Linux Super notes

############
Creating Users
############

useradd—————

create a user with default home directory
useradd -m <username>

Create a user with different home directory
useradd -m -d <directoy> <username>

Create A User With An Expiry Date
useradd -e 2016-02-05 <username>
###note The date must be specified in the format YYYY-MM-DD

How To Create A User And Assign It To A Group
useradd -m <username> -G <group>

Force Creation Of A User Without A Home Folder
useradd -M <username>

Adjusting Login Defaults Within Linux
The file /etc/login.defs is a configuration file which provides the default behavior for login activities.

sudo nano /etc/login.defs

The login.defs file contains the following settings which you might want to change:

PASS_MAX_DAYS – how long before a password expires
PASS_MIN_DAYS – how often can a password be changed
PASS_WARN_AGE – number of days warning before a password expires
LOGIN_RETRIES – number of login attempts before failure
LOGIN_TIMEOUT – how long is it before the login times out.
DEFAULT_HOME – can a user login if no home folder exists
Note that these are the default options and they can be overridden when creating a new user.

groupadd—————–

moduser——————

add user to a group
usermod -aG <group> <username>

############
Files, Directories, and Permissions
############

delete a directory—-

rm -rfR <directory>

Create a directory—-

mkdir <directory>

Folders with limited size——-
https://askubuntu.com/questions/841282/how-to-set-a-file-size-limit-for-a-directory

set folder permissions——-

to give all permissions but limit delete
chmod +t <directory> #### sticky bit so that only file owner can rename or delete the file.
chmod 777 #### set all users read write execute

Recursive folder permission changes
– for directories # find /opt/lampp/htdocs -type d -exec chmod 755 {} \;
– for the folders # find /opt/lampp/htdocs -type f -exec chmod 644 {} \;

The group ownership can be inherited by new files and folders created in your folder /path/to/parent by setting the setgid bit using chmod g+s like this:

# chmod g+s /path/to/parent

Sticky Bit Special Permissions (or limiting delete) ———

The sticky bit can be very useful in shared environment because when it has been assigned to the permissions on a directory it sets it so only file owner can rename or delete the said file.

To set the sticky bit on a directory named dir1 you would issue the command chmod +t dir1.

https://www.linux.com/learn/understanding-linux-file-permissions

Using umask ——–

Octal value : Permission
0 : read, write and execute
1 : read and write
2 : read and execute
3 : read only
4 : write and execute
5 : write only
6 : execute only
7 : no permissions

if umask is set to 077, the permission can be calculated as follows:

Bit Targeted at File permission
0 Owner read, write and execute
7 Group No permissions
7 Others No permissions

Set the default umask in /etc/profile
” non-root users is 0037, while the root user has a UMASK of 0007″

if [ $UID -gt 199 ] && [ “`/usr/bin/id -gn`” = “`/usr/bin/id -un`” ]; then
umask 037 ## <—- this one is for most users
else
umask 007 ## <—- this is for root
fi

###########
Apache
###########

/etc/httpd/conf.d/welcome.conf

https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-centos-7

https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-centos-6

adding subdomains———–
http://vikrant_labde.blogspot.com/2005/02/how-to-create-subdomains-by-editing.html

https———
https://wiki.centos.org/HowTos/Https

##########
cronjobs
##########

https://code.tutsplus.com/tutorials/scheduling-tasks-with-cron-jobs–net-8800

#########
IPtables
#########

###########
MySQL
###########

Handy MySQL Commands———
http://g2pc1.bu.edu/~qzpeng/manual/MySQL%20Commands.htm

Reset root password———-

https://www.howtoforge.com/setting-changing-resetting-mysql-root-passwords

change engine——
“Modify the MySQL table employees in the MSJ419 database to use the MyISAM storage engine instead of InnoDB.”
ALTER TABLE my_table ENGINE = MyISAM;

##########
Networking
##########

Wget dl test—-
http://cloudtestfiles.net/
wget <url> -O /dev/null

Flush IPs—

ip addr del 10.22.30.44/16 dev eth0

To remove all addresses (in case you have multiple):

ip addr flush dev eth0

CentOS——

# ifconfig eth0 206.190.152.4 netmask 255.255.255.128

# route add default gw 206.190.152.1

# nano /etc/sysconfig/network

NETWORKING=yes
HOSTNAME=465715.mpdedicated.com
GATEWAY=206.190.135.105

# nano /etc/sysconfig/network-scripts/ifcfg-eth0

IPADDR=206.190.135.108
NETMASK=255.255.255.248
GATEWAY=

# nano /etc/resolv.conf

nameserver 8.8.4.4
nameserver 8.8.8.8

Additional IPs

# nano /etc/sysconfig/network-scripts/ifcfg-eth1-range2

IPADDR_START=’206.190.144.36′
IPADDR_END=’206.190.144.38′
CLONENUM_START=’36’

###################
System Performance and Tuning
###################

Setting the swap space usage (swappiness)———-

To check the current swappiness value
# cat /proc/sys/vm/swappiness

To change the value
# echo 50 > /proc/sys/vm/swappiness

To make the changes affect
# sysctl -p

Verify the new parameter
# sysctl -a | grep swappiness

to set user limits———–

nano /etc/security/limits.conf

example
<username> soft nproc 2047
<username> hard nproc 16384

disable or enable sys cookies———–

nano /etc/sysctl.conf

add the line
net.ipv4.tcp_syncookies = 1 #<—– to enable
net.ipv4.tcp_syncookies = 0 #<—– to disable

then to use new setttings
sysctl -p

Using sysctl command you will see the kernel configurations at runtime. In order to check if tcp_syncookies (net.ipv4.tcp_syncookies) is activated or not, run this coommand:

sysctl -n net.ipv4.tcp_syncookies
1 = on 0 = off

disable ping requests————

nano /etc/sysctl.conf
net.ipv4.icmp_echo_ignore_all = 1

sysctl -p

Core dump——–

nano /etc/security/limits.conf

example
<username> hard core <limit in kb> #<—— see process limits