To be entirely transparent, prior to beginning the technical portion of this series, I am using Debian-based distros and therefore much of what I cover from here on out may seem catered to them. Regardless, I’ll do my best to cover as many other bases as possible - so let’s get started.
One important feature to note about Linux prior to diving into the juicy stuff is that it makes heavy use of software repositories. In Windows and OS X, applications are generally downloaded from the developer’s website and installed utilizing an archived file that, when executed, decompresses and installs all the application’s various components. In Linux, we make use of Package Managers to install or update applications. Repositories can be thought of as servers hosting software packages. Each distribution hosts their own repositories containing the source code of all these various applications that are specially compiled specifically for their version of Linux. Thus, when installing an application seemingly magically using the apt-get install or yum commands, your computer knows exactly where to get the packages from. Because of digital signatures embedded in the repositories, you can assume this process is safe. It is only when adding external repositories that you need to be cautious. When downloading packages from repositories, know that a package contains only the application itself. If the application depends on anything else to run, such as libraries, those must be downloaded separately. These packages are appropriately named dependencies.
Different distributions make use of different package managers:
Debian Distributions - packages take the .deb format and can be managed at the command line using the Advanced Packaging Tool (APT). The process of actually installing or removing an application is handled by the Debian Package System (dpkg), while apt tracks more logistical things like the versions of software you have installed. If you attempt to install an up-to-date version of an application but your installed dependencies are outdated, apt will inform you and often times even offer a solution. A GUI package manager called Synaptic is available for Debian distros, such as Ubuntu. APT guide here.
Arch Linux - the pacman package manager is utilized by Arch users and boasts more advanced features, such as automatic dependency resolution. Pacman guide here.
OpenSUSE - utilizes Zypper. Guide here.
Red Hat - comparable to Debian’s APT, Red Hat distros often use YUM and DNF (Dandified YUM). Guides here and here.
To sort of reiterate here, software is compiled specifically for your Linux distribution. Users should take necessary precautionary steps prior to adding private repositories that exist outside of those trusted by your operating system.
Updating Your System
The guides above discuss the commands for updating and upgrading your system. Doing so at the command line allows you to update/upgrade all your packages in a single command. If you need to upgrade anything on your system, you generally want to run the update command first as this essentially tells those packages where to get the upgrade from. Upgrading will do so on existing packages to their newer versions - it will not add or remove anything. Sometimes this may cause incompatibilities between packages, which then requires a distribution upgrade. Performing this action will also update your system’s kernel. In many distributions, a new kernel is created each time as opposed to overwriting the existing one. This way, if there are issues when booting with the new kernel, you can select an older one from the boot menu. Because of all of these various working parts and the issues that may arise, it is advisable to 1.) consult the best-practices of your distro prior to upgrading, 2.) backup all of your data before upgrading and 3.) have a LiveUSB on hand in case anything goes wrong.
The File System
As you may have noticed from the package managers, much of what you’ll find in Linux is displayed in shorthand of some kind. The File System is a great example of that and can be a source of confusion for new users. In Windows, for example, under the root directory C:\ you’ll see paths such as Program Files, Windows, TempPath, etc. Navigating the Linux file system is a little trickier at first because you have to learn what each directory correlates to. To view your root directory, simply open your file browser or use a cd / command in terminal. Your root directory will probably look something like this:
Here’s an overview of each of these directories:
/ - First and foremost is the root directory itself, which is obviously not the same thing as the /root directory. Only the root user has permissions to write here.
/bin - Short for “user binaries” and contains a large chunk of commands used by system users. Examples include ls, chmod, cat, dir, pwd, rm, grep, tar, etc (more on these later).
/boot - This directory is referenced during the actual boot sequence. The Linux kernel and GRUB (GNU GRand Unified Bootloader, essentially the MBR) exist here.
/dev - Short for “device files”. Any files associated with hardware devices are located here
/etc - Within are our configuration files for installed programs. For example, on Debian distributions the /etc/apt/sources.list file shows installed repositories.
/home - The home directory is simple enough, maintaining just the personal files of each system user.
/lib - System libraries. Libraries are essentially coding rules referenced by applications in order to work. In this case, /lib is referenced primarily by system-critical processes. Other directories will have a child /lib directory that they reference for their own use.
/lib64 - This contains the 64-bit architecture of the libraries found in /lib
/media - This will be utilized when you mount external media devices
/mnt - Short for “mount directory” and is used when mounting other filesystems, such as in the case of file restores.
/opt - Contains optional add-ons for applications not included in the default installation.
/proc - Maintains information about system processes, such as those found in System Monitor:
/root - The root user’s home directory.
/run - Filesystem designed to store application data necessary for operation.
/sbin - Shorthand for “system binaries”. Has a similar function of the /bin filesystem but contains the tools required by the root user for system maintenance and administration. Examples include ifconfig, ldconfig, etc.
/srv - “Service” data. Subdirectories are specific to services generating this information.
/sys - System directory, which was implemented to provide a structured location for various bits of system information.
/tmp - Temporary location for data written by applications, such as web browsers.
/usr - Contains all user programs and other things thereunto pertaining. /usr has several subdirectories it relies on like those shown here. Examples include /usr/lib and /usr/sbin
/var - “Variable files”. These are generally important system files that are frequently changing.
You can view the permissions of any file or folder by right clicking it and navigating to Properties in your file explorer, or simply by typing ls -l in the command line. If you run this against an empty folder, however, it will not return anything. Like many other filesystems, permissions applied to a folder will be inherited by child items unless manually specified otherwise. You will note three levels of permission - Read (r), Write (w) and Execute (x):
Read - Members can view the contents of a folder or file.
Write - Members can create, delete and rename items.
Execute - Members can run applications. When applied to a folder, execute permissions pertain to who can access that directory. If a user or group doesn’t have execute permissions to a folder, they will not be able to view its contents.
That being said, permissions apply to three different categories: Owner, Group and “Other”. Performing a ls -l command on my /sys folder yields the following permissions:
First and foremost, the ‘d’ specifies that the object in question is a directory, also indicated by the blue color of the object to the right. ‘-‘ would indicate a file, and ‘l’ a link. The first group of three letters following the ‘d’ shows that the Owner has rwx permissions - that is full permissions to this object. The next group of three shows r-x, meaning any groups with permissions to the folder cannot create or remove child objects. This is repeated for all other users, indicated by the last three letters.
The various other bits of information are explained below:
Read, write and execute permissions also maintain numerically valued counterparts and can be modified using the below integers:
To modify the owner of an object in the filesystem, we use the command chown (change owner). This also requires the sudo (super-user do) precedent, as changing an object’s ownership requires root-level privileges. Very much so in the same fashion, if we wanted to change the group-level permission of a file we would use the command sudo chgrp. Hopefully it’s clear what that command is shorthand for. Syntax for these commands are as follows:
sudo chown/chgrp <user/group> <object>
To change individual and group ownership of the directory “supersecret”, your commands will end up looking like this:
We can also do this in a single command by separating the two with a colon:
The chmod (mode) command is what we utilize to actually grant or remove read, write and execute permissions to an object. We do this first by specifying if we are targeting the User (owner), Group or Others (abbreviated as ‘u’, ‘g’ and ‘o’ respectively), then if we are adding/removing permissions (+/-), and finally the type of access (‘r’, ‘w’, ‘x’). If I wanted to remove ‘read’ permissions for Others to the above directory, I would use the command:
If you are the owner of an object you can omit the ‘sudo’ command. You can apply any number of combinations to members and permissions in a single command, so toy around with this feature a bit:
Simply utilizing chmod go-rwx <folder> makes a directory entirely private. Remember that file and folder permission alterations are handled in a similar fashion, with the primary difference being that ‘executable’ permissions on folders will allow or disallow access appropriately. Subfolders will always inherit the permission of their parent unless specified. That said, even if you have execute permissions to a child folder, you won’t be able to access it unless you also have execute permissions to the parent.
Getting Your Hands Dirty With The Command Line
Probably the most robust and useful feature of Linux is its terminal. Most Linux terminals make use of bash, or Bourne Again SHell. Everything you can do through a GUI can usually be done faster or more efficiently from the command line. Many functions related to system administration can only be done from the command line, and many tools exist only in a command line format. I’ll be saving the overwhelming majority of this topic for the next article, but I’d like to at least demonstrate how to navigate the file system.
Let’s go ahead and open up our terminal, which we can do by searching for it or hitting CTRL+ALT+T. You will see something similar to this:
Reading from left to right, the terminal is telling you that you are the user root on the host named kali. The tilde (~) lets us know we’re currently in our home directory and the # tells us we are operating with root privileges. If we were a standard user, this would change to a $. We can also print our working directory simply by using the pwd command:
If we want to change our directory, we can do so by utilizing the cd command. To assist us, we can list everything within our current working directory with ls:
If we aren’t sure how to appropriately interact with an object, we can use the file command to learn more about it. If it’s an executable file, simply use the syntax ./<file> :
Most tools available in bash can do multiple things or interact with the system in a variety of ways through the use of command options, which was demonstrated in our File Permissions discussion. To view all available options, we actually use a command option in the form of usually -h, -help or --help (depending on the tool):
For more in-depth information about any tool, simply precede the tool name with man to display the manual pages. If you ask simple questions on forums regarding “how to do _____”, you’ll be kindly reminded that the man pages exist for a reason:
As we’re navigating our system, we can use Tab to auto-fill our commands, making things even quicker and easier. Unlike Windows, Linux is case sensitive and will throw errors if you, for example, attempt to change your directory to “desktop”. If we want to move up a folder, rather than cd-ing to the directory manually we can simply use cd .. :
So now we know the basics of moving around the system. What if we wanted to modify a file in one directory, then copy it to another? There are a handful of commands that are absolutely needed for day-to-day use. I will include them below but, rather than explaining them and how they work, I will leave you with your own curiosity in hopes that you will research or, better yet, experiment with them. You now have the knowledge to get up and walking - next article we’ll start running with an aggressive guide to the command line and some concluding tips and tricks to make your experience easier.