Skip to content

Commit

Permalink
Merge pull request kodekloudhub#2 from rahulsoni43/master
Browse files Browse the repository at this point in the history 
Linux Course Documentation by RahulSoni
  • Loading branch information
@mmumshad
mmumshad authored Jun 9, 2020
2 parents 38eeb13 + ba72336 commit bab6334
Show file tree
Hide file tree
Showing 75 changed files with 1,263 additions and 0 deletions.
3 changes: 3 additions & 0 deletions docs/06-Security and File Permissions/01-The Security Incident(story).md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
# Security Incident (story)

Take me to the[Story](https://kodekloud.com/courses/873064/lectures/17074490)
100 changes: 100 additions & 0 deletions docs/06-Security and File Permissions/02-Linux Accounts.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
# LINUX ACCOUNTS

- Take me to the [Tutorial](https://kodekloud.com/courses/873064/lectures/17074499)
- In this section we will take a look at basic access control in Linux.
- We will also learn about about the file permissions. Lets Get Started!

![linux](../images/linux.PNG)


#### User Accounts

- User's informations are stored under **`/etc/passwd`** file.

```
[~]$ cat /etc/passwd
```
- Information about groups is stored into **`/etc/group`** file.
```
[~]$ cat /etc/group
```
![user](../images/user.PNG)
- Each user has a username and a unique ID assigned to them known as user ID or UID.
- The user also has a GID, the group id they are part of, **`id`** command can be use to check these details. for eg:
```
[~]$ id michael
uid=1001(michael) gid=1001(michael)groups=1001(michael),1003(developers)
```
- More details about the user account can be found eg. default shell, home directory using.
```
[~]$ grep -i michael /etc/passwd
michael:x:1001:1001::/home/michael:/bin/sh
```
![group](../images/group.PNG)
- To see the list of users currently logged use **`who`** command.
```
[~]$ who
bob pts/2 Apr 28 06:48 (172.16.238.187)
```
- The **`last`** command displays the record of all logged-in users along with the date and time when the system was rebooted.
```
[~]$ last
michael :1 :1 Tue May 12 20:00 still logged in
sarah :1 :1 Tue May 12 12:00 still running
reboot system boot 5.3.0-758-gen Mon May 11 13:00 - 19:00 (06:00)
```
#### Switching users
- To switch to any user use **`su`** command.
```
[~]$ su –
Password:
root ~#
```
- To run a specific command you can use **`su -c "whoami"`** (This is not recommended way)
```
[michael@ubuntu-server ~]$ su -c "whoami"
Password:
root
```
- To run a command as a root user **`sudo`** command is recommended.
```
[michael@ubuntu-server ~]$ sudo apt-get install nginx
[sudo] password for michael:
```
![who](../images/who.PNG)
- Users listed in /etc/sudoers file can make use of sudo command for privledge escalation.
```
[~]$ cat /etc/sudoers
```
![sudo](../images/sudo.PNG)
- To restrict anyone from directly login as root login, this can be done by setting **`nologin`** shell.
```
[~]$ grep -i ^root /etc/passwd
/root:x:0:0:root:/root:/usr/sbin/nologin
```
74 changes: 74 additions & 0 deletions docs/06-Security and File Permissions/03-User Management.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,74 @@
# USER MANAGEMENT

- Take me to the [Tutorial](https://kodekloud.com/courses/873064/lectures/17074501)
- In this lecture we will learn how to create and manage user accounts in Linux.

#### User Add

- To create a new local user **`bob`** in the system use **`useradd`** command.

```
[~]$ useradd bob
```
- To get more details about **`bob`** account like, home director, uid, and shell use **`/etc/passwd`**
```
[~]$ grep -i bob /etc/passwd
bob:x:1002:1002::/home/bob:/bin/sh
```
![useradd](../images/useradd.PNG)
- To check the uid or username of the user logged in user **`whoami`** command.
```
[~]$ whoami
bob
```
- All user's password are store under **`/etc/shadow`**
```
[~]$ grep -i bob /etc/shadow
bob:!:18341:0:99999:7:::
```
- To change the password of current user use **`passwd`** or for any specific user use **`passwd <username>`**
```
[~]$ passwd bob
Changing password for user bob.
New UNIX password:
Retype new UNIX password:
passwd: all authentication tokens updated
successfully.
```
# Managing Users
- **`useradd`** command be used along with many attributes as show below.
```
[~]$ useradd -u 1009 -g 1009 -d /home/robert -s /bin/bash -c ”Mercury Project member" bob
```
![manage](../images/manage.PNG)
- To delete a user use **`userdel`** command
```
[~]$ userdel bob
```
- To add a group use **`groupadd`** command
```
[~]$ groupadd –g 1011 developer
```
- To delete a group user **`groupdel`** command
```
[~]$ groupdel developer
```
44 changes: 44 additions & 0 deletions docs/06-Security and File Permissions/04-Access Control Files.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,44 @@
# ACCESS CONTROL FILES

- Take me to the [Tutorial](https://kodekloud.com/courses/873064/lectures/17074502)

- Access Ccontrol files are stored under **`/etc`**.
- Can be read by anyone and can be only edited by **`root`** user.


### Control files

- To get more details about one's account for example **`bob`** account, home director, uid, and shell check **`/etc/passwd`**

```
[~]$ grep -i ^bob /etc/passwd
bob:x:1002:1002::/home/bob:/bin/sh
USERNAME:PASSWORD:UID:GID:GECOS:HOMEDIR:SHELL
```
![passwd](../images/passwd.PNG)
- Password are stored under **`/etc/shadow`**
```
[~]$ grep -i ^bob /etc/shadow
bob:$6$0h0utOtO$5JcuRxR7y72LLQk4Kdog7u09LsNFS0yZPkIC8pV9tgD0wXCHutY
cWF/7.eJ3TfGfG0lj4JF63PyuPwKC18tJS.:18188:0:99999:7:::
USERNAME:PASSWORD:LASTCHANGE:MINAGE:MAXAGE:WARN:INACTIVE:EXPDATE
```
![shadow](../images/shadow.PNG)
- Check the groups **`bob`** belongs too
```
[~]$ grep -i ^bob /etc/group
NAME:PASSWORD:GID:MEMBERS
```
![egp](../images/egp.PNG)
# HANDS-ON LABS
- Lets start with Managing and User Accounts [here](https://kodekloud.com/courses/the-linux-basics-course/lectures/17074503)
114 changes: 114 additions & 0 deletions docs/06-Security and File Permissions/05-File Permissions.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,114 @@
# LINUX FILE PERMISSIONS

- Take me to the [Tutorial](https://kodekloud.com/courses/873064/lectures/17074504)

- In this lecture we will learn about various file type identifiers.
- We will also learn about various Linux file permissions that can be applied on the file or the directory.

![perm](../images/perm.PNG)


![type](../images/type.PNG)


#### Directory Permission

- To list the directory permission use

```
[~]$ ls -ld /home/bob/random_dir
```
- To know the current user
```
[~]$ whoami
```
- To change the change the directory
```
[~]$ cd /home/bob/random_dir
```
#### File Permissions
- Linux file permissions are defined as
![filep](../images/filep.PNG)
#### Modifying file permissions
- Use **`chmod`** command to modify the file permissions.
- Provide full access to owners
```
[~]$ chmod u+rwx test-file
```
- Provide Read access to Owners, groups and others, Remove execute access
```
[~]$ chmod ugo+r-x test-file
```
- Remove all access for others
```
[~]$ chmod o-rwx test-file
```
- Full access for Owner, add read , remove execute for group and no access for others
```
[~]$ chmod u+rwx,g+r-x,o-rwx test-file
```
- Provide full access to Owners, group and others
```
[~]$ chmod 777 test-file
```
- Provide Read and execute access to Owners,groups and others
```
[~]$ chmod 777 test-file
```
- Read and Write access for Owner and Group, No access for others.
```
[~]$ chmod 660 test-file
```
- Full access for Owner, read and execute for group and no access for others.
```
[~]$ chmod 750 test-file
```
#### Change Ownership
- Changes owner to bob and group to developer
```
[~]$ chown bob:developer test-file
```
- Changes just the owner of the file to bob. Group unchanged.
```
[~]$ chown bob andoid.apk
```
- Change the group for the test-file to the group called android.
```
[~]$ chgrp android test-file
```
# HANDS-ON LABS
- Lets do some hands on labs to understand File Permission better. [Take me to Labs](https://kodekloud.com/courses/873064/lectures/17074516)
Loading

0 comments on commit bab6334

Please sign in to comment.