# ===============================================
# ===============================================
# -------------------------------
# -------------------------------
sudo useradd -m username # Add a new user and create a home directory
sudo passwd username # Set a password for the user
sudo userdel -r username # Delete a user and remove their home directory
sudo usermod -l newname oldname # Change a user's login name
sudo usermod -d /new/home username # Change a user's home directory
# -------------------------------
# -------------------------------
sudo groupadd groupname # Create a new group
sudo groupdel groupname # Delete an existing group
sudo usermod -aG groupname username # Add user to supplementary group(s)
sudo usermod -g groupname username # Change user's primary group
groups username # Show groups that a user belongs to
id username # Show detailed user and group IDs
# -------------------------------
# -------------------------------
# /etc/passwd -> User account information
# /etc/shadow -> Hashed passwords (root-only)
# /etc/group -> Group definitions and memberships
# -------------------------------
# FILE AND DIRECTORY PERMISSIONS
# -------------------------------
ls -l # List files with permissions, owners, and groups
# Permissions breakdown: rwx for user, group, others
# Example: -rw-r--r-- means owner can read/write, others read-only
ls -a # List files including hidden files
# -------------------------------
# -------------------------------
chmod u+x file.txt # Add execute permission for the user
chmod g+w file.txt # Add write permission for the group
chmod o-r file.txt # Remove read permission for others
chmod a=r file.txt # Set read-only for everyone
chmod 755 script.sh # Set rwxr-xr-x (owner full, others read/execute)
chmod 644 file.txt # Set rw-r--r-- (owner read/write, others read-only)
chmod 700 secret.txt # Set rwx------ (owner only)
chmod -R 755 myfolder # Apply permissions recursively to folder and contents
# -------------------------------
# -------------------------------
chgrp teachers notes.txt # Change group ownership of a file
chgrp -R teachers projects/ # Change group recursively
chown alice notes.txt # Change file owner
chown alice:teachers notes.txt # Change both owner and group
chown -R alice:teachers projects/ # Change owner/group recursively
# -------------------------------
# DEFAULT PERMISSIONS WITH umask
# -------------------------------
umask # Show current umask value
umask 0007 # Temporarily change umask (new files 660, dirs 770)
# -------------------------------
# SPECIAL PERMISSION BITS
# -------------------------------
# setuid (4xxx) -> Run file with owner’s privileges
# setgid (2xxx) -> Run file with group’s privileges
# sticky (1xxx) -> Restricts file deletion in shared dirs
# chmod 4755 script.sh -> Set setuid bit on a script
# chmod 2755 dir/ -> Set setgid bit on a directory
# chmod 1777 /tmp -> Set sticky bit (only owners can delete own files)
# ===============================================
# Investigating File Contents in Linux
# ===============================================
# Commands to identify, inspect, and analyze file contents.
# ===============================================
# -------------------------------
# 1. FILE — Identify File Type
# -------------------------------
file filename # Identify the file type (text, binary, executable, etc.)
file /bin/ls # Example: Inspect system executable
# -------------------------------
# 2. HEAD — View Beginning of a File
# -------------------------------
head filename # Show first 10 lines of a file
head -n 20 filename # Show first 20 lines
# -------------------------------
# 3. TAIL — View End of a File
# -------------------------------
tail filename # Show last 10 lines of a file
tail -n 50 filename # Show last 50 lines
tail -f filename # Follow live updates (e.g., logs in real time)
# -------------------------------
# 4. OBJDUMP — Inspect Binary Executables
# -------------------------------
objdump -d filename # Disassemble a binary executable
objdump -x filename # Show all headers and metadata
objdump -d /bin/ls | head -n 10 # Example: Disassemble first 10 lines of /bin/ls
# -------------------------------
# 5. OD — Dump File in Octal/Hex/Binary
# -------------------------------
od -c filename # Show file contents as ASCII characters
od -x filename # Show contents in hexadecimal
od -b filename # Show contents in octal
# od -c notes.txt # See text + hidden characters
# -------------------------------
# -------------------------------
strings /bin/ls # Extract readable ASCII strings from a binary file
xxd filename # Create a hex dump of a file
xxd -r filename.hex # Reverse hex dump back into original file
less filename # Scroll through a file interactively
cat filename # Display entire file contents in terminal
# ===============================================
# ===============================================
# Tools and commands to locate files and directories efficiently.
# ===============================================
# -------------------------------
# 1. FIND — Search for Files and Directories
# -------------------------------
find directory -name targetfile -print # Search for a file by name in a given directory tree
find /home -name "*.txt" -print 2>/dev/null # Find all .txt files under /home, hide permission errors
find . -type f # Find only regular files
find . -type d # Find only directories
find . -perm o=r # Find files readable by others
find . -size +10M # Find files larger than 10 MB
find . -iname "*.jpg" # Case-insensitive search for .jpg files
# Execute a command for each match:
find . -name "*.txt" -exec wc -l '{}' ';' # Count lines in every .txt file found
# -------------------------------
# 2. WHICH — Locate Executable Files
# -------------------------------
which ls # Show path to the binary for a command (e.g., /bin/ls)
type ls # Show if a command is built-in, alias, or binary
command -v ls # POSIX-compliant way to find command location
# -------------------------------
# 3. LOCATE — Fast Filename Search Using Index
# -------------------------------
locate ".txt" # Find all files with ".txt" in their path
sudo updatedb # Manually update the locate database index
# - locate is very fast but may show outdated results.
# - Cannot search by size, type, or permissions like find can.
# -------------------------------
# -------------------------------
whereis ls # Show binary, source, and man page locations for a command
fd pattern # Modern, faster replacement for find (if installed)
grep -rl pattern directory/ # Find files containing specific text recursively
# ===============================================
# UNIX File Compression & Backup Guide
# ===============================================
# Tools for archiving, compressing, and backing up files in UNIX/Linux.
# Includes tar, cpio, compress, gzip, and modern alternatives.
# ===============================================
# -------------------------------
# -------------------------------
tar -cvf backup.tar /home/user/documents # Create an archive file (no compression)
tar -czvf backup.tar.gz /home/user/documents # Create and compress archive with gzip
tar -cjvf backup.tar.bz2 /home/user/documents # Create and compress archive with bzip2
tar -cJvf backup.tar.xz /home/user/documents # Create and compress archive with xz
tar -tvf backup.tar # List contents of an archive
tar -xvf backup.tar # Extract archive contents
tar -xvf backup.tar -C /tmp/restore # Extract archive into a specific directory
tar --exclude="*.tmp" -czvf backup.tar.gz dir/ # Exclude files matching pattern from archive
# -v : Verbose (show files as processed)
# -f : Specify archive filename
# -z : Use gzip compression
# -j : Use bzip2 compression
# -J : Use xz compression
# --exclude=PATTERN : Skip files matching pattern
# -------------------------------
# 2. CPIO — Copy In/Out Archiver
# -------------------------------
find . -depth -print | cpio -ov -Htar > backup.tar # Create a tar-format archive using cpio
cpio -tv < backup.tar # List contents of a cpio archive
cpio -idv < backup.tar # Extract files from a cpio archive
cpio -iduv < backup.tar # Extract and overwrite existing files
# -o : Create archive (copy-out mode)
# -i : Extract archive (copy-in mode)
# -d : Create directories as needed
# -u : Overwrite existing files
# -H : Set archive format (tar, crc, odc, etc.)
# -------------------------------
# 3. COMPRESS & GZIP — File Compression Tools
# -------------------------------
compress file.txt # Compress file to file.txt.Z
compress -d file.txt.Z # Decompress .Z file
gzip file.txt # Compress file to file.txt.gz
gzip -d file.txt.gz # Decompress .gz file
zcat file.txt.gz # View compressed file contents without decompressing
# -------------------------------
# 4. MODERN ALTERNATIVES & IMPROVEMENTS
# -------------------------------
tar -cjvf backup.tar.bz2 dir/ # Use bzip2 for better compression than gzip
tar -cJvf backup.tar.xz dir/ # Use xz for maximum compression
zip -r backup.zip dir/ # Create a cross-platform .zip archive
rsync -avz /source user@host:/backup # Perform incremental backups over network
# ------------------------------
# ------------------------------
# ------------------------------
# SERVER: Identify network interfaces
# ------------------------------
echo "Listing all network interfaces..."
# ------------------------------
# SERVER: Assign static IP to Host-only adapter (ens4 example)
# Adjust 'ens4' to your actual interface name
# ------------------------------
echo "Configuring static IP for ens4..."
sudo tee /etc/netplan/99-static-dhcp-server.yaml > /dev/null <<EOF
addresses: [192.168.100.1/24]
addresses: [1.1.1.1, 8.8.8.8]
# ------------------------------
# SERVER: Create lease database & set permissions
# ------------------------------
echo "Creating DHCP lease file and setting permissions..."
sudo mkdir -p /var/lib/dhcp
sudo touch /var/lib/dhcp/dhcpd.leases
sudo chown root:dhcpd /var/lib/dhcp /var/lib/dhcp/dhcpd.leases
sudo chmod 0644 /var/lib/dhcp/dhcpd.leases
# ------------------------------
# SERVER: Configure DHCP server
# ------------------------------
echo "Configuring /etc/dhcp/dhcpd.conf..."
sudo tee /etc/dhcp/dhcpd.conf > /dev/null <<EOF
option domain-name "lab.local";
option domain-name-servers 1.1.1.1, 8.8.8.8;
subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.100 192.168.100.200;
option routers 192.168.100.1;
option broadcast-address 192.168.100.255;
# ------------------------------
# SERVER: Specify listening interface
# Replace 'ens4' with your interface
# ------------------------------
echo "Setting DHCP server interface..."
sudo sed -i 's/^INTERFACESv4=.*/INTERFACESv4="ens4"/' /etc/default/isc-dhcp-server
sudo sed -i 's/^INTERFACESv6=.*/INTERFACESv6=""/' /etc/default/isc-dhcp-server
# ------------------------------
# SERVER: Start and enable DHCP service
# ------------------------------
echo "Starting and enabling DHCP server..."
sudo systemctl daemon-reload
sudo systemctl enable --now isc-dhcp-server
sudo systemctl status isc-dhcp-server --no-pager
# Watch DHCP logs in real time (press Ctrl+C to exit)...
sudo journalctl -u isc-dhcp-server -f
# ------------------------------
# CLIENT: Install DHCP client and request lease
# ------------------------------
# Installing DHCP client (if missing)...
sudo apt install isc-dhcp-client -y
# Requesting DHCP lease on interface ens4...
# ------------------------------
# CLIENT/SERVER: Capture DORA exchange
# ------------------------------
#To capture DHCP packets, run the following command:
sudo tcpdump -n -i ens4 udp and \(port 67 or port 68\) -vv
# ------------------------------
# CLIENT: Verify IP assignment
# ------------------------------
#Check assigned IP and routing:
# ------------------------------
# SERVER: View lease file
# ------------------------------
#Check DHCP leases on server:
sudo cat /var/lib/dhcp/dhcpd.leases
# ------------------------------
# ------------------------------
# ------------------------------
# 1) Update & install BIND9
# ------------------------------
#Updating packages and installing BIND9...
sudo apt install -y bind9 bind9-utils
# Start & enable BIND9 service
sudo systemctl start bind9
sudo systemctl enable bind9
sudo systemctl status bind9 --no-pager
# ------------------------------
# 2) Configure Forward Zone
# ------------------------------
FORWARD_ZONE="mynetwork.local"
FORWARD_DB="/etc/bind/db.${FORWARD_ZONE}"
# Add zone to named.conf.local if not already present
grep -q "${FORWARD_ZONE}" /etc/bind/named.conf.local || sudo tee -a /etc/bind/named.conf.local > /dev/null <<EOF
# Copy template to create zone file
sudo cp /etc/bind/db.local ${FORWARD_DB}
# Replace zone file with example content
sudo tee ${FORWARD_DB} > /dev/null <<EOF
@ IN SOA ns1.${FORWARD_ZONE}. admin.${FORWARD_ZONE}. (
604800 ) ; Negative Cache TTL
@ IN NS ns1.${FORWARD_ZONE}.
@ IN MX 10 mail.${FORWARD_ZONE}.
@ IN MX 20 mail2.${FORWARD_ZONE}.
# ------------------------------
# 3) Configure Reverse Zone
# ------------------------------
REVERSE_ZONE="56.168.192.in-addr.arpa"
REVERSE_DB="/etc/bind/db.192.168.56"
grep -q "${REVERSE_ZONE}" /etc/bind/named.conf.local || sudo tee -a /etc/bind/named.conf.local > /dev/null <<EOF
sudo cp /etc/bind/db.127 ${REVERSE_DB}
sudo tee ${REVERSE_DB} > /dev/null <<EOF
@ IN SOA ns1.${FORWARD_ZONE}. admin.${FORWARD_ZONE}. (
604800 ) ; Negative Cache TTL
@ IN NS ns1.${FORWARD_ZONE}.
10 IN PTR ns1.${FORWARD_ZONE}.
20 IN PTR www.${FORWARD_ZONE}.
21 IN PTR www2.${FORWARD_ZONE}.
30 IN PTR mail.${FORWARD_ZONE}.
# ------------------------------
# ------------------------------
sudo named-checkzone ${FORWARD_ZONE} ${FORWARD_DB}
sudo named-checkzone ${REVERSE_ZONE} ${REVERSE_DB}
sudo systemctl restart bind9
# ------------------------------
# 5) Optional: Configure DDNS (Dynamic DNS)
# ------------------------------
echo "Setting up optional DDNS integration..."
# Generate TSIG key for DHCP <-> DNS
# NOTE: Replace "XXXXXXXXXXXXXXXXXXXX==" with your actual secret
SECRET="XXXXXXXXXXXXXXXXXXXX=="
sudo tee /etc/bind/keys.conf > /dev/null <<EOF
# Include DDNS key in forward/reverse zones
sudo sed -i "/zone \"${FORWARD_ZONE}\" {/a \ allow-update { key ${KEY_NAME}; };" /etc/bind/named.conf.local
sudo sed -i "/zone \"${REVERSE_ZONE}\" {/a \ allow-update { key ${KEY_NAME}; };" /etc/bind/named.conf.local
# Restart BIND to apply DDNS
sudo systemctl restart bind9
# ------------------------------
# 6) Testing DNS from server
# ------------------------------
# Testing forward lookups...
dig @127.0.0.1 www.${FORWARD_ZONE}
dig @127.0.0.1 www2.${FORWARD_ZONE}
dig @127.0.0.1 mail.${FORWARD_ZONE}
# Testing reverse lookup...