Unix Archives - MasterKenneth

The /etc/passwd File

There are several different authentication schemes that can be used on Linux systems. The most commonly used and standard scheme is to perform authentication against the /etc/passwd and /etc/shadow files.

/etc/passwd is a plain text-based database that contains information for all user accounts on the system. It is owned by root and has 644 permissions. The file can only be modified by root or users with sudo privileges and readable by all system users.

Modifying the /etc/passwd file by hand should be avoided unless you know what you are doing. Always use a command that is designed for the purpose. For example, to modify a user account, use the usermod command, and to add a new user account use the useradd command.

The /etc/shadow File

/etc/shadow is a text file that contains information about the system’s users’ passwords. It is owned by user root and group shadow, and has 640 permissions.

Using lsof to Recover Deleted Files

If an open file is deleted accidentally, it is possible to use lsof to recreate a copy of the file; provided this is done before the file is closed by the application holding it open.

If you have inadvertently removed a file from the filesystem it is still recoverable if the application using the file it still running. This is because the inode is still open and therefore the data blocks are still on the disk until the application closes the file or exits.

The Linux Filesystem Explained

Have you ever wondered what all the folders on the root (/) directory of the Linux filesystem are for? Which file goes into which directories and why are they saved in those directories? On this post, we’ll check out each folder and what purpose or function they serve for the operating system itself. Continue reading “The Linux Filesystem Explained”

Comparing files using the diff command

The diff command outputs the differences between two files, line by line. For files that are identical it produces no output, for binary files only reports if they are different or not.

The set of differences produced by diff is often called a diff or patch, and this output can be used later on by the patch command to change other files. Continue reading “Comparing files using the diff command”

How To Tell If Your Linux Server Has Been Compromised

A server being compromised or hacked for the purpose of this guide is an unauthorized person or bot logging into the server in order to use it for their own, usually negative ends. However, the majority of compromised servers are carried out by bots i.e. automated attack programs, in-experienced attackers e.g. “script kiddies”, or dumb criminals. These sorts of attackers will abuse the server for all it’s worth whilst they have access to it and take few precautions to hide what they are doing.

Continue reading “How To Tell If Your Linux Server Has Been Compromised”

How to effectively use the GREP command

Grep is a very important & powerful Linux commands. It stands for ‘Global Regular Expression Print’ & is used for matching & printing a search pattern or a regular expression from a single or multiple text files. It will look for the pattern if the mentioned files & will than print the result on screen or to an output file.
In this tutorial, we are going to learn to use grep command with examples. Continue reading “How to effectively use the GREP command”

Properly rename user accounts in Linux

We might have come across a situation where we might want to rename user in Linux system, for whatever reasons. We can easily rename user in Linux and also we can rename the home directory or its UID as well.
In this short tutorial, we will be discussing these things only.
Continue reading “Properly rename user accounts in Linux”