Linux Fundamentals III
Power-up your Linux skills and get hands-on with some common utilities that you are likely to use day-to-day...
Commands
| Command | Description |
|---|---|
| Edit or create a file |
| Download files from the web via HTTP |
| Copy files & directories from your current system to a remote system and vice versa |
Processes 101
Viewing Processes
We can use the ps command to provide a list of the running processes as our user's session and some additional information such as its status code, the session that is running it, how much usage time of the CPU it is using, and the name of the actual program or command that is being executed.
To see the processes run by other users and those that don't run from a session (i.e. system processes), we need to provide aux to the command (ps aux).
Another very useful command is the top command. It gives you real-time statistics about the processes running on your system instead of a one-time view. These statistics will refresh every 10 seconds, but will also refresh when you use the arrow keys to browse the various rows.
Managing Processes
To kill a command, we can use the appropriately named kill command and the associated that we wish to kill (e.g. kill 1337)
Other useful commands are:
SIGTERM - Kill the process, but allow it to do some cleanup tasks beforehand
SIGKILL - Kill the process, doesn't do any cleanup after the fact
SIGSTOP - Stop / suspend a process
Getting Processes To Start On Boot
Some applications can be started on the boot of the system that we own. For example, web servers, database servers or file transfer servers. This software is often critical and is often told to start during the boot-up of the system by administrators.
Enter the use of systemctl -- this command allows us to interact with the system process. Systemctl is an easy to use command that takes the following formatting: systemctl [option] [service]
For example, to tell Apache to start up, we'll use systemctl start apache2
There are four options with systemctl:
Start
Stop
Enable (for bootup)
Disable (for bootup)
Foregrounding A Process
With our process backgrounded using either Ctrl + Z or the & operator, we can use fg to bring this back to focus.
Automation
Users may want to schedule a certain action or task to take place after the system has booted. Take, for example, running commands, backing up files, or launching your favourite programs on, such as Spotify or Google Chrome.
Crontab is one of the processes that is started during boot, which is responsible for facilitating and managing cron jobs. A crontab is simply a special file with formatting that is recognised by the cron process to execute each line step-by-step. Crontabs require 6 specific values:
| Value | Description |
|---|---|
MIN | What minute to execute at |
HOUR | What hour to execute at |
DOM | What day of the month to execute at |
MON | What month of the year to execute at |
DOW | What day of the week to execute at |
CMD | The actual command that will be executed |
Crontabs also support the use of the wildcard or asterix if we don't wish to provide that field a specific value. Some great resources to help with generating formatting for crontabs are: Crontab Generator and Cron Guru.
Crontabs can be edited using the command crontab -e, where you can select an editor to edit.
Package Management
When developers wish to submit software to the community, they will submit it to an "apt" repository. If approved, their programs and tools will be released into the wild. Two of the most redeeming features of Linux shine to light here: User accessibility and the merit of open source tools.
Whilst Operating System vendors will maintain their own repositories, you can also add community repositories to your list! This allows you to extend the capabilities of your OS. Additional repositories can be added by using the add-apt-repository command or by listing another provider! For example, some vendors will have a repository that is closer to their geographical location.
Adding & Removing Repositories
We use the apt command to install software onto our system. The command is part of the package management software also named apt. It contains a whole suite of tools that allows us to manage the packages and sources of our software, and to install or remove software at the same time.
One method of adding repositories is to use the add-apt-repository command. Whilst you can install software through the use of package installers such as dpkg, the benefits of apt means that whenever we update our system -- the repository that contains the pieces of software that we add also gets checked for updates.
When adding software, the integrity of what we download is guaranteed by the use of what is called keys. These keys are essentially a safety check from the developers saying, "here's our software". If the keys do not match up to what your system trusts and what the developers used, then the software will not be downloaded.
Logs
Located in the /var/log directory, these files and folders contain logging information for applications and services running on your system. Some important logs on an Ubuntu machine are:
An Apache2 web server
The fail2ban service (monitor attempted brute forces)
The UFW service (firewall)
These services and logs are a great way in monitoring the health of your system and protecting it. Not only that, but the logs for services such as a web server contain information about every single request - allowing developers or administrators to diagnose performance issues or investigate an intruder's activity. The two interesting types of logs, are access and error logs.
Answers
Task 3
Edit “task3” located in “tryhackme”’s home directory using Nano. What is the flag? THM{TEXT_EDITORS}
Task 4
What are the contents? THM{WGET_WEBSERVER}
Task 5
If we were to launch a process where the previous ID was “300”, what would the ID of this new process be? 301
If we wanted to cleanly kill a process, what signal would we send it? SIGTERM
Locate the process that is running on the deployed instance (MACHINE_IP). What flag is given? THM{PROCESSES}
What command would we use to stop the service “myservice”? systemctl stop myservice
What command would we use to start the same service on the boot-up of the system? systemctl enable myservice
What command would we use to bring a previously backgrounded process back to the foreground? fg
Task 6
When will the crontab on the deployed instance run? @reboot
Task 8
What is the IP address of the user who visited the site? 10.9.232.111
What file did they access? catsanddogs.jpg
Last updated