There are different text editors like emacs, nano, vim, etc. But vim text editor has gained popularity between developers and sysadmins.
The main takeaway is we learn to insert text in vim and more specifically learn about quitting the vim editor🤣.
Working with VIM Editor
How do we edit files in CLI?
We have a built-in text editor in Linux like nano, vi/vim(Improved version of vi), etc.
Use cases to use the text editor in CLI :
small modifications can be faster, especially when you are currently working in CLI.
faster to create & edit at the same time.
supports multiple formats.
when working on a remote server it speeds up the workflow.
Important VIM commands
vim [filename]
=> opens the file with vim.
vim has two modes :
Command Mode
this is the default mode and you cannot edit the text.
whatever you type is interpreted as a command.
Navigate, Search, Delete, Undo, etc. can be done in this mode.
Insert Mode
allows you to enter text.
to switch from command mode to insert mode, press 'i'.
and from insert to command mode, press 'Esc'.
NOTE: All these below commands should be run in command mode.
:wq
=> writes and saves the file to disk and quits the vim editor.:q!
=> quits the vim editor without saving the changes.dd
=> delete an entire line.-
d[number]
=> delete a bunch of lines.- For example,
d10
-> deletes the next 10 lines.
- For example,
u
=> undo the changes.A
=> jumps to the end of the line and switches to insert mode.0
=> jumps to the start of the line(but does not switch to insert mode).$
=> jumps to the end of the line(without switching to insert mode).-
[number]G
=> go to the line[number]
- For example,
12G
-> go to line 12.
- For example,
-
/[pattern/word]
=> search for that pattern/word.- For example,
/nginx
-> searches for the pattern/word 'nginx'
- For example,
Type 'n'
=> jumps to the next match.Type 'N'
=> jumps to the previous match/ in opposite direction.:%s/[old]/[new]
=> replace the old word with the new word throughout the file.
Linux Accounts and Groups
There are three user categories :
i. superuser*(sudo)* account
this is the root user with unrestricted permissions.
used for administrative tasks*(No need to log in as a Root user or execute any commands as root*(sudo command)).
ii. user account
-
a regular user, we create to login.
- For example, username=dipanshu then it is found under
/home/dipanshu.
- For example, username=dipanshu then it is found under
iii. service account
-
relevant for Linux server distros as each service will get its own user.
- For example, a MySQL user will start a MySQL application(Best practice for security).
NOTE:
Don't run services with a root user
Always keep one root user per computer.
Can we have multiple regular users & service users and why multiple standard users?
Many companies use windows for their employees. Usually, employees can log in to their accounts on every computer.
How does this work?
Windows is able to centrally manage users. Admins add users to the system and all computers are connected to this system.
When someone tries to log in, OS checks it with the system*(Only have access to their* home folder)[completely isolated system](No access to system files or other user's home folder).
But Linux doesn't have this centrally managed system. This is the reason why Windows is preferred in companies or universities.
Multiple Users on Linux
User accounts are managed on that specific hardware*(cannot access from any other hardware)*
Multiple Users on a Server
For Linux having a multi-user is important for servers. Usually, teams administer a server.
Why not just use a shared user? & Why having a user for each team member is important?
They need a non-root user. Permissions can be assigned per team member.
Traceability => who did what on the system?
Admin creates a user with permissions.
Groups and Permissions
How to manage Permissions?
User Level => give permission to the user directly.
Group Level => group users into Linux groups and give permissions to the group.
This is the way to go is if you manage multiple users*(Best Practice)*.
User management in practice
Access Control Files :
/etc/passwd
=> stores user account information and everyone can read it but only the root user can change the file.
/etc/shadow
=> contains information about the system user's passwords.
/etc/group
=> contains a list of groups and the members belonging to each group.
Managing users :
- Do not edit these access control files with a text editor. Instead, use the dedicated commands.
Commands for user/group creation and management
NOTE: *root* user privileges are required*.*
adduser [username]
=> creates a new user and automatically creates a home directory with skeletal configuration.
Where does the primary group come from?
Whenever we create a user using useradd
, by default, it creates the same group named the user and sets that as the primary group ID of the user.
passwd [username]
=> changes the password of a user.
su - [username]
=> login as a username
( su - short for substitute or switch user).
su -
=> login as root.
groupadd [groupname]
=> creates a new group and by default, the system assigns the next available GID from the range of group IDs specified in the login.defs file.
Different User and Group Commands
adduser
addgroup
Interactive and more user-friendly*(easier to use).* It chooses conformant UID and GUID values for you.
Creates a home directory with skeletal config automatically or asks for input in interactive mode.
useradd
groupadd
- You need to provide the information. Low-level utilities.
Which one to use?
adduser
addgroup
=> when executing it manually.
useradd
groupadd
=> when executed in an automated way.
Same goes for deluser
(deletes user), delgroup
(deletes groups) and userdel
groupdel
.
Modifying user account
usermod [options] [username]
=> modify a user account.
for changing group => usermod -g [groupname] [username]
In addition to one primary group, the user can have multiple secondary groups and as a result, the user will get all the permissions that the groups have to which it belongs*(which means we can add one user to multiple groups)*.
sudo usermod -G [groupsname(separated with commas)] [username]
add a user to multiple groups and the option will overwrite the whole secondary group's list. So, it always sets a new list of groups for the user.
If you need to add a user to a new secondary group in addition to the existing ones it already belongs to we use
sudo usermod -aG [groupname] [username]
groups [username]
-> displays the groups to which the user is added.
More efficient way
useradd [options] [username]
=> creates a new user.
the low-level command compared to adduser
-G
=> create a user with multiple secondary groups
-d
=> custom home directory
sudo gpasswd -d [username] [groupname]
=> removes the user from the specified group.
File Permissions and Ownership
User permissions are related to reading, writing and executing files in Linux.
ls -l
=> print files in a long listing format.
Ownership => It means who owns the file/directory.
There are two levels of a file/directory.
-
Which user owns the file?
- The owner is the user who created the file.
-
Which group owns the file?
- The owning group is the primary group of that user.
(should be executed with root privileges)
chown [username]:[groupname] [filename]
=> changes the ownership*(in this command you can also change user by not adding* [groupname]
)
sudo chgrp [groupname] [filename]
=> changes the group
File Permissions
Modifying Permissions
[Symbolic values method]
sudo chmod [flags] [filename]
=> Changes the permission for that file and for all users.
Flags :
+r
-> add read permission+w
-> add write permission+x
-> add execute permission-r
-> takes away read permission-w
-> takes away writing permission-x
-> takes away execute permission
Adjusting permissions :
-
Owner(u), Group(g), Others(o) & All(a)
- For example,
sudo chmod g-w config.yaml
=> removes the write permission for the group.
- For example,
Alternate ways to give permissions :
sudo chmod u/g/o/a=rwx [filename]
=> gives multiple permission to mentioned ones.
Type out the whole rwx
block or r--
/rw-
etc.
[Numeric values method]
sudo chmod [numeric value] [filename]
Bonus Content :)
Input, Output and Pipes in Linux
Every program has input and output. The output from one program can become the input of another command.
The syntax for this is the "pipe" command
|
. It pipes the output of the previous command as an input to the next command.
For example, cat /var/log/syslog
(outputs log in non-user friendly way) | less
(helps to see the output page-by-page)(to jump to the next page press 'spacebar' and to jump to the previous page press 'b')
To filter commands for specific keywords we use grep [keyword]
=>
grep stands for Globally Search for Regular expression and print-out. And it searches for a particular pattern of characters & displays all lines which contain that pattern.
To search for a phrase we have to enclose in (" ") double-quotes.
Redirects in Linux
It is used to save the output of another command into a file.
Redirection
>
character is the redirect operator.Takes the output from the previous command and sends it to a file that you mention. For example,
history | grep sudo > sudo-commands.txt
In order to add new lines in the existing file by using redirect can be done using
>>
=> append text to the end of the file.
Standard Input and Standard Output
Every program has 3 built-in streams
STDIN(0) => Standard Input
STDOUT(1) => Standard Output
STDERR(2) => Standard Error
We pipe or redirect the standard output from one command to the standard output of another command. We cannot execute many commands in one line but can be done by separating them with ;
(semi-colon).
For example, clear; sleep 2; echo "Hello, welcome back"