There's many many sources for education on the Internet that are free or nearly free. Recently I found a few links that are worth sharing.
Linux command line -
Linux the hard way command line - I haven't run through the site yet but this offers a more advanced tutorial than other sites I've seen. This looks really amazing, but I heard there was some issues with certain commands not work correctly. There's even a handy console session to help practice the commands.
The CLI Crash Course - This is a tutorial that is aimed towards the new command line user. The nice thing is a video class is also offered by Udemy for a very reasonable $9.
SQL -
Learn SQL the hard way - Another "learn the hardway" series, this one focusing on SQL. The examples and screenshots are clear as with the other methods.
Python -
Learn Python the hard way - This is another one in the series, but also offers video classes from Udemy for $29.
Invent with Python - I bought the hard copy book recently and enjoy the idea of learning to program while making a game. The book is available for free online but you can order a copy from Amazon as well.
GIT -
Git Immersion - This is more for coders and developers but it's also handy for the sysadmin or general user. Git is used for checking in code, and updating it as needed. This tutorial is actually very clear and easy to follow.
Saturday, August 04, 2012
Sunday, July 29, 2012
LPI LPIC-1 resources
I'm working on the exam notes but wanted to write more details I found on the exam. Below are links that may be helpful for anyone studying for the exam.
Reading
Wikibooks - LPI Certification - Books cover the LPIC-1 and other LPI certifications
Happy Monkey LPIC-1 Certification - Long listing of the LPIC-1 certification in HTML and PDF formats
IBM Developer Network LPIC-1 Certification - This is slightly outdated but still holds many helpful details
Reading
Wikibooks - LPI Certification - Books cover the LPIC-1 and other LPI certifications
Happy Monkey LPIC-1 Certification - Long listing of the LPIC-1 certification in HTML and PDF formats
IBM Developer Network LPIC-1 Certification - This is slightly outdated but still holds many helpful details
Friday, July 27, 2012
Studying for the LPIC-1 intro and outline
Since I'm studying for this certification I thought it would be a good idea to list the certification notes I have incase someone would like to also use them. The exact details of the exam are located at the LPI site but as with many exams, they are frequently updating the questions. The basis for my notes will be taken from the following link.
LPI - LPIC-1 Certification outline
Then to pass the certification, you need to pass two exams listed below. For now LPI has not added the recent updates to the full outline, so you will need to make sure you are current by reading both outlines.
LPI - Exam 101 - full outline
LPI - Exam 101 - updates as of July 2, 2012
LPI - Exam 102 - full outline
LPI - Exam 102 - updates as of July 2, 2012
Since this will focus on the subject of passing the LPIC-1, we will start by going over the requirements of the 101 exam.
Overview of the 101 exam
Exam 101 is broken down into four main sections.
1) System Architecture
2) Linux Installation and Package Management
3) GNU and Unix Commands
4) Devices, Linux Filesystems, Filesystem Hierarchy Standard
Each of the main sections have their subsection, which is related to the main section. For example the main section of Linux Installation and Package Management will discuss how to use the package manager yum.
Each of the exams has 60 questions that are a mix of multiple choice, multiple answers (choose two answers) and you need to score 500 or higher to pass. You are given 90 minutes to take the exam but this is actually a good amount of time and allows for reviewing of your questions. The exam I took also has a nice feature where you can mark the answers you are not sure with a "review" marker. This allows you to you return to these questions before finishing the exam.
Who should take this exam
From the LPI site, this LPIC-1 certification is a listed as a "Junior Level Linux Certification". Currently in the IT world, this certification and the CompTIA Linux+ are the standard Linux intro certifications available. There are many more Linux based certifications but from my personal research and also reading many employment listings, these are the certifications you most often see. Speaking of Linux+, if you pass the LPIC-1 certification you also qualify for the CompTIA Linux+ certification since they both use the same exams.
If you're just starting out in Linux or have a few years of experience I think this certification would be time well spent. Even if you do not follow through to the exams, the amount of information is much more than a regular Linux user would use, and can be helpful. Keep in mind that while there is technically a lot of information discussed, the total amount of depth is more shallow than other certifications. LPIC-1/Linux+ focuses on both distros (Debian and Red Hat) so their focus is not a deep as say the Red Hat RHCSA certification.
The questions also covered in the LPIC-1/Linux+ also are not something you often would use everyday in a Linux engineer or sysadmin role. Some comments on the certification have mentioned that the information is so rarely used that it doesn't make sense to study it (configuring IRQ's?) or it's just better to focus on other subjects leaving the details to an Internet search. The Red Hat RHCSA certification is above the LPIC-1/Linux+ in terms of difficulty and method of testing (all fill in the blank questions), and is normally considered the next Linux certification. The RHCSA also focuses more closely upon system administration tasks instead of a little bit of everything.
What will you need to study for the exam
I would recommend the following to help study for this or any exam.
LPI - LPIC-1 Certification outline
Then to pass the certification, you need to pass two exams listed below. For now LPI has not added the recent updates to the full outline, so you will need to make sure you are current by reading both outlines.
LPI - Exam 101 - full outline
LPI - Exam 101 - updates as of July 2, 2012
LPI - Exam 102 - full outline
LPI - Exam 102 - updates as of July 2, 2012
Since this will focus on the subject of passing the LPIC-1, we will start by going over the requirements of the 101 exam.
Overview of the 101 exam
Exam 101 is broken down into four main sections.
1) System Architecture
2) Linux Installation and Package Management
3) GNU and Unix Commands
4) Devices, Linux Filesystems, Filesystem Hierarchy Standard
Each of the main sections have their subsection, which is related to the main section. For example the main section of Linux Installation and Package Management will discuss how to use the package manager yum.
Each of the exams has 60 questions that are a mix of multiple choice, multiple answers (choose two answers) and you need to score 500 or higher to pass. You are given 90 minutes to take the exam but this is actually a good amount of time and allows for reviewing of your questions. The exam I took also has a nice feature where you can mark the answers you are not sure with a "review" marker. This allows you to you return to these questions before finishing the exam.
Who should take this exam
From the LPI site, this LPIC-1 certification is a listed as a "Junior Level Linux Certification". Currently in the IT world, this certification and the CompTIA Linux+ are the standard Linux intro certifications available. There are many more Linux based certifications but from my personal research and also reading many employment listings, these are the certifications you most often see. Speaking of Linux+, if you pass the LPIC-1 certification you also qualify for the CompTIA Linux+ certification since they both use the same exams.
If you're just starting out in Linux or have a few years of experience I think this certification would be time well spent. Even if you do not follow through to the exams, the amount of information is much more than a regular Linux user would use, and can be helpful. Keep in mind that while there is technically a lot of information discussed, the total amount of depth is more shallow than other certifications. LPIC-1/Linux+ focuses on both distros (Debian and Red Hat) so their focus is not a deep as say the Red Hat RHCSA certification.
The questions also covered in the LPIC-1/Linux+ also are not something you often would use everyday in a Linux engineer or sysadmin role. Some comments on the certification have mentioned that the information is so rarely used that it doesn't make sense to study it (configuring IRQ's?) or it's just better to focus on other subjects leaving the details to an Internet search. The Red Hat RHCSA certification is above the LPIC-1/Linux+ in terms of difficulty and method of testing (all fill in the blank questions), and is normally considered the next Linux certification. The RHCSA also focuses more closely upon system administration tasks instead of a little bit of everything.
What will you need to study for the exam
I would recommend the following to help study for this or any exam.
- Desktop or laptop with a processor that supports virtualization
- Desktop or laptop with at least 4GB of physical memory (the more the better)
- Virtualization software (Virtual Box, VMware Workstation, VMware Fusion)
- Books and resources
- Time and dedication
If you have a computer that allows virtualization then you can install the study Linux host very easily without having to worry about issues of using two physical machines for studying. Also most virtualization software allows you to take snapshots where you can "freeze" the machine at a certain time point, make some changes and if they don't work, roll back to the saved snapshot. It's extremely helpful when you are working with details of the system that could impact startup.
I would recommend to have at least 4GB of physical memory but since we're working with Linux, the requirements are pretty low. On my person laptop, I'm able to run two Linux hosts (one is Debian and the other is CentOS) very easily with no noticeable lag. Personally I like using my desktop more than my laptop since I can have many virtual machines running, but I can bring my laptop to work and it's very handy to study during lunch time.
Reading books and where to search for the answer is somewhat confusing. Since the LPI who creates the test does not officially offer a book, your left to choose from the popular certification book vendors. I personally used the All in one LPIC-1/CompTIA Linux+ Certification but heard high reviews for other books such as the Sybex Linux+ and also O'Reilly LPIC-1 in a nutshell book.
For the time and dedication, that it really the hardest part since you can't buy time. I would recommend to work on the exams section by section instead of reading the entire outline beginning to end. Making smaller check points for your goal will help stay focused instead of just focusing on finishing the certification. I would also recommend to work backwards, read the outline, then focus your study on these subjects.
Something that also helps, buy a large wall calendar and follow the Seinfeld method.
Let's get started
I'm going to start writing the notes for the System Architecture as I have time, and keep up the pace with my own exam study.
So close yet so far!
Today I took an exam for the LPIC-1 Linux certification exam, the first of two to complete the certification. I failed by a score less than 20 points from passing, which was much lower score than expected. It's annoying when you don't pass on two parts, first you technically (more on this later) lost the money you spent on the exam. Second, you feel like the time you spent studying was wasted since you didn't pass. But in reality, it's not exactly a lose/lose senario.
One of the method you prep for an exam is buying a book, then reading the book and focusing on the important details as mentioned by the author. Often times a certification book will focus more on passing the exam than actually getting knowledge of the subject the exam is testing. After this you may use the practice exam included in the book and once scoring high enough, will take the real exam. Hopfully passing the exam and on the way to the full certification.
But for some users, this doesn't work out so well. Books usually have limited space to discuss technical topics that dwell deeper than a few paragraphs. The narrow focus of just passing the exam often leaves more questions, now I know this command where would I use it? Not to mention that with the copy rights and agreements for the real exams, it's often difficult to find practice exams that are close to or near the real thing. Often you will pass the practice exam but find out the real exam is different.
So what is the best solution? It's really depending upon the person taking the exams and what they are used to. Personally I found the following to help me while studying.
Multiple sources for information
I was using just one book for my LPIC-1 study program, and often found myself searching the Internet for a better explanation of the topic that was written in the book. One such topic was "suid" which is when an executable file is set to give the permissions of the owner when ran. The book I was reading explained how to set this up but not why or when it's used. Searching the Internet I found a great site that actually explained the subject in a much easier method to understand and even offered straight forward examples.
At home, I also have two other books on the subject of the LPIC-1 certification and while I try to use one book and then the Internet searching, I will consult with these books plus other Linux books. Reason being is that certification books typically want to focus on passing the exam (which is why I buy them) but it's difficult to explain a complex subject within a limited amount of pages. If you have any doubt about the subject, research it further!
Real exam vs practice exam
Something that is common with almost every exam book I read is the included practice exam CD. Typically this is a practice exam produced by a popular exam vendor such as Transcender or MeasureUP. Usually the exams are limited compared to the full practice exams from the vendor companies, meaning that they have a smaller question pool or offer less features.
The big issue I see here is really a strange problem between the test vendors and the practice test vendors. The vendors who write and issue the certifications do not want their certifications to loose value, so they often will have agreements with the test takers to not report any of their questions. This is to make the exams harder to pass and also stop brain dumps. But also how do you study for an exam test if you're not sure what will be asked? Isn't that the point of using a practice exam?
One of the best advices I heard is save your money from the practice exams and just take the real exam. Now this is not the cheapest method, especially considering that most exams can cost anywhere from $150 (Microsoft exams), $400 (Red Hat RCHSA exams), and even higher for some of the high end exams. But you do get to take the exam in the real setting, and see the actual questions. Even if you do fail, you still come away with the experience and also a grading chart showing what parts you missed and needed work.
Plus the big benefit, if you score highly you actually pass the exam not just pass a practice exam. The hardest part is spending the money multiple times if you are unsure of your skills for the exam. This is really off set by doing a self study program instead of paying for a video series (usually $500) or taking a certification boot camp ($3,500).
For now I'm still working on finishing the certification, but I feel much better that I saw so close the first time rather than just guessing how close I was using practice tests.
One of the method you prep for an exam is buying a book, then reading the book and focusing on the important details as mentioned by the author. Often times a certification book will focus more on passing the exam than actually getting knowledge of the subject the exam is testing. After this you may use the practice exam included in the book and once scoring high enough, will take the real exam. Hopfully passing the exam and on the way to the full certification.
But for some users, this doesn't work out so well. Books usually have limited space to discuss technical topics that dwell deeper than a few paragraphs. The narrow focus of just passing the exam often leaves more questions, now I know this command where would I use it? Not to mention that with the copy rights and agreements for the real exams, it's often difficult to find practice exams that are close to or near the real thing. Often you will pass the practice exam but find out the real exam is different.
So what is the best solution? It's really depending upon the person taking the exams and what they are used to. Personally I found the following to help me while studying.
Multiple sources for information
I was using just one book for my LPIC-1 study program, and often found myself searching the Internet for a better explanation of the topic that was written in the book. One such topic was "suid" which is when an executable file is set to give the permissions of the owner when ran. The book I was reading explained how to set this up but not why or when it's used. Searching the Internet I found a great site that actually explained the subject in a much easier method to understand and even offered straight forward examples.
At home, I also have two other books on the subject of the LPIC-1 certification and while I try to use one book and then the Internet searching, I will consult with these books plus other Linux books. Reason being is that certification books typically want to focus on passing the exam (which is why I buy them) but it's difficult to explain a complex subject within a limited amount of pages. If you have any doubt about the subject, research it further!
Real exam vs practice exam
Something that is common with almost every exam book I read is the included practice exam CD. Typically this is a practice exam produced by a popular exam vendor such as Transcender or MeasureUP. Usually the exams are limited compared to the full practice exams from the vendor companies, meaning that they have a smaller question pool or offer less features.
The big issue I see here is really a strange problem between the test vendors and the practice test vendors. The vendors who write and issue the certifications do not want their certifications to loose value, so they often will have agreements with the test takers to not report any of their questions. This is to make the exams harder to pass and also stop brain dumps. But also how do you study for an exam test if you're not sure what will be asked? Isn't that the point of using a practice exam?
One of the best advices I heard is save your money from the practice exams and just take the real exam. Now this is not the cheapest method, especially considering that most exams can cost anywhere from $150 (Microsoft exams), $400 (Red Hat RCHSA exams), and even higher for some of the high end exams. But you do get to take the exam in the real setting, and see the actual questions. Even if you do fail, you still come away with the experience and also a grading chart showing what parts you missed and needed work.
Plus the big benefit, if you score highly you actually pass the exam not just pass a practice exam. The hardest part is spending the money multiple times if you are unsure of your skills for the exam. This is really off set by doing a self study program instead of paying for a video series (usually $500) or taking a certification boot camp ($3,500).
For now I'm still working on finishing the certification, but I feel much better that I saw so close the first time rather than just guessing how close I was using practice tests.
Monday, July 16, 2012
Preparing for an certification exam
The past two months I've been studying for the Linux+/LPIC-1 entry level Linux certification. The certification while entry level contains a large amount of details normally not used in daily operations, but still handy to know. So I went the typical route of buying the best rated book on Amazon, then going through the entire book chapter by chapter to study it. I feel the best way to study is writing down notes of the chapters, so I used Evernote from home and work.
After finishing the book, I continued on to the practice exams and found that I still didn't pick up most of the details from the book. I knew a large amount of details, improved my Linux knowledge overall, but the obscure details (font servers, etc.) were missed. I started to re-think my plan of studying, maybe I was going about this incorrectly?
I started to switch course and instead of using the book and going chapter by chapter, I checked out the actual guidelines for the exam. Here's LPIC-1 101 exam, which is one of two exams required for the certification. A nice feature of my book is that they include a PDF which following the exam and then gives you the chapter with page number where the topic is discussed. After switching to this method, I started to go down each section and take notes about the topic.
Since I was going straight to the answers, it was a much faster read and felt that I skipped over the unimportant (for the exam) topics. Also the big benefit is that I know for certain if I have a solid understanding of these topics, I can pretty much pass the test. But why and when would you want to read the book end to end?
If you need understanding how each component fits together, then I would recommend reading end to end. For example, if you're already using Linux or administration across other operating systems you know that troubleshooting often starts by reading the system logs. So you really don't need much back story as to why it's important to know the locations or using a search command (grep). For the newer users of Linux or someone fresh from school, they might not understand how important the logs are, then it would be good to read the entire chapter about logs and searching.
Also reading the book end to end allows you better understanding why you would need a search tool like grep then another tool like awk to help filter logs. A final good reason for reading the entire book is the examples and tutorials given in the book. Personally I feel that the tutorials help but the best method to learn is by figuring out yourself, which often leads to more research outside the book's text.
Something else to add, if you're preparing for an exam, use as many reliable sources of the information they you need. Currently I'm reading two books plus going over with two practice exams, and various information from the Internet. I'm pretty sure you could pass the test with just reading a single book but honestly it's a lot of information and there were questions left unanswered and just not possible to explain given the limited number of pages.
After finishing the book, I continued on to the practice exams and found that I still didn't pick up most of the details from the book. I knew a large amount of details, improved my Linux knowledge overall, but the obscure details (font servers, etc.) were missed. I started to re-think my plan of studying, maybe I was going about this incorrectly?
I started to switch course and instead of using the book and going chapter by chapter, I checked out the actual guidelines for the exam. Here's LPIC-1 101 exam, which is one of two exams required for the certification. A nice feature of my book is that they include a PDF which following the exam and then gives you the chapter with page number where the topic is discussed. After switching to this method, I started to go down each section and take notes about the topic.
Since I was going straight to the answers, it was a much faster read and felt that I skipped over the unimportant (for the exam) topics. Also the big benefit is that I know for certain if I have a solid understanding of these topics, I can pretty much pass the test. But why and when would you want to read the book end to end?
If you need understanding how each component fits together, then I would recommend reading end to end. For example, if you're already using Linux or administration across other operating systems you know that troubleshooting often starts by reading the system logs. So you really don't need much back story as to why it's important to know the locations or using a search command (grep). For the newer users of Linux or someone fresh from school, they might not understand how important the logs are, then it would be good to read the entire chapter about logs and searching.
Also reading the book end to end allows you better understanding why you would need a search tool like grep then another tool like awk to help filter logs. A final good reason for reading the entire book is the examples and tutorials given in the book. Personally I feel that the tutorials help but the best method to learn is by figuring out yourself, which often leads to more research outside the book's text.
Something else to add, if you're preparing for an exam, use as many reliable sources of the information they you need. Currently I'm reading two books plus going over with two practice exams, and various information from the Internet. I'm pretty sure you could pass the test with just reading a single book but honestly it's a lot of information and there were questions left unanswered and just not possible to explain given the limited number of pages.
Sunday, July 08, 2012
O'reilly School of Technology review
Computer based teaching is a very to get just right. Sometimes you may presented with too little information while other times, it's too much and hard to follow. I found some of the online classes I taken in the past for work was a 30 page slide show with a short quiz at the end. By the time I was through the first chapter, I was dulled by the information given and lack of interaction. On the side, a class presented me with one or two paragraphs of text and then expecting me to complete an assignment with no outside information.
But computer based training that is based on-line has many benefits. The pricing of classes is usually cheaper than attending a physical classroom. Also the classes are available 24 hours a day, which works out great work people with changing work hours. Combined with the information you have available anywhere, the benefits are welcome for anyone.
Recently I took it upon myself to take a class with O'reilly School of Technology, which is part of the O'reilly book publishing company (the animal tech book publisher). The class I enrolled with is the first Linux/UNIX class for their System Administration certificate. The class focuses on the file system which includes user/group administration, cron jobs, hard and soft links, plus more. It's a general overview of the system, but not too in depth as there are three other classes (four classes are required to complete the certificate).
From the start, you work the entire classroom from a web page, which includes accessing the lab server and the lessons. This makes it very handy as you can access your class from any computer with a web browser. Here I tested mostly Google's Chrome on Windows and Mac which no problems. The lab access while handy, does cost an additional monthly fee but going with this during a normal pace you should be done within two months of light weekend work. On the side note, you can also complete the work without the lab but the work will be harder to present to the course instructor.
When you login to your virtual classroom, you are presented with the following as seen below. You have a file explorer on the left side. Followed by the class lessons and reading in the middle, then on the right is the reading page. Below is the console login for your lab host. The simple method of presenting information worked well but I did noticed from all networks that I connected to, there was a delay in working with the lab console. Also a big plus is the lack of any Adobe Flash on the site, a huge thanks!
But computer based training that is based on-line has many benefits. The pricing of classes is usually cheaper than attending a physical classroom. Also the classes are available 24 hours a day, which works out great work people with changing work hours. Combined with the information you have available anywhere, the benefits are welcome for anyone.
Recently I took it upon myself to take a class with O'reilly School of Technology, which is part of the O'reilly book publishing company (the animal tech book publisher). The class I enrolled with is the first Linux/UNIX class for their System Administration certificate. The class focuses on the file system which includes user/group administration, cron jobs, hard and soft links, plus more. It's a general overview of the system, but not too in depth as there are three other classes (four classes are required to complete the certificate).
From the start, you work the entire classroom from a web page, which includes accessing the lab server and the lessons. This makes it very handy as you can access your class from any computer with a web browser. Here I tested mostly Google's Chrome on Windows and Mac which no problems. The lab access while handy, does cost an additional monthly fee but going with this during a normal pace you should be done within two months of light weekend work. On the side note, you can also complete the work without the lab but the work will be harder to present to the course instructor.
When you login to your virtual classroom, you are presented with the following as seen below. You have a file explorer on the left side. Followed by the class lessons and reading in the middle, then on the right is the reading page. Below is the console login for your lab host. The simple method of presenting information worked well but I did noticed from all networks that I connected to, there was a delay in working with the lab console. Also a big plus is the lack of any Adobe Flash on the site, a huge thanks!
The work is typically as follows. You are presented with a small chapter of information on a subject, which includes steps how you can do this in your lab console. Then you have a few assignments where you complete the work by either providing proof to the instructor (edit a file on X host) or by answering the question correctly. Then you are presented with a quiz, in a similar manner. It should be noted that none of these questions are multiple choice, and they are graded by a actual human.
After you submit the homework and quiz, the turn around time for the corrections is about 24~48 hours, but I saw much faster times especially during the weekdays. If you're answers are correct, then you move on to the next step but if they are incorrect, the points where you are incorrect are marked and notes are provided why. It's important to note that the questions do not change as far as I know. This means that if you fail the question on the first time, when you return to answer the question, it's the same.
The total amount of time to complete the class was about a month for myself, and that was taking my time, working on it as I wanted. For someone who was more focused, I'm sure this class could be done in a week, but I'm not sure just how fast the turn around for corrections could be completed.
The biggest question I had before attending this class is the pricing and what I would get from this. I personally dislike on-line classes, and I have taken classes from physical fitness, IT and math based subjects. All of them I felt lacked personal interaction and you mostly received generic answers and replies from the instructor. Also the lack of working with peers in the class also makes it more difficult to interact with other students for additional help or studying outside of the classroom.
With the O'reilly school, I felt that it was a good amount of information and the interaction was much better. While the subject matter felt less than what I expected I did learn from the assignments and also it forced me to really think about my answer since it wasn't just answering a random multiple choice quiz at the end. The depth of knowledge required for this class was entry level into the world of Linux/UNIX and I feel like it was a slightly below my skill level but I still came away with some details I didn't know.
Now if you are more focused on your own studying and can follow along in a book, this might not be the best value for you. You can find books and other learning materials available either free or for under $50 that offer much more information. But the big difference is that instead of working by yourself, you have someone to correct and assist in the labs with O'reilly. This doesn't sound like much but for some (especially myself) the contact with a instructor was extremely helpful. This also helps get you working harder and staying towards your goal since it's a live person you are working with, assigned to you.
From my experience with this first class in the series, I am not sure I would continue with the other four classes. This is mostly based upon a few factors, one is the cost (at current pricing they are $400 per class plus lab time) and the other is subject matter. I'm currently focusing to complete my LPIC-1 certification this summer and the classes offered by O'reilly while complete do not fully match the requirements of the exam. Also I want to further go into scripting and small amount of Python.
Personally I would recommend anyone who is interested in the O'reilly school to take advantage of the trial service which gives you limited access to the classes within seven days. If you don't like it, you can get a money back refund, but only if you do not go further than a set amount of lessons. Read the fine print before going too far in the class work as I heard it's something like 5 assignments (about two hours of work).
Friday, June 08, 2012
Umask confusion
I've been studying for the LPI LPIC-1 test, which is a basic introduction to Linux certification. So far it's been a very interesting experience, really finding out so much more about the nuts and bolts of Linux. But there are some confusion I'm having, and find it best to write it out to solve the problem.
One confusion is with the Umask function and command. Here's a short summary on the subject.
In the Linux and UNIX system, new files and directories are created with a default permission. Keep in mind the following.
One confusion is with the Umask function and command. Here's a short summary on the subject.
In the Linux and UNIX system, new files and directories are created with a default permission. Keep in mind the following.
- Read - 4
- Write - 2
- Execute - 1
- Files - 666
- Owner - Read, Write
- Group - Read, Write
- Other - Read, Write
- Directories - 777
- Owner - Read, Write, Execute
- Group - Read, Write, Execute
- Other - Read, Write, Execute
The owner is the user account who created the account, the group is the group associated with the file (most times it's the same as the user name), and the other is anyone who is authenticated on the system.
Now the issue is that on a system shared by multiple users, these settings leave little to be secured. How can the Linux system have the files locked down but still allow others access? This is where the command umask comes in. Umask allows the system to follow a default setting of security across the system, sort of a lock down depending upon how secure you want it.
Let's first find out what is the current umask setting.
- From your command prompt, run the following command
- #umask
- You should see a value such as "0022"
For most Linux distributions, the default is 0022. Only the last three values are used, the first "0" is not used. For this detail the settings of umask are as follows.
- umask setting of "0022"
- First "0" - Not used
- Second "0" - Amount to remove from default settings of owner permission
- Third "2" - Amount to remove from default settings of group permission
- Fourth "2" - Amount to remove from default settings of other permission
Sounds confusing but here's how this is calculated.
- umask setting of "0022"
- Files - default is 666
- Owner - 666 - 0 = 666
- Group - 666 - 2 = 664
- Other - 666 - 2 = 664
- Directories - default is 777
- Owner - 777 - 0 = 777
- Group - 777 - 2 = 775
- Other - 777 - 2 = 775
As you can see, the setting of "0022" (more commonly reported as 022 since we drop the first zero since it's not used) will remove permissions for Group and Other. This change is not so impacting but if we wanted we could make the system more secure by using higher amounts of umask. For example, 077 would give only the owner of the files the right to read, write and execute.
Now that we know the basics of the umask command, how can we change this? There's really two methods, one is from the command umask.
- From your command prompt, run the following command
- #umask 0026
- Now create a directory and file
- #mkdir testdir
- #touch testfile
- Let's see if the permissions are different than before
- #ls -l
- You should see the following permissions
- Testdir - 751 (rwx-rx-x)
- Testfile - 640 (rw-r--)
But the change done by umask is not permanent, to do that you need to edit the /etc/profile. You can view the file and find out that there's actually two values given in the file (here we are using CentOS). Why are there two values in the file?
The file script checks for the user account UID, and depending on the number, the user will either receive a umask of 002 or 022. Remember that service accounts are typically UID's under 200, while regular user accounts have UID's starting at 500 (typically). Also root has the UID of 1, so basically the system is giving a less enforced policy for more important accounts.
To view the account UID, in two methods.
- From the command prompt, run the following command
- #id -u useraccount
- Number returned will be your UID
- #cat /etc/passwd
- A full listing of all accounts on the system, showing UID
For more information about umask here are some very good links to read up on.
Tuesday, June 05, 2012
Script to help with timing issues on virtual guests
There's an issue when running a virtual machine that the time gets incorrectly updated. The problem is that when you suspend the computer, the virtual machine will suspend and return with the incorrect time, instead of updating from the Internet. I have seen this issue more so on Linux than on Windows, but for Linux it's easily fixed by a simple script. Here's the basic steps to get it working.
- Open up Vi or your favorite editor on your virtual machine
- Type in the following details
- #!/bin/bash
service ntpd stop
sleep 5
ntpdate pool.ntp.org
sleep 5
service ntpd start - Save you file
- Change the permissions to all the file to be executable
- Run the following command
- #chmod 755 filename
- Test the command
- Run the following command
- #date
- You should see an incorrect time
- Run the script, note the "./" before the script name
- #./yourtimescriptname
- Run the following command
- #date
- You should see the correct time
- Now your virtual machine is updated
- You can add this script to a cron job or login script to automate the process
So far I just run this manually since I rarely reboot the virtual machine or login or out. You can make a symbolic link or an alias to make things easier to manage.
Sunday, June 03, 2012
Adding a drive to VMware Workstation Linux guest without restarting
Recently I was working on a CentOS 6.2 guest on VMware Workstation 8 and I wanted to add an additional hard drive. From VMware Workstation I knew how to do this but not from the Linux side. Being unfamiliar with this, searched and found a few handy steps to add the drive without rebooting the Linux guest.
First, let's see what drives are showing up for the Linux guest. From the host we're going to check the /dev directory and see what drives are showing up.
Here we can see that there is three drives, sda, sdb and sdc listed on the guest. Under these two drives is three partitions titled sda1 and sda2, plus sdb1. Notied that drive sdc does not have any partitions. This breaks down like this.
From VMware Workstation, we're going to add the drive to the guest.
These commands were posted on another blog, Cyberciti's how to add a new VMware hard disk article.
First we're going to scan the system for the new drives. We need the host numbers on the guest machine first.
First, let's see what drives are showing up for the Linux guest. From the host we're going to check the /dev directory and see what drives are showing up.
#cd /dev
#ls
Here we can see that there is three drives, sda, sdb and sdc listed on the guest. Under these two drives is three partitions titled sda1 and sda2, plus sdb1. Notied that drive sdc does not have any partitions. This breaks down like this.
- SDA
- SDA1
- SDA2
- SDB
- SDB1
- SDC
- No partitions
From VMware Workstation, we're going to add the drive to the guest.
- Right click the guest, and click the "Settings"
- The Virtual Machine Settings window will open
- Click the "add" button
- The "Add Hardware Wizard" window will open
- Select "Hard Disk" then click the "Next" button
- Under the "Select a Disk" leave the default as "Create a new virtual disk", then click the "Next" button
- Under the "Select a Disk Type" leave the default as "SCSI", then click the "Next" button
- Under the "Specify Disk Capacity", change the value for "Maximum disk size (GB)" to the amount you want. For this example, I will be using 5GB. Then click the "Next" button
- Under the "Specify Disk File" leave the file name as default and then click the "Finish" button
- Back at the "Virtual Machine Settings" window, click the "OK" button to complete
- The new drive has been added to the guest
These commands were posted on another blog, Cyberciti's how to add a new VMware hard disk article.
First we're going to scan the system for the new drives. We need the host numbers on the guest machine first.
- First find the host number on your system
- Run the following command
- #ls /sys/class/scsi_host
- You should see the return of "host0" or more
- Force the system to scan the drives
- The host number you found in the previous step will be used here.
- Run the following command
- #echo "- - -" > /sys/class/scsi_host/host2/scan (note on my system it's "host2")
- After this you may see a message of the drive scanned on the machine
- To confirm, check the logs for messages of new drive
- Run the following command
- #tail /var/log/messages
- This will be sequential from the last drives. For example, if you see in /dev drives SDA, SDB, then you should see logs for drive SDC
- From fdisk we're going to also validate it's showing up
- Run the following command
- #fdisk -l
- You should see the drive showing up that matches the drive from step 3
- From /dev you should also see the new drive listed
- Run the following command
- #ls /dev
- You should see the drive showing up that you just added
- First find the drive has been discovered on the system
- Run the following command
- #fdisk -l | grep 'Disk'
- You should see the drive you added in the previous steps shown near the end of the list
- Save this information for the next steps.
- Run fdisk to create the partition on the new disk (if anytime you get lost on commands, type "m" for the command menu
- Run the following command
- #fdisk /dev/sdd (your drive may be different)
- In fdisk, type "n" to create a new partition
- Type "p" for a primary partition
- Type "1" for a partition number
- Type "1" for a first cylinder number
- Type "1G" for size (this can be adjusted for your needs)
- Type "w" to write and save the information
- This will automatically close fdisk
- Validate the partition is now showing up in /dev directory
- Run the following command
- #ls /dev
- You should see the new partition showing up under the drive you just created
- We're now going to format the partition with ext3 so that it's usable
- Run the following command
- #mkfs.ext3 /dev/sdd1
- You should see confirmation the command was successful
- Finally we are going to mount the drive
- Run the following commands
- #mkdir /disk1
- #mount /dev/sdd1 /disk1 (your drive may be different)
- Confirm the drive is showing up
- Run the following command
- #df -H
- You should see your new drive mounted
- Test the new mount
- Run the following commands
- #touch /disk1/testfile
- #ls /disk1
- You should see your file written to the new mount
- Now set the mount at boot
- Run the following command
- #vi /etc/fstab
- Add the following line to the fstab file (note, I'm not going to show basic Vi commands here, you can find them across the Internet)
- /dev/sdd1 /disk1 ext3 defaults 1 2
- Save the file
- Done!
Subscribe to:
Posts (Atom)