourced when a login shell exits.

3.3 Modifying the User Environment

• Adding to PATH:
# In ~/.bash_profile or ~/.profile (for login shell) or ~/.bashrc (for
interactive shell)
 $ export PATH=$PATH:/opt/my_app/bin

(The export command makes the variable available to child processes.)

• Setting Aliases: Create shortcuts for longer commands.

# In ~/.bashrc

$ alias ll='ls -alF'

$ alias update='sudo apt update && sudo apt upgrade'

• Defining Functions: For more complex multi-command shortcuts.

# In ~/.bashrc
mycd() {
cd "$1" && ls -alF
}

• umask:

• Controls the default permissions for newly created files and directories.
• It's a "mask" that removes permissions.
• Typical umask values:

• 022: (default for root) Files: 644 (rw-r--r--), Dirs: 755 (rwxr-xr-x)

• 002: (common for regular users in groups) Files: 664 (rw-rw-r--), Dirs: 775
(rwxrwxr-x)
• How it works:
• File base permissions: 666 (rw-rw-rw-)

• Directory base permissions: 777 (rwxrwxrwx)

• Subtract umask from these bases to get default permissions.

• Setting umask: Usually set in /etc/profile or ~/.profile.

$ umask 022

3.4 Command Line Editing (Bash History, Tab Completion)

• History:
• history: Displays command history.

• ! followed by history number or command prefix to re-execute.

• Arrow keys for navigating history.

• Ctrl+R (reverse-i-search) for searching history.
• Tab Completion:
 • Pressing Tab key completes commands, file names, and arguments.

• Double Tab shows available options.

• Highly configurable via bash-completion package and scripts.

Conclusion
Mastering user and group management, along with file system permissions and environment
configuration, is crucial for secure, efficient, and collaborative work on Linux systems. These skills
form the bedrock of effective system administration and provide the foundation for deeper dives
into Linux security and resource management.