Useful stuff for new linux users

Brought to you by The NoMad Project

Most FAQ's are like.. "this is how you pull your zipper down."

These pages are about the things you want to know how to do when your pants are already around your ankles. Nothing you find here will be very in depth, but I think you will find some useful information.


A Little History

I installed Linux a while back and I vivadly remember asking everyone tons of questions. I'm sure I've aggravated more than one person in my time. It used to annoy me that one of my best friends (a CS major) could rattle off the directory of a file he edited a year ago and I couldn't remember a command I used the day before. Anyways, I've learned a lot, but I don't have a very good memory for stuff I don't use very often. That's why I started to write stuff down so I could refer to it later.

Nowadays, Linux is becoming more popular. More and more people are installing Linux and asking the veterans questions. No offense to you, but we can't get anything done. :) So I've decided to take some time out and put some of what I've learned on the web. There will also be a text version available soon.


What you need to know

To keep you from getting confused about what you need to type and what is just a side comment. These pages are arranged in the following manner.
Descriptions
Long Explanations
Plain Text
Short Explanations Blue Text
Commands
Output
Bold Text
Command Comments Green Text
Warnings
Important Comments
Red Text

Catagories

How to make a boot and/or root disk
File Permissions
Kernel
Mounting
Floppy issues
Tar
Windows install killed Lilo.. how do I recover my good OS?
XDM
X-windows Customization (.xinitrc,.fvwmrc)
Suid explained (set uid files)
PERL
Security

Anything else


Boot and Root disks

The first step to installing Linux is making your boot and root disks. Most of the time this is a pretty simple process. You can find what are called disk images when you download whatever Linux distribution it is that you decide on. For example the most popular Slackware boot disks are bare.i and net.i. You can also download a utility calles rawrite.exe. Rawrite.exe is a DOS application that lets you write and image to a disk. It's kinda ironic that you use a DOS utility to make a Linux boot disk. Anyways, it works like this:

Insert a disk first.
rawrite image.i a:

You do this for both your boot and root disks.


Suid

Suid stands for set user id. When you execute a suid file Linux will execute it as if you were the owner of the file. For instance:

-rws--x--x   1 root     root       151744 Jun  3 23:40 xterm*

Files can be spotted as suid files by the "s" in the permissions. Xterm will run as root (the owner) giving that process all of the permissions that go along with root access. Suid root files are where many of today's security holes stem from.

To find all of the suid files on your system you can use the following command line:
find / -perm -4000 -print > outputfile


File Permissions

Every file, directory, link, device, etc. in Linux has what are called file permissions. These permissios determine who is allowed to read, write, and/or execute any particular file.

Why are there file permissions?
There are two main reasons for file permissions. Privacy and Security. If you are a user that keeps company information in your account, you don't want a user from a competitor to read those files. As a security issue, the system administrator doesn't like the possibilty of everyone being able to edit important system dependant files.

Let's say you do an ls -lag on a directory and get the following back:

-rwxr-xr-x   1 dopheide users         348 Jun 22 15:04 list.pl*
-rw-r--r--   1 dopheide users        6982 Jul  1 17:54 newsetup.sh
drwxr-xr-x   2 dopheide users        1024 Jul  1 18:18 packages/

The first ten characters are your file permissions. The first character is usually a "-" indicated that this is a regular file. The most notable exceptions are: "d" which stands for "directory" and "l" which stands for "link."

The next nine characters should be divided into 3 sets of 3 characters. The first set detemines the permissions of the owner of the file, in this case dopheide. The "r" stand for "read," the "w" for "write," and the "x" for execute. The second set is the permissions for everyone in the group indicated (users in the cases above). The final set of three determine the permissions for everyone else.

Changing File Permissions
Many times you will need to change the file permissions. Perhaps to give someone else access to execute a file. To do this you need to use the "chmod" command. There are really two ways to chmod a file... one involves letters, +'s, and -'s which I think is way to confusing. The other way, (explained here) uses numbers. We assign each type of permission (r, w, and x) different numeric values.

r = 4
w = 2
x = 1

All we need to do now is some simple math. For each of the three sets (user, group, and other) we just add up the permissions we want to give. For instance, if you want to give read and execute permissions, that would be 4 + 1 = 5. Now you have 3 numbers, separately they indicate the permissions for the owner, group, and everyone else respectively. To change the file permissions you need to sm ash these three numbers together into one three digit number. For example, rwxr-xr-x is the same as 755 (very popular by the way). Now that you have the three digit number all you have to do is:

chmod 755 filename
--x =  1
-w- =  2
-wx =  3
r-- =  4
r-x =  5
rw- =  6
rwx =  7

If you are root you can also chown and chgrp, but I'll let you look those up in the man pages. (man chown or man chgrp)

Sometimes (usually very seldom) you will want to make a suid file. This is done by adding a "6" to the front of your number.

chmod 6755 filename


Kernel

Your kernel is basically the instructions that Linux goes by when it boots up. Many times when you ask people how to fix a problem they'll say... "Well, you need to compile support into your kernel." The "support" they're talking about can be added during the configuration stage of compiling your kernel.

Compiling a Kernel
cd /usr/src/linux
make config
make dep ; make clean ; make zImage
cd /usr/src/linux-2.0.0/arch/i386/boot/
cp zImage /
cd /
cp zImage vmlinuz
cp /usr/src/linux/System.map /boot/System.map
lilo
There are many other ways to make a configuration (such as make menuconfig), but I'm the most familiar with the old text-based method.
Make a backup of vmlinuz first
You only need to run lilo if you use lilo.


Floppy Issues

Making a linux floppy
fdformat /dev/fd0u1440 mkfs -t ext2 /dev/fd0u1440 1440

Trying to save a floppy (for when you get read errors and such)
dd if=/dev/fd0 of=filename
"if" stands for "input file" which, in this case, is the entire floppy. "of" stands for "output file" which will be created. Just use less or more to look through the output file. If you're lucky you might recover some information.


Tar

Untarring:
For tarred and gzipped files...
tar -xvzf file.tar.gz
or
For just tarred files...
tar -xvf file.tar

Tarring:

To tar files...
tar -cf bob.tar
tar -rf bob.tar files_to_include
or
To tar and gzip files at the same time...
tar -cvzf bob.tar.gz files_to_include


Mounting

Let's say you have a drive or a floppy that you would really like access to while you are in Linux. Not a problem. Just mount it. Most of the time the following command line will work:

mount /dev/devicename /mountpoint

Devicenames are explained alittle bit here. The mountpoint is simply the directory that you want the device to appear at. Most of the time this is /mnt. Hence, if you mount /dev/fd0 /mnt and you cd /mnt you will see all of the stuff that is on your floppy disk.


Windows install killed LILO

Well that's just a shame. Go get your boot disk that you used when you installed Linux. Now boot with the disk. When you get to the boot: prompt type this:

mount root=/dev/hd?? "hd??" should be replaced by your root Linux partition

Now your machine should start up normally. Login as root and run lilo. Take the disk out and reboot.


Security

I'm just going to go over a few basic ideas here... mostly you'll want to look at the documents I refer you to.

You should know by now that root (UID 0) can do anything it wants. It can read other people's mail, steal industrial secrets, and/or delete your entire filesystem. There are many aspects of security; but, in most cases, an intruder's main goal is to optatin root access. Once they're root, they can go about their business and do whatever they please.

One small thing you might want to do is make a securetty file in /etc. This file lists all of the places that root is allowed to login on. For instance, my securetty file looks like this:

/etc/securetty

console
tty1
tty2
tty3
tty4
tty5
tty6

This means that root is only going to be logging in if they are sitting at the computer. What this does is keeps people from trying to login as root remotely. However, they can still login as a different user and su to root. This turns securetty into protection against futhur attacks from stupid individuals. Someone may hack root on your machine from the inside using an exploit that you hadn't fixed yet and a user account with a bad password. Then they make an entry in your /etc/passwd, giving themselves a phony account with UID 0 (effectively root). They think, "Well, now I can just login with root priviledges whenever I want." You get around to fixing the exploit and lucky for you, your user changes their password like all good users should. The stupid intruder tries to login with they're phony root account. Sorry... ain't gonna happen mister! Of course, this gets logged and there ain't a damn thing the intruder can do about it because they don't have root access to change the logs anymore. Too bad for them.

That scenerio doesn't happen very often though.. most hackers (that aren't just getting started) won't make a stupid mistake like that. Now let's suppose they got a bit smarter and made a root shell instead. Not a problem. Occasionally you should just use this command:

find / -perm -4000 -print > outputfile

This will list all of the suid files on your system and put them in the outputfile for easy browsing. Not only can you use this to spot root shells, but you can go through each of these files and determine if it really NEEDS the suid bit.

That's about as detailed as I'm going to get for now... which isn't much I know. However, there's no point in repeating stuff that's already been said before so here's what you'll want to look at.

Practical UNIX Security This web page was created for a workshop I attended at UIUC. The workshop was hosted by the sysadmin of the UIUC student cluster and someone from Argus Systems.

Improve your security by breaking into your own machine. This was written by the creators of SATAN (the security tool).

BUGTRAQ archives Yes.. you will learn to love and respect BUGTRAQ. :)


\X\ /X/
 \X|X/
  )X(-----------------------X-windows---------------------------------------
 /X|X\
/X/ \X\

There isn't really any point to this little divider. I just wanted to show off my artistic talent. :)


XDM

XDM allows you to have a nice little X-windows login screen that pops up after bootup. Personally, I don't think its a very good idea. I used to do it, but whenever something goes wrong it's harder to fix things when you have to disable xdm first. I'm not going to go into tons of detail, but this is what you need to do.

The following are some files that you need to change:

Change to runlevel 4 in /etc/inittab
change:

id:3:initdefault:
to:
id:4:initdefault:

in /usr/X11/lib/X11/xdm/xdm-config
change:

DisplayManager._0.setup: /usr/X11R6/lib/X11/xdm/Xsetup_0
to:
DisplayManager.*.setup: /usr/X11R6/lib/X11/xdm/Xsetup_0

in your home directory and if .xsession doesn't already exist:
ln -s .xinitrc .xsession

To configure XDM look at these two files:
/usr/X11/lib/X11/xdm/Xresources
/usr/X11/lib/X11/xdm/Xsetup_0


X-windows Customization

There are two main files to look at to customize your personal X-windows session. Both of them should be in your home directory.

.xinitrc

The last line of .xinitrc will always be the window manager that you use. For instance, I use FVWM so my last line is just fvwm. Everything else in .xinitrc is your own personal X-windows settings. Everything here will will start up when you start X-windows. A typical line might look like:

color_xterm -ls -T XTERM -bg black -fg grey -geometry +100+170 -fn 10x20 &

color_xterm = program

-ls = tells the xterm to do everything it would as though you just logged in. Such as run your .login.

-T XTERM = Sets the window title to XTERM.

-bg black = The window background will be black

-fg grey = The text will be grey

-geometry +100+170 = The window will automatically pop up 100 pixels from the left edge and 170 pixels down from the top.

-fn 10x20 = sets the fond size

& = Tells it to run in the background. You need this.

Remember, you must have your window manager as the last line in .xinitrc.

.fvwmrc

This file is your window manager configuration file. The name would of course be different if you didn't use FVWM. I haven't had time to write out this section yet.


It's not here.. where do I go?

Please mail
dopheide@uiuc.edu with any suggestions about what should be included on this page. If you have anything you've typed up a FAQ yourself send that as well.

THE MAN PAGES
I'm sure you are familiar with RTFM. Well... pay attention to it. Linux comes with it's own extensive manual. The man pages contain lots and lots of useful information. They're pretty simple to use too. Just man whatever.

If you're really lazy you can just look up man entries online.

When in doubt... read man pages!!!

WEB SITES: general
How-to's
Linux System Administrators' Guide 0.5 Click on "contents." This also contains a description of the standard Linux filesystem
Linux Resources
Linux Documentation Project
Linux Journal
Linux Headquarters
Linux FAQ

WEB SITES: specific
Procmail filters
Dilbert

Copyright © 1997 Michael K. Dopheide