Generate SSL certificates using openssl

Generate SSL certificates using openssl with a Certificate Signing Request and signing it by a Certificate Authority.

The file ca.key and ca.crt are the Certificate Authority

We will be genrating the .key and .csr (Certificate Signing Request) files from the below command.

[root@node01 ssl]# openssl req -new -sha256 -newkey rsa:2048 -nodes -keyout linuxcent.com.key -days 365 -out linuxcent.com.csr -sha256 -subj "/C=IN/ST=TG/L=My Location/O=Company Ltd./OU=IT/CN=linuxcent.com/subjectAltName=DNS.1=linuxcent.com"

Verify the .csr file that is generated as shown below:

[root@node01 ssl]# openssl req -in linuxcent.com.csr -noout -text
Certificate Request:
Data:
Version: 0 (0x0)
Subject: C=IN, ST=TG, L=MY Location, O=Company Ltd., OU=IT, CN=linuxcent.com/subjectAltName=DNS.1=linuxcent.com
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:00:e4:b4:24:d7:22:ec:5d:c1:37:8c:d1:a0:62:17:
96:24:77:8d:75:4e:d5:74:15:4d:61:e0:8b:66:d6:
                Exponent: 65537 (0x10001)
        Attributes:
            a0:00
    Signature Algorithm: sha256WithRSAEncryption
         87:ef:83:b2:a6:f5:3a:f3:6f:1c:e4:02:ec:bf:5d:75:64:1d:
-- OUTPUT TRUNCATED --

Now we will using the root ca.key and [/code]ca.crt[/code] to digitally sign this .csr and generate a .crt

[root@node01 ssl]# openssl x509 -req -in linuxcent.com.csr -CA ca.crt -CAkey ca.key -CAcreateserial -out linuxcent.com.crt -days 365 -sha256
Signature ok
subject=/C=IN/ST=TG/L=My Location/O=Company Ltd./OU=IT/CN=linuxcent.com/subjectAltName=DNS.1=linuxcent.com

We have generated the .crt file from the .csr

[root@node01 ssl]# ls linuxcent.com.crt linuxcent.com.key 
linuxcent.com.crt linuxcent.com.key

Therefore we have successfully generated the linuxcent.com.key file and linuxcent.com.crt, and digitally self signed with the root CA key and certificates.

Generating Self Signed SSL certificates using openssl

The x509 is the certificate signing utility we will be using here.

We generate the ssl self signed certificate using the following command, request as demonstrated below.

openssl req -x509 -days 365 -sha1 -newkey rsa:2048 -nodes -keyout linuxcent.com.key -out linuxcent.com.crt -sha256 -subj "/C=IN/ST=State/L=My Location/O=Company Ltd./OU=IT/CN=linuxcent.com/subjectAltName=DNS.1=linuxcent.com"

The Days parameter can be specified to any number of days depending on your requirement.

The Self signed certificates are mostly commonly used within the internal network or among small group of familiar individuals like an office for specific purposes and not advised to be used out in the public domain as the browser does not identify the certificate authenticity or the ingenuity of the concerned website. The Self-signed certificates are not validated with any third party until and unless you import them to the browsers previously.

BASH “switch case” in Linux with practical example

The switch case in BASH is more relevant and is widely used among the Linux admins/Devops folks to leverage the power of control flow in shell scripts.

As we have seen the if..elif..else..fi Control Structure: Bash If then Else. The switch case has a stronger case where it really simplifies out the control flow by running the specific block of bash code based on the user selection or the input parameters.

Let’s take a look at the simple Switch case as follows:

OPTION=$1
case $OPTION in
choice1)
Choice1 Statements
;;

choice2)
Choice2 Statements
;;

choiceN)
ChoiceN Statements
;;

*)
echo “User Selected Choice not present”
exit 1

esac

The OPTION is generally read from user input and upon this the specific choice case block is invoked.

Explanation:
In the switch command the control flow is forwarded to case keyword and stops here, it checks for the suitable match to pass over the control to relevant OPTION/CHOICE statement block. Upon the execution of the relevant CHOICE statements the case is exited once the control flow encounters esac keyword at the end.

Using the Pattern match
The control flow in bash identifies the case options and proceeds accordingly.
There can be cases where you can match the Here you might have observed that the user input the regular expression and the logical operators using the | for the input case

#! /bin/bash

echo -en "Enter your logins\nUsername: "
read user_name 
echo -en "Password: "
read user_pass 
while [ -n $user_name -a -n $user_pass ]
do

case $user_name in
    ro*|admin)
        if [ "$user_pass" = "Root" ];
        then
            echo -e "Authentication succeeded \ n You Own this Machine"
	    break
        else
            echo -e "Authentication failure"
            exit
        fi
    ;;
    jenk*)
	if [ "$user_pass" = "Jenkins" ];
	then
		echo "Your home directory is /var/lib/jenkins"
	    	break
	else
        	echo -e "Authentication failure"
	fi
        break
    ;;
    *)
        echo -e "An unexpected error has occurred."
        exit
    ;;
esac

done

You should kindly note that the regex used for the cases at ro*|admin and jenk*

We now have demonstrated by entering the username as jenkins and this will get matched with the jenkins case the control flow successfully enters into relevant block of code, checking the password match or not is not relevant for us as we are only concerned till the case choice selection.
We have named the switch case into a script switch-case.sh and run it, Here are the results.

OUTPUT :

[vamshi@node02 switch-case]$ sh switch-case.sh
Enter your logins
Username: jenkins
Password: Jenkins
Your home directory is /var/lib/jenkins

We have entered the correct password and successfully runs the jenkins case block statements

We shall also see the or ro*|admin case, demonstrated as follows.

[vamshi@node02 switch-case]$ sh switch-case.sh 
Enter your logins
Username: root
Password: Root
Authentication succeeded \ n You Own this Machine

We now test the admin username and see the results.

[vamshi@node02 switch-case]$ sh switch-case.sh 
Enter your logins
Username: admin
Password: Root
Authentication succeeded \ n You Own this Machine

Here is a more advanced script used to deploy a python application using the switch case..
Please refer to the Command line arguments section for user input

A complete functional Bash switch case can be seen at https://github.com/rrskris/python-deployment-script/blob/master/deploy-python.sh

Please feel free to share your experiences in comments.

Control Structure: Bash If then Else

The Bash being a scripting language does tend offer the conditional if else, We shall look at them in the following sections.

Firstly there needs to be a conditional check that has to be performed in order for the corresponding Block of code to be executed.

To break down the semantics of conditional control structures in BASH we need to understand The conditional keyword that performs the validation, the It is represented most commonly as “[“ and very rarely represented as “test” keyword.

It can be better understood by the following demonstration:

vamshi@linux-pc:~/Linux> [ 1 -gt 2 ]
vamshi@linux-pc:~/Linux> echo $?
1
vamshi@linux-pc:~/Linux>
vamshi@linux-pc:~/Linux> [ 1 -lt 2 ]
vamshi@linux-pc:~/Linux> echo $?
0

The [ is synonymous to the command test on the linux kernel.

vamshi.santhapuri@linux-pc:~/Linux> test 1 -gt 2

vamshi.santhapuri@linux-pc:~/Linux> echo $?
1
vamshi.santhapuri@linux-pc:~/Linux> test 1 -lt 2
vamshi.santhapuri@linux-pc:~/Linux> echo $?
0

We Shall now look at the different variations of Conditional controls structures.

  1. if then..fi

    if [ Condition ] ; then
    
    statement1...statementN
    
    fi
  2. if then..else..fi

    if [ Condition ] ; then
    
        If Block statements
    
    ...
    
    else
        else-Block statement
    
    fi
  3. if..then..elif then..elifN then..fi

    if [ Condition ] ; then
    
        If Block statement1
    
    ...
    
    elif [ elif Condition ]; then   # 1st elif Condition
    
        elif Block statement1
    
    
    elif [ elif Condition ]; then    # 2nd elif Condition
    
        elif Block statements
    
    elif [ elif Condition ]; then    # nth elif Condition
    
        elif Block statements
    
    fi

    An else can also be appended accordingly when all the if and elif conditions fail, which we will see in this section .

     

  4. if..then..elif then..elifN then..else..fi

    The “if elif elif else fi” control structure is like multiple test checking control diversion strategy in bash, gives the user the power to write as many test conditions as possible until a test condition is matched leading in the resultant block of code being executed. Writing this multiple elif can be tedious task and the switch case is mostly preferred

    if [ Condition ] ; then
    
        If Block statement
    
    elif [ elif Condition ]; then   # 1st elif Condition
    
        elif Block statement1
    
    elif [ elif Condition ]; then    # nth elif Condition
    
        elif Block statement
    
    ...
    
    else Block statementN # else block while gets control when none of if or elif are true.
    
        else Block statements
    
    fi

    Atleast one of the block statements are executed in this control flow similar to a switch case. The else block here takes the default case when none of the if nor the elif conditions matches up.

  5. Nested if then..fi Control structure Blocks

    Adding to the if..elif..else there is also the nested if block wherein the nested conditions are validated which can be Demonstrated as follows:

    if [ condition ]; then
    
        Main If Block Statements
    
        if [ condition ]; then # 1st inner if condition
    
            1st Inner If-Block statements
    
            if [ condition ]; then # 2nd inner if condition
    
                2nd Inner If-Block statements
              
                if [ condition ]; then 
                    Nth Inner If Block statements 
    
                fi
    
            fi
    
        fi
    
    fi

    This logic of nested ifs are used while dealing with scenarios where the outermost block of statements must be validated before, if the test succeeds then the control flow is passed to the innermost if test statement execution. Thus the name Nested if.

 

Here is the switch case bash script with practical explanation.
We will look at the Exit codes within the BASH in the next sections.

sed – The Stream editor in Linux

The Stream Editor(sed) is a text manipulation program, that takes the input from stdin and from the text files, It writes to the stdout and modifies the input files accordingly. The text manipulation means deleting characters and words; Inserting text into the source file on the fly.
This is a transformation operation and quiet a handy skill to have for someone working in linux shell.

The sed comprises of two operations, The first one is a regex search and match operation and the second one is replace operation accordingly. This combines the greater power of search and replace of text from stdin and from the flat files.
Here is general syntax of sed command is:

# sed [-n] -e 'options/commands' files
# sed [-n] -f sed-scriptfile
# sed -i filename -e 'options/commands'

-e is the edit option used on the cli.
-f to take the sed commands from the scriptfile
-n or –quiet option supresses the output unless specified with -p or -s

We will look at some of the notable options the sed offers.

Some practical usecases, But before that we take at our sample README.txt.

Substitute and Replace with sed:

sed command offers the -s option which is exclusive for search and replace operation also known as search and substitution.

[vamshi@node02 sed]$ echo Welcome to LinuxCent | sed -e 's/e/E/'
WElcome to LinuxCent

This replaces the e to E in the input received and prints to stdout.
We can apply the same to the Text file and achieve the same results.

[vamshi@node02 ~]$ sed -e 's|u|U|' README.txt
centos 	
debian 	
redhat 	
Ubuntu

But the important thins to be noted is that the first occurring pattern match per line is only replaced. In out case only 1 letter per line as the letter u is replaced in ubuntu by U.

Substitute and replace globally using the option -g.

We run the below command stdin input stream as show below:

[vamshi@node02 sed]$ echo Welcome to LinuxCent | sed -e 's/e/E/g'
WElcomE to LinuxCEnt

Running the global option g on the fileinput as shown below.

[vamshi@node02 ~]$ sed -e 's/u/U/g' README.txt
centos 
debian 	
redhat 	
UbUntU 	

Substitute the later occurrences using sed. We search for the 3rd occurrence of letter u and if matched replace it with U.

[vamshi@node02 ~]$ sed -e 's/u/U/3g' README.txt
centos 	
debian 	
redhat 	
ubuntU

In the above case we have seen the lowercase u has been replaced with Uppercase U at the third occurrence.
Now let us append the word to the end of the each line using the below syntax:

[vamshi@node02 ~]$ sed -e 's/$/ Linux/' README.txt
centos Linux
debian Linux
redhat Linux
ubuntu Linux

Adding text to the file data at the beginning of each line and writing to the stdout.

[vamshi@node02 Linux-blog]$ sed -e 's/^/Distro name: /' Distronames.txt 
Distro name: centos Linux
Distro name: debian Linux
Distro name: redhat Linux
Distro name: ubuntu Linux

sed Interactive Editor: How to write the modified sed data into the same text file?

We can use the -i Interactive Editor option in combination with most other sed options, the input file content is directly modified according to the command pattern.
Example Given.

[vamshi@node02 sed]$ sed -e 's/e/E/g' -i intro.txt
[vamshi@node02 sed]$ cat intro.txt
WElcomE to LinuxCEnt

We use the -i option to append some text to a file as demonstrated as follows:

[vamshi@node02 Linux-blog]$ sed -i 's/$/ Linux/' README.txt
[vamshi@node02 Linux-blog]$ cat README.txt 
centos Linux
debian Linux
redhat Linux
ubuntu Linux

Here we append the words Linux to end of the each line
Alternate to -i you can also use the output redirection to write to a new file  as shown below.

[vamshi@node02 ~]$ sed -e 's/$/ Linux/' README.txt > OSnames.txt

Delete Operations with sed

Delete all the lines containing the pattern:

[vamshi@node02 ~]$ sed -e /ubu/d README.txt
centos Linux 
debian Linux 
redhat Linux

Here we matched the word ubuntu and hence have deleted that line from output.

We can use the ! inverse operator with the delete, demonstrated as follows:

[vamshi@node02 Linux-blog]$ sed -e '/ubu/!d' Distronames.txt
ubuntu Linux

Using the Ranges in sed

Extracting only the specific /BEGIN and /END pattern using sed.

[vamshi@node02 Linux-blog]$ cat Distronames.txt | sed -n -e '/^centos/,/^debian/p'
centos Linux	
debian Linux

Substitution of Range of lines

[vamshi@node02 Linux-blog]$ sed -e  '1,3s/u/U/' Distronames.txt
centos LinUx.	
debian LinUx.	
redhat LinUx.	
ubuntu Linux.

Delete the . at the end of each line

[vamshi@node02 Linux-blog]$ sed -e 's/.$//' Distronames.txt

Print only the lines containing the word “hat”

[vamshi@node02 Linux-blog]$ sed -n -e '/hat/p' Distronames.txt 
redhat Linux

Use sed to Match the pattern insert text.
Insert the lines before the matched pattern in file

[vamshi@node02 Linux-blog]$ cat README.txt | sed -e '/centos/i\Distro Names '
Distro Names 
centos
debian
redhat
ubuntu

The above scenario we have inserted the sentence “Distro Names” before the occurrence of the work centos.

[vamshi@node02 Linux-blog]$ cat Distronames.txt | sed -e '1a\------------'
Distro Names 
------------
centos
debian
redhat
ubuntu

The ———— are appended to the text after the 1st line

Signals in Linux; trap command – practical example

The SIGNALS in linux

The signals are the response of the kernel to certain actions generated by the user / by a program or an application and the I/O devices.
The linux trap command gives us a best view to understand the SIGNALS and take advantage of it.
With trap command can be used to respond to certain conditions and invoke the various activities when a shell receives a signal.
The below are the various Signals in linux.

vamshi@linuxcent :~] trap -l
1) SIGHUP 2) SIGINT 3) SIGQUIT 4) SIGILL 5) SIGTRAP
6) SIGABRT 7) SIGBUS 8) SIGFPE 9) SIGKILL 10) SIGUSR1
11) SIGSEGV 12) SIGUSR2 13) SIGPIPE 14) SIGALRM 15) SIGTERM
16) SIGSTKFLT 17) SIGCHLD 18) SIGCONT 19) SIGSTOP 20) SIGTSTP
21) SIGTTIN 22) SIGTTOU 23) SIGURG 24) SIGXCPU 25) SIGXFSZ
26) SIGVTALRM 27) SIGPROF 28) SIGWINCH 29) SIGIO 30) SIGPWR
31) SIGSYS 34) SIGRTMIN 35) SIGRTMIN+1 36) SIGRTMIN+2 37) SIGRTMIN+3
38) SIGRTMIN+4 39) SIGRTMIN+5 40) SIGRTMIN+6 41) SIGRTMIN+7 42) SIGRTMIN+8
43) SIGRTMIN+9 44) SIGRTMIN+10 45) SIGRTMIN+11 46) SIGRTMIN+12 47) SIGRTMIN+13
48) SIGRTMIN+14 49) SIGRTMIN+15 50) SIGRTMAX-14 51) SIGRTMAX-13 52) SIGRTMAX-12
53) SIGRTMAX-11 54) SIGRTMAX-10 55) SIGRTMAX-9 56) SIGRTMAX-8 57) SIGRTMAX-7
58) SIGRTMAX-6 59) SIGRTMAX-5 60) SIGRTMAX-4 61) SIGRTMAX-3 62) SIGRTMAX-2
63) SIGRTMAX-1 64) SIGRTMAX

Lets take a look at some Important SIGNALS and their categorization of them:

Job control Signals: These Signals are used to control the Queuing the waiting process
(18) SIGCONT, (19) SIGSTOP , (20) SIGSTP

Termination Signals: These signals are used to interrupt or terminate a running process
(2) SIGINT , (3) SIGQUIT, (6) SIGABRT,  (9) SIGKILL,  (15) SIGTERM.

Async I/O Signals: These signals are generated when data is available on a Input/Output device or when the kernel services wishes to notify applications about resource availability.
(23) SIGURG,  (29) SIGIO,  (29) SIGPOLL.

Timer Signals: These signals are generated when application wishes to trigger timers alarms.
(14) SIGALRM,  (27) SIGPROF,  (26) SIGVTALRM.

Error reporting Signals: These signals occur when running process or an application code endsup into an exception or a fault.
(1) SIGHUP, (4) SIGILL, (5) SIGTRAP, (7) SIGBUS, (8) SIGFPE,  (13) SIGPIPE,  (11) SIGSEGV, (24) SIGXCPU.

Trap command Syntax:

trap [-] [[ARG] SIGNAL]

ARG is a command to be interpreted and executed when the shell receives the signal(s) SIGNAL.

If no arguments are supplied, trap prints the list of commands associated with each signal.
to unset the trap a – is to be used followed by the [ARG] SIGNAL] which we will demonstrate in the following section.

How to set a trap on linux through the command line?

[vamshi@linuxcent ~]$ trap 'echo -e "You Pressed Ctrl-C"' SIGINT

Now you have successfully setup a trap:>

When ever you press Ctrl-c on your keyboard, the message “You Pressed Ctrl-C” gets printed.

[vamshi@linuxcent ~]$ ^CYou Pressed Ctrl-C
[vamshi@linuxcent ~]$ ^CYou Pressed Ctrl-C
[vamshi@linuxcent ~]$ ^CYou Pressed Ctrl-C

Now type the trap command and you can see the currently set trap details.

[vamshi@node01 ~]$ trap
trap -- 'echo -e "You Pressed Ctrl-C"' SIGINT
trap -- '' SIGTSTP
trap -- '' SIGTTIN
trap -- '' SIGTTOU

To unset the trap all you need to do is to run the following command,

[vamshi@node01 ~]$ trap - 'echo -e "You Pressed Ctrl-C"' SIGINT

The same can be evident from the below output:

[vamshi@node01 ~]$ trap
trap -- '' SIGTSTP
trap -- '' SIGTTIN
trap -- '' SIGTTOU
[vamshi@node01 ~]$ ^C
[vamshi@node01 ~]$ ^C

 

Rename files in linux

The linux mv command has very featureset, It can be used to rename the file(s) and Directory names, also also used to relocate the contents and help better in organizing the files and directories on a linux OS.

Syntax of mv command:

$ mv [OPTIONS] </path/to/Source> </path/to/Destination>

How to rename a single file

The rename operation is linux is done using the mv command

[vamshi@linuxcent mv]$ ls
demo.txt
$ mv demo-today.txt demo-old.txt
[vamshi@linuxcent mv]$ ls
demo-old.txt

Here the file demo-today.txt has been renamed to demo-old.txt

How to move or relocate multiple files and directories at once into a Destination Directory

Out DemoProject Directory contains the following content

[vamshi@node02 DemoProject]$ ls
api LICENSE mvnw mvnw.cmd README.md

We are only interested to move out only selected directories core/ site/ admin/ and the file pom.xml to the target destination /tmp/Demo-test/, We can achieve this using the option -t --target-directory= Option

[vamshi@node02 DemoProject]$ mv -vi core/ site/ admin/ pom.xml -t /tmp/Demo-test/
‘core/’ -> ‘/tmp/Demo-test/core’
‘site/’ -> ‘/tmp/Demo-test/site’
‘admin/’ -> ‘/tmp/Demo-test/admin’
‘pom.xml’ -> ‘/tmp/Demo-test/pom.xml’

As a result we have successfully moved the selected content:

[vamshi@linuxcent DemoProject]$ ls /tmp/Demo-test/
admin core pom.xml site

Renaming multiple files with extensions

Here’s what we will be demonstrating in this tutorial, We will use a combination of tools like cut combining them with a for loop to accomplish our task in an iterative loop.

For simplicity sake let’s consider we have 10 files ending with .txt extension, as seen below

[vamshi@linuxcent ~]$ ls
file10.txt file1.txt file2.txt file3.txt file4.txt file5.txt file6.txt file7.txt file8.txt file9.txt

We will now rename them and append an extension of .txt to all the files as demonstrated below:

[vamshi@node02 source]$ for i in *.txt; do sh -c "mv $i `echo $i| cut -d'.' -f1 `.html" ; done
[vamshi@linuxceent ~]$ ls
file10.html file1.html file2.html file3.html file4.html file5.html file6.html file7.html file8.html file9.html

Using the rename command to rename the file extensions.

The linux rename command takes the arguments

We have here 10 files with .html extension

[vamshi@linuxcent ~]$ rename .html .doc *
[vamshi@linuxcent ~]$ ls
file10.doc file1.doc file2.doc file3.doc file4.doc file5.doc file6.doc file7.doc file8.doc file9.doc

While we also might have many other files in another extension format and we can change thrir extension format in the following method.
Suppose have 3 files with .txt extension as file11.txt file12.txt file13.txt and remaining files with .doc extension, they all can be renamed to .html as per the following format.

[vamshi@linuxcent source]$ ls
file10.doc file11.txt file12.txt file13.txt file1.doc file2.doc file3.doc file4.doc file5.doc file6.doc file7.doc file8.doc file9.doc
[vamshi@linuxcent ~]$ ls
file10.doc file11.txt file12.txt file13.txt file1.doc file2.doc file3.doc file4.doc file5.doc file6.doc file7.doc file8.doc file9.doc
[vamshi@linuxcent ~]$ rename .doc .txt .html *
[vamshi@node02 source]$ ls
file10.html file11.html file12.html file13.html file1.html file2.html file3.html file4.html file5.html file6.html file7.html file8.html file9.html

date command formatting with practical examples in Linux / Unix

Date Command in Linux is very extensive and dynamic, provides very rich date formatting and is greatly customizable for working with scripts which depend on time based invocations.

Linux date command can also be used to set the system date and it requires the root permission.

Lets run date command and examine the output.

[vamshi@node02 log]$ date
Wed Apr 1 13:52:21 UTC 2020

Now lets examine some of the most useful options that comes with the date command.

Firstly date command along with -s or --set option can take for following format to set the new system time and date.

How to set the system date in Linux using date command?

[vamshi@node02 log]$ sudo date -s 'Apr 01 2020 13:52:59 UTC'
Wed Apr 1 13:52:59 UTC 2020

The date can also be setup in shot hand notation as follows,but it is more cryptic

[vamshi@node02 log]$ sudo date 040113522020.50
Wed Apr 1 13:52:50 UTC 2020
$ sudo date mmddHHMMyyyy.SS

The format is month of the Year(mm),day of the month(dd),Hour of the day(HH),minute of the Hour(MM) and the Year(yyyy),and the Seconds of the minute(.SS)
Now, Lets dive deep and get to know the date options and Demonstration practical examples in this tutorial:

Another Important Option is -d or –date=”String” which can display the time described
Lets see some examples as follows:

By running the date command, we get an elaborate time and date format along with the TimeZone information.
To covert the Epoc time to human readable date, we can use date command as follows:

[vamshi@node02 log]$ date -d"@1585749164"
Wed Apr 1 13:52:44 UTC 2020

If you want to get a future date then use:

[vamshi@linuxcent ~]$ date -d "+130 days"
Sun Aug 16 02:07:35 UTC 2020

Date command offers a great flexibility to extract past and future dates as we will show below:

$ date "+ %F" -d “+30 days”
$ date "+ %F" --date “+30 days”

To get the date in history; go back to a date some days ago in Linux

[vamshi@node02 log]$ date -d "17 days ago"
Sun Mar 15 13:52:45 UTC 2020

Here we present some of the more useful Format options:

Date Format Command Explanation Result
date +”%a” Prints the Abbreviated Day of the Week Sat-Sun Wed
date +”%A” Prints the Day of the Week Saturday-Sunday Wednesday
date +”%b” Prints Abbreviated Month Jan-Dec Apr
date +”%B” Print un-abbreviated month January-December April
date +”%c” Prints Full Current Date and time format Wed Apr 1 13:52:43 UTC 2020
date +”%D” Prints dd/mm/yy date format 04/01/2020
date +”%d” Prints day of the month (01-31) 01
date +”%D” Prints Date in MM/DD/YY 04/01/20
date +”%e” Prints the Day of the month 01
date +”%F” Prints only the Full date as YYYY-MM-DD 2020-04-01
date +”%H” Prints the hour 00-23 13
date +”%I” Prints the hour in 00-12 01
date +”%j” Prints Julian day of the Year(001-366) 092
date +”%M” Prints the Minute of the hour 00-59 52
date +”%m” Prints the month of the year 01-12 04
date +”%n” Prints the newline character Newline/Empty line
date +”%N” Prints the nanoseconds counts 036416306
date +”%P” Prints AM/PM in the day PM
date +”%r” Get only time in AM/PM notation 13:52:43 PM
date +”%S” Get the current seconds count in the minute (00-60) 43
date +”%s” Get the number of seconds since 1st January 1970 (Epoch time) 1585749164
date +”%T” Time in 24 Hour format HH:MM:YY 13:52:43
date +”%u” Get  current day of the week
1-7
3 for Wednesday
date +”%U” Get the current week of the Year considering Sunday as first week 13
date +”%V” Get the current week of the Year considering Monday as first week 14
date +”%y” or date +”%g” Prints only the last two digits of Year 20
Date +“%Y” or date +”%F” Prints Year in YYYY format 2020
Date +“%z” Prints the current Timezone difference from UTC 00 – for UTC
date +”%Z” Prints Alphabetic time zone abbreviation UTC

 

How to write the current system time to the Machine’s hardware clock ?

The command hwclock can do that for us.
[/code] # sudo hwclock [OPTIONS][/code]

Lets see a practical example where our Hardware clock was 1 hour and 13 mins behind the actual system time .

[vamshi@node02 ~]$ sudo hwclock
Wed 01 Apr 2020 07:35:05 AM UTC -0.454139 seconds
[vamshi@node02 ~]$ date
Wed Apr 01 08:43:13 UTC 2020

Setting the hardware clock time to system time with option -w or --systohc as seen below.

[vamshi@node02 ~]$ sudo hwclock -w

Confirm it with hwclock command as follows:

[vamshi@node02 ~]$ sudo hwclock
Wed 01 Apr 2020 08:44:05 AM UTC -0.538163 seconds

Most of the times the hardware clock will be out of sync with the system time and its a good practice to set the hardware clock in sync and comes in real handy during the system reboots.

Setting hostname in Linux

In the systemd Environment there has been an architectural change and the systemd daemon controlling all the essential processes

root 1 0 0 Apr15 ? 00:00:12 /usr/lib/systemd/systemd --switched-root --system --deserialize 32

We can make use of the hostnamectl command to immediately reflect the system hostname change.


Command to get the current hostname on Linux:

[vamshi@server02 ~]$ sudo hostnamectl 
   Static hostname: server02.linuxcent.com
   Pretty hostname: SERVER02
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 2338f55840d640689fc5ac4b356b160c
           Boot ID: 418256281d2f4e11822809dde7c1b09e
    Virtualization: kvm
  Operating System: CentOS Linux 7 (Core)
       CPE OS Name: cpe:/o:centos:centos:7
            Kernel: Linux 3.10.0-1062.18.1.el7.x86_64
      Architecture: x86-64

As you can see the current hostname is set to SERVER02

The file /etc/hostname also used to have the same effect but on the cloud systems this is dynamically generated and doesn’t hold true on cloud and tends to get overwritten after reboot.
On the general DataCenter or PC environment we can use the static files to populate the hostnames and make them permanent:

$ cat /etc/sysconfig/network
HOSTNAME=node2.linuxcent.com

But only /etc/hostname file is given importance since the systemd version and updating this ensures persistence.

$ cat /etc/hostname 
node02.linuxcent.com

 

Process to set or change the hostname in Linux Commandline:

The systemd provides a sophisticated command hostnamectl to set the hostname, It will also update the static file /etc/hostname and ensure the changes are permanent across reboots.

$ sudo hostnamectl set-hostname node02.Linuxcent

To get the hostname along with FQDN

[vamshi@server02 ~]$ hostname --fqdn
node02.linuxcent.com
[vamshi@node02 ~]$ sudo hostnamectl status 
   Static hostname: node02.linuxcent.com
         Icon name: computer-vm
           Chassis: vm
        Machine ID: 2338f55840d640689fc5ac4b356b160c
           Boot ID: 33619e39ea4c4900bd848e13d2a6239e
    Virtualization: kvm
  Operating System: CentOS Linux 7 (Core)
       CPE OS Name: cpe:/o:centos:centos:7
            Kernel: Linux 3.10.0-1062.18.1.el7.x86_64
      Architecture: x86-64

Changing hostname is ubuntu and Debian systems can be done through hostnamectl command

vamshi@debian:~$ hostnamectl 
Static hostname: debian
Icon name: computer-vm
Chassis: vm
Machine ID: b4adcdb84c724856b577524ebbfa0003
Boot ID: 67e1bf27946a4770b8e939f2420d06fd
Virtualization: oracle
Operating System: Debian GNU/Linux 10 (buster)
Kernel: Linux 4.19.0-5-amd64
Architecture: x86-64

How to Shutdown or Reboot a remote Linux Host from commandline

The Shutdown process in a Linux system is an intelligent chain process where in the system ensures the dependent process have successfully terminated.

TL;DR:

Difference between the Halt and Poweroff in Linux?
What is a Cold Shutdown and Warm Shutdown?
Linux System System Halt : The Halt process instructs the hardware to Stop the functioning of the CPU. Can be referred as a Warm Shutdown.
Linux System Poweroff/Shutdown : The Poweroff function sends the ACPI(Advanced Configuration and Power Interface) to power down the system. Can be referred as a Cold Shutdown.

As you may be aware the Linux runtime environment is a duo combination of processes running in User space and the Kernel space, All the major system activities and resources are initiated and governed and terminated by Kernel space.
So we got the Kernel space and the User space, The kernel space is where all the reseurce related processes run, which follows a finite behaviour, and the the userspace where the processes are dependent on the user actions, most of the userspace programs depend on the kernel space and make a context switch to get the CPU scheduling and such..
So, In the sequence of Shutdown on a linux machine, the userspace processes are first terminated in a systematic fashion through the scripts triggered by the core systemd processes which ensures clean exit and termination all the processes.

The Linux system provides us quite a few commands to enforce fast shutdown or a graceful shutdown of the operating system, each having their own consequences.

Firstly the init or the systemd which is the pid 1 process is what controls the runlevel of the system and it determines which processes are launched and running in that runlevel

The init is a powerful command which executes the runlevel it is told to.
Here the init 0 proceeds to Power-off the machine

$ sudo init 0

Here the init 6 proceeds to Reboot the machine

$ sudo init 6

These commands are real quick as it triggers the kernel space shutdown invocation process.. most often resulting in unclean termination of processes resulting system recovery and journaling while booting.

The following commands Shutdown the machine in seconds after issuing the command But tend to follow the kill sequence and clean exit of the processed.

$ sudo shutdown
$ sudo poweroff
$ sudo systemctl poweroff

Prints a wall message to all users.
All the processes are killed and the volumes are unmounted or converted to be in Read-Only mode while system power off is in progress.
Puts the system into a complete poweroff mode cutting out power supply to the machine completely.

$ sudo halt
$ sudo systemctl halt

Prints a message of “System halted” and Puts the machine in halt mode
If the --force or -f when specified twice the operation is immediately executed without terminating any processes or unmounting any file systems and resulting in data loss

The servers can only be brought back online through physical poweron or Remote Power manager console such as IPMI or ILOM.

To reboot or [/code]systemctl kexec[/code] will to restart the operating system which is one power cycle or equivalent of shutdown followed by the startup.

$ sudo reboot

$ sudo systemctl kexec

$ sudo systemctl reboot

If the --force or -f when specified twice the operation is immediately executed without terminating any processes or unmounting any file systems and resulting in data loss

 

It is important to understand that the commands are all softlinks to systemctl shutdown command. and ensure in proper shutdown sequence process

[vamshi@linuxcent cp-command]$ ls -l /usr/sbin/halt
lrwxrwxrwx. 1 root root 16 Jan 13 14:41 /usr/sbin/halt -> ../bin/systemctl
[vamshi@linuxcent cp-command]$ ls -l /usr/sbin/reboot
lrwxrwxrwx. 1 root root 16 Jan 13 14:41 /usr/sbin/reboot -> ../bin/systemctl
[vamshi@linuxcent cp-command]$ ls -l /usr/sbin/poweroff
lrwxrwxrwx. 1 root root 16 Jan 13 14:41 /usr/sbin/poweroff -> ../bin/systemctl

It is important to observe that all the commands are softlink to the systemctl process, When issuing a shutdown or reboot

The best practice to poweroff the system by enabling broadcast the notification message to all the users connected actively either through the Pseudo remote connection terminal or TTY terminals, Demonstrated as follows:

$ sudo systemctl poweroff

# this writes an entry into the journal, the wtmp and broadcasts the shutdown message to all the users connected through PTS and TTY terminals

What is the difference between systemctl poweroff and systemctl halt ?

The Linux System when put to a Halt state, stops the all the applications and ensures they’re safely exited, filesystems and volumes are unmounted and it is taken into a halted state where in the power connection is still active. And Can only be brought  online with a power reset effectively with a simple reset.
The Halt process instructs the hardware to Stop the functioning of the CPU.
Commonly can be referred as a Warm Shutdown.

Below is the screenshot to demonstrate the same
systemctl halt command in linux

The Poweroff function sends the ACPI(Advanced Configuration and Power Interface) to power down the system.
The Linux System when put to a Poweroff state it becomes completely offline following the systematical clean termination of processes.. and power input is cut off to the external peripherals, which is also sometimes called as cold shutdown, and the startup cold start.
Commonly can be referred to as a Cold Shutdown.

If you found the article worth your time, Please share your inputs in the comments section and share your experiences with shutdown and reboot issues

How to create user account in Linux

The Linux system provides a couple of command line utilities to create new users on the system

As we are aware, the Linux login has the essential fields listed as follows:

  • A unique system wide username,
  • A Strong password,
  • The home directory and
  • A login shell.

These are the mandatory fields to enable account creation.

The other fields are the UID and GID numbers associated with User an Group name numerical IDs which will be generated sequentially allocated by the Linux Kernel

We can do a broad categorization of login accounts into 2 types, those are the Privileged and the normal user.

The Absolute Privileged account is root which comes by default in all the linux machines.

The normal account can be enabled with root Privileged by assigning user to certain groups and providing elevated access in the scope.

What is the Process to create a User account in Linux?

The user creation has to be done with root privileges using useradd command.

$ sudo useradd newuser

Now it’s time to enter the password

$ sudo passwd newuser

How to check if the userid is present and active on the system?

The new user details will be updated to /etc/passwd file and the login information updated to /etc/shadow

Now let’s check if the user account is created and has a valid shell

vamshi@node03:/$ grep vamshi /etc/passwd

vamshi:x:1001:1001::/home/vamshi:/bin/bash

How to Add the user to new groups in Linux?

Usermod command line linux utility enables to add user to groups and the ability to add an existing user to new groups additionally or overwrite the group membership

$ usermod -aG dockerroot wheel vamshi

The option -a: appends the user to two new groups called dockerroot and wheel with out overwriting the existing user assigned groups, violating this option will restrict the newuser to be part of only the mentioned groups in the command

How to check and verify if the user is a member of group in Linux?

[vamshi@node02 Linux-blog]$ id vamshi
uid=1001(vamshi) gid=1001(vamshi) groups=1001(vamshi),0(root),10(wheel),992(dockerroot)

How to Verify the Login Confirmation in Linux?

From the root user account run the command: su - newuser to check the new login account environment.

How to find the group names assigned to the user

The user can list of his active membership groups by running the linux command groups

The user can run the groups command to list the groups with active membership

[vamshi@linuxcent ~]$ groups
vamshi root wheel dockerroot

Login to the server remotely using SSH

You may now use the ssh command to login with the new username and enter your password at login prompt.

$ ssh vamshi@linuxcent.com

How to connect to server with SSH running on non-standard port like 2202?

[vamshi@linuxcent ~]$ ssh localhost -p 2202
Last login: Mon Mar 13 17:57:56 2020 from 10.100.0.1

How to create a useraccount in Linux using useradd command?

The usercreation can also be done with parametrized command as demonstrated below:

$ sudo useradd vamshi -b /home/ -m -s /bin/bash

Alternatively you can be more elaborate as mentioned below:

$ sudo useradd vamshi -c "Vamshi's user account" -d /home/vamshi -m -s /bin/bash -G dockerroot

The useradd command-utility options describes as follows:

-b or --base-dir : base directory of new user home directory.

-c or --comment : Description about the user Or as A Standard Practice can be used to Mention the Current User’s Full name.

-d or --home-dir : create the user’s home directory

-m or --create-home :  create the user’s home directory as per -d option.

-s or --shell : Type of Login Shell.

-u or --uid : is the Unique UID on linux machine

-G or --groups : list of secondary groups to be assigned

-k or --skel : determines the default parameters if no options are passed while account creation. Present at /etc/default/useradd

With the skel properties finely tunes, you can proceed to use adduser command which is based on the default skel behavior as shown below:

$ sudo adduser vamshi

How to using the SSH key pair to login:
Use the -i followed by the /path/to/id_rsa private key file

$ ssh -i ~/.ssh/id_rsa vamshi@linuxcent.com
$ ssh -i ~/.ssh/id_rsa -l linuxcent.com

-l : using the login name

-i : is the identity file; rsa the private key file

 

Troubleshooting the SSH connection in Verbose mode printing Debug information

Using -v option with the ssh command will print the debug information while logging

The verbosity levels -v can be concatenated from one to Nine; eg -v to -vvvvvvvvv

$ ssh -i ~/.ssh/id_rsa vamshi@linuxcent.com -vvvvvvvvv

Linux Copy File Command for Files and Directories – cp Command Examples

Linux copy files command: cp is generally used for organizing the data on the Linux operating system, It copies the files and directories.

We shall take a deeper look at Linux cp command-utility in the section

In order to copy files and directories, you must have read permissions on the source file(s) and write permissions on the destination directory

How do I copy files under Linux operating systems?

How do I make a 2nd copy of a file on a Linux bash shell?

How can I copies files and directories on a Linux

Linux Copy File command Syntax

cp sourcefile destinationfile
cp sourcefile DESTDIR
cp sourcefile1 sourcefile2 DESTDIR
cp [OPTION] SOURCE DESTFILE
cp [OPTION] SOURCE DESTDIR

How to Copy a Directory if the destination does not exist?

To achieve this we can make use of the following cp command options -R or -r: Copy directories recursively.

Linux cp command Syntax with -R option:

cp -R SOURCE DESTINATION

If the destination doesn’t exist, it will be created.

It can also be used to Copy the contents Recursively

Lets see the demonstration as follows:

[vamshi@linuxcent ]$ cp -R dir1/ dir1-copy
[vamshi@linuxcent ]$ ls -l 
total 0
drwxrwxr-x. 2 vamshi vamshi 6 Apr 11 06:35 dir1
drwxrwxr-x. 2 vamshi vamshi 6 Apr 11 06:37 dir1-Recursive

Using the verbose Option -v to print the copy activity information onto the output screen.

Let’s use the -v flag to print the verbose information onto the screen.

How to Preserve the Source file and Directory permission?

Linux Copy command Syntax with -p option:

-p option preserves the mode, ownership and timestamps from the source to the destination

cp -p file1 file1-copy

Lets us see the Demonstration as Below

[vamshi@node02 cp-command]$ cp -Rp dir1/ dir1-copy
[vamshi@node02 cp-command]$ ls -ld dir1*
drwxrwxr-x. 2 vamshi vamshi 6 Apr 11 06:35 dir1
drwxrwxr-x. 2 vamshi vamshi 6 Apr 11 06:35 dir1-copy
drwxrwxr-x. 2 vamshi vamshi 6 Apr 11 06:37 dir1-Recursive

From the out we can conclude the the Linux copy command with -p Option preserves the original timestamps information and copies it to the destination

Linux cp command with Force copy -f Option, It forcefully overwrites the destination content
Sample Syntax:

cp -f file1 file1-copy

How to Copy Multiple files at once ?

Asterisk / wildcard (*) character is used to copy files multiple files with same pattern.

[vamshi@linuxcent ]$ cp -varpf file* DEST/
‘file10.txt’ -> ‘DEST/file10.txt’
‘file1.txt’ -> ‘DEST/file1.txt’
‘file2.txt’ -> ‘DEST/file2.txt’
‘file3.txt’ -> ‘DEST/file3.txt’
‘file4.txt’ -> ‘DEST/file4.txt’
‘file5.txt’ -> ‘DEST/file5.txt’
‘file6.txt’ -> ‘DEST/file6.txt’
‘file7.txt’ -> ‘DEST/file7.txt’
‘file8.txt’ -> ‘DEST/file8.txt’
‘file9.txt’ -> ‘DEST/file9.txt’

The options -p or -d enables preserving the links and can be used in conjunction with -R option to copy contents Recursively from the source directory.

How to Copy Files and Folders on Linux Using the cp Command recursively to Destination Directory

How to preserve the links with cp command?

Using the Options -p preserves the links and -r Option copies the content recussively same as -R Option and -v prints the verbose information

[vamshi@node02 Linux-blog]$ cp -varpf Redhat-Distro/ /tmp/DEST
‘Redhat-Distro/’ -> ‘/tmp/DEST’
‘Redhat-Distro/Fedora’ -> ‘/tmp/DEST/Fedora’
‘Redhat-Distro/Fedora/fedora.txt’ -> ‘/tmp/DEST/Fedora/fedora.txt’
‘Redhat-Distro/Centos’ -> ‘/tmp/DEST/Centos’
‘Redhat-Distro/Centos/centos.txt’ -> ‘/tmp/DEST/Centos/centos.txt’
‘Redhat-Distro/Centos/CentOS-versions’ -> ‘/tmp/DEST/Centos/CentOS-versions’
‘Redhat-Distro/Centos/CentOS-versions/centos7.txt’ -> ‘/tmp/DEST/Centos/CentOS-versions/centos7.txt’
‘Redhat-Distro/Centos/CentOS-versions/centos6.1.txt’ -> ‘/tmp/DEST/Centos/CentOS-versions/centos6.1.txt’
‘Redhat-Distro/Centos/README-CentOS’ -> ‘/tmp/DEST/Centos/README-CentOS’
‘Redhat-Distro/README-Redhat-Distro’ -> ‘/tmp/DEST/README-Redhat-Distro’
‘Redhat-Distro/RHEL-Versions’ -> ‘/tmp/DEST/RHEL-Versions’
‘Redhat-Distro/RHEL-Versions/redhat5.txt’ -> ‘/tmp/DEST/RHEL-Versions/redhat5.txt’
‘Redhat-Distro/RHEL-Versions/redhat8.txt’ -> ‘/tmp/DEST/RHEL-Versions/redhat8.txt’
‘Redhat-Distro/redhat.txt’ -> ‘/tmp/DEST/redhat.txt’

How to make a symbolic link with Linux cp command to files ?

As we know that ln command us useful to create symboic links, But the Linux copy command Syntax can do that to files with -s Option which creates Symbolic links:

cp -s SOURCE DESTINATION

Linux copy command Syntax with Softlink with Demonstration:

[vamshi@linuxcent ~]$ ls -l total 0
-rw-rw-r--. 1 vamshi vamshi 0 Apr 11 06:39 file1.txt

lrwxrwxrwx. 1 vamshi vamshi 9 Apr 11 06:39 file2.txt -> file1.txt

Linux cp command with interactive prompt using -i option

Sample Syntax:

cp -i file1 file1-copy

Also you can make it a best practice to setup alias alias for cp command.
The best practice is enable options -av

cp -av SOURCE DESTINATION
export cp="cp -av"

How can i copy the hidden files ?

To Copy the hidden files we can use cp command with -a option,lets us see in a practical example.

$ cp -av source/ destination/
‘source/.config1’ -> ‘destination/source/.config1’
‘source/.config2’ -> ‘destination/source/.config2’
‘source/.config3’ -> ‘destination/source/.config3’

Generally the hidden files in Linux are prefixed with a dot . So we can also use the wildcard character *, and copy them, below is another pracctical example

[vamshi@linuxcent cp-command]$ cp -av source/.conf* destination/
‘source/.config1’ -> ‘destination/.config1’
‘source/.config2’ -> ‘destination/.config2’
‘source/.config3’ -> ‘destination/.config3’

How to Copy a File from One Location to Another With a Different Name on Linux Using the cp Command

Assuming we have a couple of users on our linux server called Alice and Bob

[alice@linuxcent ~]$ sudo cp -avrpf /home/alice/djangoproject1/ /home/bob/
‘djangoproject1/’ -> ‘/home/bob/djangoproject1’
‘djangoproject1/__init__.py’ -> ‘/home/bob/djangoproject1/__init__.py’
‘djangoproject1/asgi.py’ -> ‘/home/bob/djangoproject1/asgi.py’
‘djangoproject1/settings.py’ -> ‘/home/bob/djangoproject1/settings.py’
‘djangoproject1/urls.py’ -> ‘/home/bob/djangoproject1/urls.py’
‘djangoproject1/wsgi.py’ -> ‘/home/bob/djangoproject1/wsgi.py’
‘djangoproject1/__pycache__’ -> ‘/home/bob/djangoproject1/__pycache__’
‘djangoproject1/__pycache__/__init__.cpython-36.pyc’ -> ‘/home/bob/djangoproject1/__pycache__/__init__.cpython-36.pyc’
‘djangoproject1/__pycache__/settings.cpython-36.pyc’ -> ‘/home/bob/djangoproject1/__pycache__/settings.cpython-36.pyc’

How to backup files using cp command?

The linux cp command offer the option --backup to backup the data files, below is the command.

cp --backup source destination