The “Mac vs. PC” television ads from several years back were entertaining but not necessarily accurate depictions of the mindset behind Apple and Windows users. In truth neither users nor administrators of any particular operating system can be easily categorized or pigeonholed. Apple computers aren’t necessarily wielded exclusively by glamorous “go against the grain” hipsters nor are Windows systems relied upon by stodgy corporate heads.
However, it is a fact that all operating systems have an array of similarities and differences between them. While the similarities can provide universal standards to help orient new users and administrators, the differences can make them daunting to learn. This is exemplified by the gap between Windows and Linux administration. Windows administrators have always had more than enough tasks on their plates and finding the free time to spend dabbling with other operating systems can be a difficult. Windows has held a dominant place in the enterprise for decades, but that doesn’t guarantee the future, and there is plenty of room at the expanding table of business technology. While Linux usage remains low on the desktop, it runs on over one third of web servers and a whopping 96.4% of supercomputers, according to Wikipedia.
Let’s look at the history of Linux for a moment. Linux is an open source operating system which is basically a derivative of UNIX. Invented by Linux Torvalds in 1991, many versions (known as “distributions”) are available both for free and via commercial means. Linux runs on desktops, servers, mobile devices and other hardware.
Linux momentum has grown steadily since 1991, accelerating even further as of late. A ZDNet article from February 2014 states that “77 percent of hiring managers have ‘hiring Linux talent’ on their list of priorities for 2014” and “more than nine out of ten hiring managers plan to bring Linux professionals on board in the next six months.” The Linux Foundation released an “2013 Enterprise End User Report” claiming five year plans for increased OS investments demonstrate an 80% increase in the use of Linux whereas an increase of only 20% in the Windows segment. Readwrite.com goes so far as to encourage: “Keep Learning Linux – It’s the Future.”
Some of the reasons behind the advance of Linux include a proven track record in corporate server environments, reliability and security, appearance in various popular platforms such as on Android devices, and the increased use of cloud computing. The cloud has helped reduce desktop application complexity by replacing many traditional Windows programs with a web browser, thereby making the operating system easier to replace with free open-source alternatives.
The purpose of this article isn’t to state Linux is better than Windows, but rather to emphasize it is a growing field with tremendous opportunity for businesses seeking to deploy it and system administrators who want to learn more about it. It can be a challenge for newcomers since Linux is generally perceived as extremely complex, but keep in mind that “complex” also means “powerful.” There are many different ways to perform different functions in Linux from simple manual tasks to intricate automated scripts. Whether you’re starting down the path of Linux administration or would like to learn more about the topic from a Windows perspective, this guide can help orient you.
Prerequisites for users of this guide are familiarity with concepts of system administration such as creating users, working with permissions, managing programs and processes, configuring hardware such as network details and hard drives and reviewing event logs for errors.
There are many Linux distributions such as Red Hat, Fedora, Debian, and Ubuntu. These tips and screenshots are based on Red Hat Linux administration, since that is generally the corporate standard, but should also work on most if not all other Linux flavors.
In order to get started, let’s compare the similarities as well as differences between Windows and Linux.
Similarities between Windows and Linux
- Configurable boot up sequence/device drivers/startup programs/services.
- User and administrator accounts (administrator on Windows / root on Linux) are needed.
- Files work the same; some are data, some are executable programs, others represent settings.
- Directories are used to store files.
- User profile environments set parameters for how accounts operate.
- Applications are installed/run/removed.
- Either can work as file, application, web, DNS, DHCP, or print servers.
- Certain infrastructural underpinnings like file systems and network protocols (TCPIP) and services ( DNS, DHCP, NTP) apply for each.
- Scheduled tasks/scripts are run on both operating systems.
- It’s easy to see what’s running and stop unwanted processes.
- Command line knowledge isn’t required for either, but it definitely helps – especially with Linux!
- Files can be transferred or shared between systems.
- Viruses can infect each operating system (but the bulk of these are geared towards Windows).
- System lockups or crashes can occur.
- Patching is required for best security practices.
- Some administrative tasks can be exceedingly difficult – Microsoft’s Configuration. Manager (also referred to as SCCM) can be difficult to maintain and administer, but the same applies for a similar Linux product called Puppet.
- Each has a strong technology culture behind it with enthusiasts in both camps (contrary to myths that Windows is for regular people/Linux is for the analytically-included).
- Both Windows and Red Hat Enterprise Linux cost money (though many other Linux blends are free of charge, particularly the desktop versions).
Differences between Windows and Linux
- Windows is proprietary meaning the source code is unavailable to the public or the user. Linux is open source meaning the code can be accessible by anyone.
- The graphic user interface (GUI) is not the same; the Linux GUI is more of a shell whereas Windows provides a richer GUI with more administrative capabilities than Linux.
- Linux offers different GUIs such as Gnome or KDE, but these can look a bit dated – not as “flashy” or polished as Windows.
- Windows uses letters to represent local or network drives (which are “mapped”). There is no C: drive (nor any other letter) in Linux, which groups drives and directories in a single hierarchical structure (“/” for the root directory, “/home” for user home folders, “/mnt” for local/remote file systems, etc.)
- Windows uses the registry to store system/application/user information. Linux does not, relying instead on configuration files.
- Linux doesn’t always use file extensions.
- Windows denotes executable files with certain extensions such as .exe, .bat and .com. Linux marks files as executable both via the extension and the permissions, meaning any file can be executed.
- Windows files are not case sensitive; Linux files are (meaning Linux.conf is a different file from linux.conf and you need to refer to it with the appropriate case)
- Linux doesn’t directly use Active Directory or Group Policies but authentication can be tied into AD using Lightweight Directory Access Protocol (LDAP).
- Linux is more stable and less prone to odd lockups, freezes and delays – not immune, but often provides better performance than Windows.
- Linux has a long history of traditional commands; Windows changes more frequently as new developments such as Powershell come about.
- Linux rebuilds are less frequent since the OS has less of a tendency to get “tangled up.”
- It can be more challenging to resolve Linux issues – online forums might help but any advice provided may depend on advanced knowledge by the user/administrator.
- Some administrative tasks which are easy in Windows (formatting drives, configuring settings, reviewing error logs) can be more difficult in Linux.
- Games are better on Windows (but this is not much of an issue in most business environments except game manufacturers).
Getting oriented to Linux
The best way to get more familiar with Linux is by examining some of the above similarities and differences to see what’s involved, then try out the concepts in this guide using a test environment (do not experiment on a live production environment, as this could have disastrous results). It is recommended that you obtain a copy of Linux and install it to run through these commands and functions. A good example is Scientific Linux, a Red Hat derivative, available at http://www.scientificlinux.org.
To reiterate, Linux administration doesn’t require exclusive use of the command line – and in fact there are many GUI tools to further help you get things done in Linux such as installing and running programs, managing users, obtaining and setting network details, searching for files, working with drives and partitions, managing processes and files, reviewing system logs and more. Linux offers different GUI environments such as GNOME and KDE, which allow users to set up and customize their environments and perform tasks using the mouse. However, it’s also important to know how and why certain things work from the ground up to understand Linux methods as they compare to Windows.
A note about the command line: Linux can be more demanding than Windows in terms of requiring absolutely perfect syntax when interpreting commands. Spacing, dashes and slashes are routine elements of a properly executed command line function. You can always type “man [command]” (e.g. man ls to examine the details and switches used when running the Linux equivalent of “dir”) to get help on how a command runs, or browse the web for examples if you find yourself stuck with errors. It is also recommended that you research and fully test all commands shown here for further details and functionality.
This entirety of this guide will focus on the following introductory Linux concepts:
- Creating and managing user accounts, passwords and groups
- Working with files, directories and permissions
- Granting administrative privileges
- Installing programs/services and setting startup processes
- Managing running processes
- Working with user environments
- Formatting drives/partitions
- Mounting devices/configuring, accessing and sharing network resources
- Working with shell scripts
- Troubleshooting/checking logs
- Useful Linux command-line tricks
- Getting free help/resources for further information
These concepts have been split up into separate articles to make the learning process more digestible.
The Linux installation process is not covered, mainly because it’s a simple and straightforward procedure (which has come a long way; it is now quite similar to the Windows installation experience) and specific documentation is usually provided with the installation media that can help you complete this task if needed.
1. Creating and managing user accounts, passwords and groups
To create accounts you’ll need to log in as the root (administrator) account or use the “su root -” (substitute user) command while logged in with an existing account then enter the root password to work with elevated privileges (see #3 for further details). If you’ve built a test system to experiment with Linux, chances are your first login will be as root.
Once you have root access creating user accounts is as simple as typing:
The account will be created. You’ll want to set a password too, of course. Enter:
You will be prompted to enter the password twice, after which it will be assigned to the account.
What if you want to set the account to be disabled after a certain date?
Run useradd -e [date account should expire] [account]
For instance this command will create a user account called “smatteso” which will expire after June 30, 2014:
useradd -e 2014-06-30 smatteso
To lock an account (such as when a user has departed the company) enter:
passwd -l [account]
To unlock an account use:
passwd -u [account]
To view account status for a user:
passwd -S [account]
For instance this yields:
smatteso PS 2014-05-29 1 60 7 -1 (Password set, MD5 crypt.)
- “PS 2014-05-29” refers to when the password was last set.
- “1” shows the minimum number of days that must pass before the password can be changed.
- “60” shows the maximum password age in days
- “7” shows the number of days before password expiry during which the system will remind a user of the upcoming expiration.
- “-1” specifies the maximum number of days an account can remain unused; in this case it means it will remain valid indefinitely.
User account information is stored in a file called /etc/passwd. You can view the file by typing:
Seven fields are shown for each user account. Using the smatteso account as an example, here is what these fields represent:
- “smatteso” is the username.
- “x” indicates that an encrypted password is stored in a file called /etc/shadow (which contains passwords in an unreadable format)
- The first “501” represents the user ID; a unique value similar to a Windows security identifier or “SID.”
- The second “501” represents the primary group ID for the user.
- “home/smatteso” signifies the user home directory (similar to Windows, every user generally has one)
- The “::” section is a comment field which is blank; information about the user could be entered here. In the case of the “admin” account shown above “smatteso” the comment reads “RHEL 6.”
- “/bin/bash” is the location of the user’s shell or the command processor (more on that later in this guide)
Groups are used to provide access privileges for large sets of users. These are stored in the /etc/group file. You can view the file with the “cat” command (which lists file contents) by typing:
This file shows all groups and their members. It is a bit less complex than /etc/passwd and works in a similar fashion. In the example of the “wheel” group you will see:
- “wheel” is the group name.
- “x” indicates that an encrypted password is stored in the /etc/shadow file
- “10” is the group ID.
- “smatteso” represents the user in the wheel group; if there were multiple users these would appear here.
A simple way to find out which groups a user belongs to would be to enter:
You can use “groupadd” to create groups, “groupmod” to modify groups, “gpasswd” to add or remove members to groups and “groupdel” to delete groups.
To create a new group called accounting use:
To rename the accounting group to finance use:
groupmod accounting -n finance
To add the user smatteso to the finance group:
gpasswd -a smatteso finance
(note if you run this multiple times it will not prompt you the user already exists in the group)
To remove the user smatteso from the finance group:
gpasswd -d smatteso finance
To delete the finance group use:
You can edit the /etc/passwd and /etc/group files directly to speed up your system administration. This involves using the Vi text editor in Linux to safely edit these files. Use “vipw” for /etc/passwd and “vigr” for /etc/groups.
Here’s what vipw will do:
Vi can be a bit tricky to learn because it is not quite as user-friendly as the Windows Notepad application, but there are plenty of useful guides online to help get you oriented. For the purpose of this step all you need to do is hit the “INSERT” key when the file opens to turn on editing mode. You can then use the arrow keys to scroll to any part of the file and add/delete characters as needed. For instance, if you wanted to rename “smatteso” to “smatt” or create a similar user (remember to set a different user account name and ID) you could do so.
Hit the Esc key to exit editing mode when you are done, then type “:wq!” to save and exit the file. Note: if something goes wrong and you just want to exit the file without saving, press Esc then q! to exit.
The same principle works when using “vigr” to access the /etc/group file.
2. Working with files, directories and permissions
In order to understand how files, directories and permissions work you have to review the base directory structure on a Linux system. Whereas a Windows server may have folders such as C:\Users, C:\ProgramData and C:\Windows, Linux organizes directories on the filesystem in the following way, with every folder preceded by a “/” or forward slash:
Directories on different partitions or physical disks may be included here, so unlike the C: and D: drives on many Windows servers this is an all-inclusive view.
Navigating through directories is the same as in Windows; use the “cd” command. For instance, “cd /etc” will take you to the /etc folder. “cd ..” will take you down a folder level; back to the root level for instance. Folders are created and removed with the “mkdir [folder name]” and “rmdir [folder name]” commands (necessary permissions required, of course).Directories on different partitions or physical disks may be included here, so unlike the C: and D: drives on many Windows servers this is an all-inclusive view.
Use the “ls” command to list files and directories the same way “dir” works in Windows. You can use wildcards to look for certain files. For instance, this command will look for all files ending with “.conf”:
Running “ls -l” will show you output in a “long listing format” similar to the following:
Remember, Linux files are case sensitive – if you want to edit the X11 file you can’t refer to it as “x11” since the upper-case X is used.
Note the information to the left of the file names – much of this detail signifies permissions and owners. Let’s use syslog.conf as an example.
-rwxr-xr-x 1 root root 1460 Nov 3 2011 syslog.conf
The first 10 characters signify the following:
Permissions are signified by r (read), w (write) and x (execute).
- The “1” to the left of “root root” represents the number of hard links (aliases) to the file.
- “root root” signifies that “root” is the owner and that the “root” group has permissions on the file. So for syslog.conf the “root” user has read, write and execute (rwx) permissions, the “root” group has read and execute (rx) permissions, and all other users have read and execute (rx) permissions.
- “1460” denotes the file size in bytes.
- “Nov 3 2011” refers to the date the file was last saved.
How can you set and remove permissions for the owner, group and all users? Use the chmod command. “Chmod +” will add permissions and “chmod -” will take them away, based on the following permission groups:
- u – Owner
- g – Group
- o or a – All Users (it’s preferable to use “a” since it’s more intuitive, as it stands for “all”)
Again, the permissions that are used are:
- r – Read
- w – Write
- x – Execute
If you wanted to add “write” permissions to syslog.conf for the group owning it you would use:
chmod g+w syslog.conf
(whereby “g” represents “Group.”)
The permissions would then appear as shown when you run ls -l and look for syslog.conf:
The same chmod principle applies for u (owner) / o or a (all users); just substitute “u” or “a” for “g.” For example, to grant executable access to the user who owns the file:
Chmod u+x syslog.conf
To remove the permissions granted by the above commands type:
chmod g-w syslog.conf
chmod u-x syslog.conf
Chmod can also be applied using a combination of number-based permissions for deeper granularity and control.
How about setting the owner or group on a file? You would use the “chown” command for that.
chown [account] [filename]
For instance to grant the user smatteso ownership on syslog.conf you would run:
chown smatteso syslog.conf
The same applies to a group, using the addition of a colon before the group name:
chown :[group] [filename]
For example, chown :root syslog.conf would then set the root group as owning the file.
How about copying the owner/group settings from an existing file? Easy – use the following:
chown –reference=[sourcefile] [targetfile]
If you wanted to use a file in /etc called filelog as the source and our sample syslog.conf file as the target the command would appear as shown (you must specify the path to the target file if you are not in the same directory in which it appears):
chown -reference=/etc/filelog syslog.conf
How can you set owner/group on all files in a subdirectory? Use chown with the -R (recursive) switch to expand its scope:
chown -R smatteso:root etc/
Obviously these commands can do great damage if misused, so proceed with caution; this is why it makes sense to run them in a test environment to build experience with them.
You may have noticed that the permission capabilities seem a bit limited in Linux so far. In Windows you can provide various types of access to numerous users and groups, such as providing Bob with read-only access, Accounting with read-write access and HR with read-only access. Linux allows similar functionality via the use of the “getfacl” and “setfacl” commands, which will display and set access control list (ACL) permissions.
Let’s say a file called “Trolltech.conf” needs multiple ACL permissions assigned. You can run “getfacl Trolltech.conf” in the directory in which the file is located (or specify it in the path, such as “getfacl /etc/Trolltech.conf”) A permission list similar to the following is shown:
In this case no special permissions are assigned; the owner and group are both root.
Setfacl can be used to apply specific read, write and execute permissions (r/w/x) for users and groups using the “-m” switch. If you wanted to provide smatteso with read access to Trolltech. conf you would type:
setfacl -m u:smatteso:r Trolltech.conf
- “-m” adds the permission.
- “u:smatteso” signifies you are granting access to a user (u) – groups would be represented with a “g”.
- “smatteso:r” means that smatteso is receiving “read” permissions.
To assign the accounting group read and write permissions to the file type:
setfacl -m g:accounting:rw Trolltech.conf
The screenshot below shows the command applied, then the “getfacl Trolltech.conf” command run to verify the ACL change:
As you can see, the accounting group now shows “rw” permissions.
To remove permissions, use the “-x” switch. If you wanted to remove access for the user smatteso you would run:
setfacl -x u:smatteso Trolltech.conf
Running getfacl Trolltech.conf shows the permission has been removed:
Just like with copying the owner/group settings for a file, you can copy file permissions as well. Use the command:
getfacl file1 | setfacl –set-file=- file2
To copy the permissions from Trolltech.conf to a file called testfile.conf use this string:
getfacl Trolltech.conf | setfacl –set-file=- testfile.conf
You can use getfacl and setfacl on folders in the same way. As in Windows, folder permissions “trickle down” so that having access to a folder allows a user to have access to all the subfolders and files contained therein. To use setfacl to provide access on a folder and all of its contents the -R recursive switch comes into play. Let’s say you want to grant rw permissions to the “testfolder” directory for the accounting group. Run:
setfacl -Rm g:accounting:rw testfolder
That “-Rm” means to apply the permission recursively.
To remove the permission, use the “x” switch:
Setfacl -Rx g:accounting testfolder
3. Granting administrative privileges
Now that you’re familiar with setting up user accounts and granting permissions, it is recommended that you use a standard account rather than root to conduct further exercises and testing. The reason for this is that, just like running as Administrator in Windows, it’s not secure to work as root except on a temporary basis. As with Windows, Linux has a “run as administrator” function to let users perform certain tasks with elevated root account rights. This involves a command called “su” which stands for “substitute user”:
su root –
You will be prompted for the root password. After typing it in you’ll be working as root. Type “exit” when done to return to your normal account.
What if you want others to be able to run commands as root without actually having to provide them with the root password? That’s where the sudoers file comes in. This file allows you to permit users to operate as root. Located at /etc/sudoers, you can edit it directly using the command “visudo,” which opens it within the Vi terminal editor, as shown with “vipw” and “vigr.”
Scroll down near the bottom and look for the “Allow root to run any commands anywhere” section:
In the example above I’ve added this line under the “root” entry (tabs are used between the sections):
“smatteso ALL=(ALL) ALL”
- “smatteso” represents the account
- The first “ALL” signifies which terminal (workstation name) the user can run sudo from.
- The second “ALL” represents the account(s) the user can run sudo as (you can use other accounts besides root).
- The third “ALL” demonstrates which commands the user may run sudo as (make sure to specify the full path to the commands).
Therefore, you can enforce powerful controls for users to whom you wish to grant sudo access; you can restrict them to a single workstation, a single user, and even a single command. If you want to include multiple entries for each category just separate them with a comma. For instance, this would restrict the user to only be able to run the “/usr/bin/apt-get*” and “/etc/init.d/apache2 restart” commands:
smatteso ALL=(ALL) /usr/bin/apt-get*, /etc/init.d/apache2 restart
You can also use the “NOPASSWD: ALL” option (under the “Same thing without a password” section) so the user won’t be prompted for their password when switching to root access:
“smatteso ALL=(ALL) NOPASSWD: ALL”
Hit the Esc key to exit editing mode when done, then type “:wq!” to save and exit the file.
Note: if something goes wrong and you just want to exit the file without saving, press Esc then q! to exit.
Now when this user needs to run commands as root, they can simply type “sudo -s” to switch to root access, with or without a password prompt depending on your configuration. Once again, they should type “exit” when done to resume working under their standard user credentials.
Typing “whoami” will return your current account name, which helps to avoid confusion if you’re not sure who you are!
This covers the first three sections of the guide. Part II will be published in August 2014 and will continue the series.