Basic command 2

Basic command 2

  • Execution of commands under the identity of the administrator (sudo / su)
  • Locating a file
    • Search in the tree (find)
    • Searching with the database updatedb (locate)
  • Archiving and extracting data (tar / gzip / bz2)
    • Tar for archiving
    • gzip and bz2 for compression
  • Change password

Running commands as administrator (sudo/su)

Following the last session, you may have tried to edit a file in the /etc/ directory to modify a parameter or wanted to experiment with some commands found online. Unfortunately, all attempts failed because the system reported a permission issue.

There are two methods to run commands as the administrator user (root): one is the right way, and the other is the wrong way!!!
Let’s start with the right way:
If you have just installed your Ubuntu system, your first user has the right to use the sudo command (SwitchUserDO).
In addition to having permission to execute this command, the user can do everything with it.
sudo allows for granular permission assignment to a user.
We will go over this aspect in more detail in the system administration section.

To view what permissions we have:

sudo command example

bash
# Displays the permissions of the user Alex.
alex@hostname:~$ sudo -l
[sudo] password for alex:
Matching Defaults entries for alex on this host:
env_reset,
secure_path=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
User alex may run the following commands on this host:
(ALL : ALL) ALL
# In this situation, Alex can execute any command on the system as root or another user.

So, if we want to modify a file in the /etc/ directory using the nano command, we would use the following command:

Using sudo

bash
alex@hostname:~$ sudo nano /etc/The_file

It is good practice to use the sudo command because:

  • All commands are logged; it is therefore possible to know which command was executed, when, and by whom

  • It allows us to limit the available commands for a user, to protect both the user and the system from mistakes

The other method is to switch users, to fully switch to the root user.
The problem with this is that we lose all trace of the operations performed, and there’s no safety net if a mistake is made.
It’s the equivalent of logging in as Administrator on a machine, rather than using the “RunAs” function in Microsoft Windows.
Of course, in some situations, we have no choice.
This is sometimes the case when installing software outside of the distribution’s standard packages.

Here is how to do the WRONG thing 😛 — switching to the root user:

su command

bash
alex@hostname:~$ su

Locating a File

Alright, everything’s working great, and you’re happy with your system.
But now you want to go further, or you’ve encountered a problem.
So, you search online or ask a friend how to perform a specific task.
Your friend, happy to help, replies with something like:
“Oh, that’s easy! Just change the Xy parameter in the smb.conf file to true.”

Great — you take note of everything, but once you’re at your machine, you realize…
you don’t know where the smb.conf file is located.
Your colleague, too used to it, forgot to give you the full (absolute) path.

Here’s how to find your file:

Searching the Directory Tree (find)

The find command, as the name suggests, allows you to search the system for a file.
Of course, the search can take time if there are many files to scan.
find lets us search using various criteria: the file name, modification date, owner, permissions, size, and more.

The basic structure of the command is:

bash
find [Search_Directory] [Pattern]

If no search directory is provided, the system starts searching from the current directory.

Let’s go back to the example mentioned earlier. We would use the following command:

find command examples

bash
# Since the file has a .conf extension, I search in the /etc directory, # which contains most of the system's configuration files user@hostname:~$ find /etc/ -name "smb.conf" # If I don’t find it, I perform a broader search from the system root user@hostname:~$ find / -name "smb.conf" # If I still can’t find it, I broaden the search, # assuming the file starts with "smb" and ends with ".conf" user@hostname:~$ find / -name "smb*.conf" # Here’s an example of real-life output: user@hostname:~$ find /etc -name "smb.conf" find: `/etc/lvm/backup': Permission denied find: `/etc/lvm/cache': Permission denied find: `/etc/rsnapshot/keys': Permission denied find: `/etc/xdg/menus/applications-merged': Permission denied find: `/etc/openvpn/ytriaV2': Permission denied find: `/etc/ssl/private': Permission denied /etc/samba/smb.conf

The last command shows some permission denied errors because I’m not the system administrator (root).
However, at the end, I found the file, which is located in /etc/samba/.

Table 9.1: Main Options for the find Command

OptionMeaning
-nameSearch by file name
-typeSearch by file type
-userSearch by file owner
-groupSearch by group ownership
-sizeSearch by file size
-atimeSearch by last access date
-mtimeSearch by last modification date
-ctimeSearch by creation/change date
-permSearch by permissions



Searching with the updatedb Database (locate)

⚠️ Warning: This is not available on all distributions! ⚠️

Alright, find is great — but if I have a directory with a huge number of files, the search can take a long time…
Fortunately, many distributions install the updatedb system by default.
This system runs the find command every night starting from the root (/) and stores the results in a database for later use.

So, if we go back to our search for the smb.conf file, it would look like this:

locate command example

bash
user@hostname:~$ locate smb.conf /etc/samba/smb.conf /usr/share/man/man5/smb.conf.5.gz /usr/share/samba/smb.conf /var/lib/ucf/cache/:etc:samba:smb.conf user@hostname:~$

As you can see, the result gives us information not only from the /etc directory,
but also from /usr and /varin record time!

However, be aware that locate has a few limitations:

  • No results will appear for files created after the last database update.

  • It searches only by file name (not contents or other metadata).

  • Updating the database increases the system load.

  • Results may be outdated if the database wasn’t updated — for example, if the system was turned off when the update was scheduled.

Archiving and Extracting Data (tar / gzip / bzip2 / zip)

Tar for Archiving

The preferred archiving system on Unix is tar (Tape ARchiver) for creating archive files.

A file archived using tar is not compressed by default.
The resulting file is often called a tarball.

tar preserves:

  • file permissions,

  • ownership (user and group),

  • and supports symbolic links as well as special device files (block and character).

Technically, a tar archive is just a concatenation of file contents,
with each file preceded by a 512-byte header,
which corresponds to the block size in Unix V7 filesystems.

To improve performance on tape drives, the 512-byte blocks are grouped by default into blocks of 20,
producing 10 KB blocks. The last block is padded with binary zeros.

Usually, after being archived with tar, a file is then compressed using a separate compression tool.
The most common formats are:

Compression Utility and File Extensions

Compression UtilityUnix ExtensionMS-DOS Extension
compress.tar.Z.taz
gzip.tar.gz.tgz
bzip2.tar.bz2.tbz
lzma.tar.lz.tlz
lzma2.tar.xz.txz
7zip.tar.7z

Common tar Commands

bash
# Create an archive: $ tar -cvf archive.tar MyFolder1 [MyFolder2...] # List the contents of an archive: $ tar -tf archive.tar # Extract all files from an archive: $ tar -xvf archive.tar # Extract only specific files from an archive: $ tar -xvf archive.tar file1 file2

tar with Compression

bash
# Create a gzip-compressed archive: $ tar -zcvf archive.tar.gz MyFolder1 [MyFolder2...] # List the contents of a gzip-compressed archive: $ tar -ztvf archive.tar.gz # Extract a gzip-compressed archive: $ tar -zxvf archive.tar.gz # Create a bzip2-compressed archive: $ tar -jcvf archive.tar.bz2 MyFolder1 [MyFolder2...] # List the contents of a bzip2-compressed archive: $ tar -jtvf archive.tar.bz2 # Extract a bzip2-compressed archive: $ tar -jxvf archive.tar.bz2



Gzip and Bzip2 for Compression

Two commands are available for compressing files: gzip and bzip2.
bzip2 is more efficient and compresses about 33% more than gzip.
However, it is also more resource-intensive.
If you’re dealing with a very large file, it may take longer to decompress with bzip2.

As mentioned earlier, it’s possible to combine these tools with the tar command,
but they can also be used independently.

Here are some examples:

gzip and bzip2 Commands

bash
# Compression with gzip: user@hostname:~$ gzip my_file.txt # Result: my_file.txt is replaced by my_file.txt.gz # Decompression with gzip: user@hostname:~$ gunzip my_file.txt.gz # Compression with bzip2: user@hostname:~$ bzip2 my_file.txt # Result: my_file.txt is replaced by my_file.txt.bz2 # Decompression with bzip2: user@hostname:~$ bunzip2 my_file.txt.bz2

Tip & Trick

If you have a compressed text file and you want to view its contents without decompressing it (for whatever reason),
there are commands similar to cat that decompress on the fly.

This is especially useful when combined with less, more, or grep
in other words, when used with a pipe (|).

zcat and bzcat Commands

bash
# View gzip or bzip2 compressed files: user@hostname:~$ bzcat my_file.txt.bz2 user@hostname:~$ zcat my_file.txt.gz # As mentioned, you can use it with a pipe: user@hostname:~$ zcat my_file.txt.gz | grep "word"



Changing a Password

The passwd command is used to change the password of user accounts.
A regular user can usually only change their own password.
The superuser (root) has the ability to change the password for any user account.

In addition to changing passwords, passwd also allows you to:

  • set password expiration dates,

  • lock accounts,

  • and enforce password aging policies.

passwd Command Examples

bash
# A user changes their own password: user@hostname:~$ passwd Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully
bash
# The administrator (root) can manage other users' passwords: # Change the password for user "thomas": root@hostname:~# passwd thomas # Lock the account of user "joe": root@hostname:~# passwd -l joe

Useful Options

OptionDescription
-l, --lockLocks the specified account by adding a ! at the beginning of the password hash. This disables login.
-u, --unlockUnlocks the password for the specified account, restoring the previous password.
-n, --mindays MIN_DAYSSets the minimum number of days between password changes. A value of 0 means the user can change their password at any time.
--warndays WARN_DURATIONSets the number of days before password expiration to warn the user. This gives users time to change their password before it becomes invalid.