Linux : Operation Deployment (Day 4)
Bhupesh Patil ?
DevSecOps Engineer ??? | 2x Microsoft Azure ? 1x OCI ?? | Go ? Docker ? Kubernetes ? CI/CD ? Security ? Obeservabillity ? Terraform ?????? ||
Manage System Using systemctl :
Syntax :
systemctl [option] [command] [service_name]
Common Commands and Options :
Examples :
sudo systemctl start [service_name]
sudo systemctl start apache2
sudo systemctl stop [service_name]
sudo systemctl stop apache2
sudo systemctl enable [service_name]
sudo systemctl enable apache2
systemctl status [service_name]
systemctl status apache2
Locate System Log Files :
System log files in Linux are typically located in the /var/log directory. Common log files include:
Analyzing Logs with journalctl :
journalctl is the command-line utility to view and analyze logs from the systemd journal.
Syntax :
journalctl [options]
Common Options :
Examples :
journalctl
journalctl -f
journalctl -p err
journalctl -u apache2.service
Using grep and Other Tools :
For traditional text-based log files, you can use grep and other command-line tools to search and analyze logs.
Examples
grep 'error' /var/log/syslog
tail -f /var/log/syslog
Schedule Task To Run At A Set Time :
Understanding Cron :
The cron daemon is a long-running process that executes commands at specified dates and times. You can schedule scripts or commands to run at a minute, hour, day, month, or weekday.
Crontab Files :
Each user can have their own crontab file, which is a series of lines of six fields each. The fields are separated by spaces or tabs, and each field represents a time unit.
Crontab Syntax :
The syntax for crontab is as follows:
* command-to-be-executed
- - - - -
| | | | |
| | | | +----- Day of the week (0 - 7) (Sunday=0 or 7)
| | | +------- Month (1 - 12)
| | +--------- Day of the month (1 - 31)
| +----------- Hour (0 - 23)
+------------- Minute (0 - 59)
Crontab Commands :
crontab -e: Edit your crontab file.
crontab -l: Display your crontab file.
crontab -r: Remove your crontab file.
crontab -v: Show the last time you edited your crontab file (this option is not available on all systems).
Examples
* /path/to/command
0 2 * /path/to/script.sh
/15 * /path/to/command
0 22 1-5 /path/to/script.sh
0 0 1 /path/to/command
Special Characters :
Example with Special Characters :
Running a Command Every Two Hours
0 /2 /path/to/command
Updating Software :
dnf command, which stands for Dandified YUM, a package manager for RPM-based Linux distributions such as Fedora, RHEL, and CentOS. It’s designed to replace the older yum package manager with improved features like better dependency resolution and lower memory usage.
领英推荐
Syntax :
The general syntax of the dnf command is:
dnf [options] <command> [<args>...]
Common Commands and Options :
Examples :
sudo dnf install httpd
sudo dnf remove [package_name]
sudo dnf upgrade
dnf search [search_term]
dnf list installed
dnf info [package_name]
sudo dnf autoremove
Change Kernal Runtime Parameter :
Changing kernel runtime parameters is a powerful way to adjust the behavior of your Linux system. The primary tool for this task is sysctl, which allows you to read and write kernel parameters at runtime.
Understanding Kernel Parameters :
Kernel parameters are settings that can affect the operation of the Linux kernel. These parameters are located in the /proc/sys/ directory and can be modified to change system behavior without rebooting.
Using sysctl Command :
The sysctl utility is used to modify kernel parameters at runtime. It can be used to both read and write system parameter settings.
Syntax :
sysctl [options] [variable]=[value]
Common Options :
Examples :
sysctl -a
sysctl -w [variable]=[value]
sysctl -w net.ipv4.ip_forward=1
Making Changes Persistent :
To make changes persistent across reboots, you need to add them to the /etc/sysctl.conf file or create a new file in the /etc/sysctl.d/ directory.
Example :
net.ipv4.ip_forward = 1
Then apply changes :
sysctl -p
net.ipv4.ip_forward = 1
Then apply changes :
sysctl -p /etc/sysctl.d/99-custom.conf
Important Notes :
SELinux :
SELinux (Security-Enhanced Linux) commands, which are used to manage the SELinux security policy on your system. SELinux adds an additional layer of security to your system by enforcing mandatory access control policies.
Understanding SELinux :
SELinux operates in three modes:
Key SELinux Commands :
sestatus
getenforce
To set SELinux in enforcing mode:
setenforce 1
To set SELinux in permissive mode:
setenforce 0
chcon [context] [file_or_directory]
chcon system_u:object_r:httpd_sys_content_t:s0 /var/www/html/index.html
To add a port type:
semanage port -a -t [type] -p [protocol] [port]
To view contexts:
semanage fcontext -l
restorecon -v [file_or_directory]
restorecon -v /var/www/html/index.html