Quick & Dirty: How do I get Linux?

Someone recently asked me how they can get Linux, install it on something, and start learning how to use it. It's actually not that difficult to do these days. Here is the high-level view of what is going on:

Download a free CentOS Linux installation ISO file from here:
https://mirror.umd.edu/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-1804.iso

Save the file to your Windows Desktop or laptop.

Download Oracle VirtualBox from here: https://www.virtualbox.org/wiki/Downloads

Install VirtualBox on your Windows PC or laptop, following the instructions from their website. There's also a Mac version if you play like that. Once VirtualBox is installed, go back to your download directory and double-click on the Extension Pack to install it. You now have a free virtualization platform on your Windows machine! In the VirtualBox application, you can create a new Virtual Machine, which will run on your computer, and look/act like a real system. You can then install Linux using the ISO image file you downloaded earlier. 

Instructions (with pictures) for installing CentOS 7 are available all over the internet. However, I think the person who blogs on this particular site, has done a very good write-up (with pictures):
https://www.server-world.info/en/note?os=CentOS_7&p=install
The site also has many tutorials for installing and configuring many different things on Linux.

Go to Google, type in "Linux for beginners" and hit enter. There are tons of free online resources to learn more about Linux!

Check SUID/SGID program Audit rules

Here's an interesting BASH script that checks that all SUID/SGID files have a corresponding audit rule. Useful if you work in an environment where you are required to periodically perform this check, and like all good (lazy) sysadmins, wish you had a script to automate this task...

#!/bin/bash

for i in `lsblk --output MOUNTPOINT | grep /`
do 
 for j in `find ${i} -xdev -type f \( -perm -4000 -o -perm -2000 \)`
 do
   if [ "$(grep -c ${j} /etc/audit/audit.rules)" -ge 1 ]; then
    # If there is a rule...do nothing?
    echo "" > /dev/null
   else
    echo "suid/sgid program ${j} - NO audit rule!"
   fi
 done
done

exit 0

 

Display the contents of a config file without commented out or blank lines

"Hi Pete! Is there a way that I can easily display the contents of a Linux config file, without showing all the commented out lines, and all the blank lines?"

This is easy to do with sed. Keep this one-line-command in your notes:


sed -e '/^ *#/d' -e '/^$/d' /etc/httpd/conf/httpd.conf
 
We're telling the sed command to display a file to STDOUT after performing
two edits (-e) on the output stream. The first one deletes all lines that
start with a pound sign (#), and the second edit deletes all blank lines. 
These deletes are not changes to the file itself! All that is changed is
the data sent to STDOUT. 
 

Installed RPM inventory

"I need a list of all installed RPMs on my CentOS server. But I want it as a CSV file (comma separated values). How can I do this in BASH?"

Here's the command  (all on one line) that will produce the output that you want:

rpm -qa --qf "\"$(uname -n)\",\"%{name}\",\"%{version}-%{release}\",\"%{vendor}\",\"%{license}\",\"%{summary}\"\n" > /tmp/software-list.csv

Now you can scp the file to your laptop, then open the file using MS-Excel (or your favorite spreadsheet program). It's been my experience that the vast majority of corporate laptop images are a version of Microsoft Windows. The only company I have ever worked for where this was not the case was Red Hat Inc. 

A script to update a CentOS7 YUM Repository

Here's a BASH script to use to update a CentOS7 YUM Repository:

#!/bin/bash
# A script to update a CentOS7 Yum Repository

REPOS=(base updates extras)

for REPO in ${REPOS[@]}
do
    echo "Updating repository: ${REPO} "
    /usr/bin/reposync --repoid=${REPO} --download_path=/repo -g -n -l -m

    if [ -e /repo/${REPO}/comps.xml ]; then
        /usr/bin/createrepo -v -g /repo/${REPO}/comps.xml /repo/${REPO}/
    else
        /usr/bin/createrepo -v /repo/${REPO}/
    fi
done

chown -R apache:apache /repo/*
restorecon -Rv /repo/*

exit 0