Course Outline (Part 11)

Welcome to Part 11 of the Linux Bash Course. In this section, we dive deep into the administration of Linux systems. You will learn how to manage user accounts and groups, configure disk partitions and mount filesystems, and utilize core networking utilities for troubleshooting and data transfer.

Chapter 31: User Account Management

31.1 Introduction to Linux User Accounts and /etc/passwd

Linux is a multi-user operating system. Every process runs under the security context of a specific user. User account details are stored in /etc/passwd.

  • Each line in /etc/passwd represents a single user account, split into 7 colon-separated fields:
    1. Username: The login name (e.g., suresh).
    2. Password: Historically the password, now usually represented by x (referring to the shadow password file /etc/shadow).
    3. UID (User ID): A unique numeric identifier. 0 is reserved for root.
    4. GID (Group ID): The primary group ID.
    5. GECOS: User comments/information (full name, room number, etc.).
    6. Home Directory: The path to the user’s home directory (e.g., /home/suresh).
    7. Login Shell: The shell executable started when the user logs in (e.g., /bin/bash).

31.2 Group Management and the /etc/group File

Groups are collections of users designed to simplify permission management. Group definitions reside in /etc/group with 4 colon-separated fields:

  • Group Name: The identifier for the group (e.g., developers).
  • Group Password: Usually x (unused).
  • GID: Unique numeric identifier for the group.
  • User List: Comma-separated list of secondary users belonging to this group.

31.3 Creating Users with useradd

The useradd command creates new local user accounts.

  • Syntax:

    useradd [options] username

  • Example Command:

    sudo useradd -m -s /bin/bash -g users -G sudo,docker testuser

  • Expected Output: (No output is printed on success)

  • Flag & Command Breakdown:

    • sudo: Executes the command with superuser privileges (required to write to /etc/passwd).
    • useradd: The command to create a new user.
    • -m: Creates the user’s home directory at /home/testuser.
    • -s /bin/bash: Sets the default login shell to Bash.
    • -g users: Assigns users as the primary group.
    • -G sudo,docker: Adds the user to secondary groups sudo and docker.
    • testuser: The login username of the new account.

31.4 Modifying User Properties with usermod

The usermod command modifies an existing user’s attributes.

  • Syntax:

    usermod [options] username

  • Example Command:

    sudo usermod -a -G developers testuser

  • Expected Output: (No output is printed on success)

  • Flag & Command Breakdown:

    • usermod: The user modification utility.
    • -a: Appends the user to the supplemental groups. Use only with -G to avoid removing the user from other groups.
    • -G developers: Specifies the supplemental group to add.
    • testuser: The target user account.

31.5 Deleting Users with userdel

The userdel command deletes a user account and associated system files.

  • Syntax:

    userdel [options] username

  • Example Command:

    sudo userdel -r testuser

  • Expected Output: (No output is printed on success. If files aren’t owned by the user, warnings may appear)

  • Flag & Command Breakdown:

    • userdel: The user deletion tool.
    • -r: Recursively removes the user’s home directory and mail spool files.
    • testuser: The username to delete.

31.6 Managing Passwords and Aging Policies with passwd and chage

passwd updates user passwords, while chage configures account expiration and password aging parameters.

  • Syntax:

    passwd [username]
chage [options] username

  • Example Command:

    sudo passwd testuser
sudo chage -M 90 -W 7 testuser

  • Expected Output:

    New password: 
Retype new password: 
passwd: password updated successfully

  • Flag & Command Breakdown:

    • passwd testuser: Changes the password of testuser.
    • chage: The password aging configuration command.
    • -M 90: Sets the maximum password lifetime to 90 days.
    • -W 7: Sends warning messages to the user 7 days before password expiration.

31.7 Understanding User Groups and the groupadd / groupdel Commands

These utilities manage user groups on the system.

  • Syntax:

    groupadd [options] group_name
groupdel group_name

  • Example Command:

    sudo groupadd -g 1500 sysadmins
sudo groupdel sysadmins

  • Expected Output: (No output is printed on success)

  • Flag & Command Breakdown:

    • groupadd: Adds a new group to /etc/group.
    • -g 1500: Explicitly sets the Group ID (GID) to 1500.
    • groupdel: Deletes the target group.

31.8 Switching Users and Privilege Escalation: su and sudo

  • su (Switch User) opens a shell with another user’s identity (defaults to root if no user is specified).

  • sudo (Superuser Do) runs a single command with root (or another user’s) privileges according to policy.

  • Syntax:

    su - [username]
sudo [command]

  • Example Command:

    sudo -u testuser whoami

  • Expected Output:

    testuser

  • Flag & Command Breakdown:

    • sudo: Escalates privilege.
    • -u testuser: Run the command as testuser instead of root.
    • whoami: Prints the active user context.

31.9 The /etc/sudoers Configuration and visudo

The /etc/sudoers file controls which users and groups can run which commands with sudo.

  • Never edit /etc/sudoers directly with standard text editors. Always use visudo, which parses the file for syntax errors before saving, preventing system lockout.
  • A typical line format is: root ALL=(ALL:ALL) ALL (User root on ALL hosts can execute as ALL users:group ALL commands).
  • Group privilege rules start with % (e.g., %sudo ALL=(ALL:ALL) ALL).

31.10 Querying User Information: id, whoami, w, and last

These commands show logged-in users, current identity details, and login history.

  • Syntax:

    id [username]
w
last

  • Example Command:

    id suresh

  • Expected Output:

    uid=1000(suresh) gid=1000(suresh) groups=1000(suresh),4(adm),27(sudo),999(docker)

  • Flag & Command Breakdown:

    • id: Prints UID, GID, and supplemental group IDs for the current user or specified user.

Chapter 32: Disk & Filesystem Management

32.1 Understanding Linux Storage, Partitions, and Block Devices (lsblk)

Storage devices are exposed in Linux as block files under /dev/ (e.g., /dev/sda for SATA drives, /dev/nvme0n1 for NVMe drives). Partitions append numbers (e.g., /dev/sda1, /dev/nvme0n1p2).

  • Syntax:

    lsblk [options]

  • Example Command:

    lsblk -o NAME,FSTYPE,SIZE,MOUNTPOINT

  • Expected Output:

    NAME        FSTYPE   SIZE MOUNTPOINT
sda                 500G 
├─sda1      vfat     512M /boot/efi
└─sda2      ext4   499.5G /

  • Flag & Command Breakdown:

    • lsblk: List Block Devices utility.
    • -o: Customizes the output columns.
    • NAME,FSTYPE,SIZE,MOUNTPOINT: Specifies columns to display.

32.2 Viewing Disk Space Usage with df

df displays reports on available and used filesystem space.

  • Syntax:

    df [options] [path]

  • Example Command:

    df -hT /

  • Expected Output:

    Filesystem     Type  Size  Used Avail Use% Mounted on
/dev/sda2      ext4  492G  124G  343G  27% /

  • Flag & Command Breakdown:

    • df: Disk Free utility.
    • -h: Human-readable format (powers of 1024; output in G, M, K).
    • -T: Displays the filesystem type (e.g., ext4).
    • /: Restricts output to the device backing the root directory.

32.3 Analyzing Directory Storage Usage with du

du estimates file space usage recursively down directories.

  • Syntax:

    du [options] [path]

  • Example Command:

    sudo du -sh /var/log

  • Expected Output:

    1.2G	/var/log

  • Flag & Command Breakdown:

    • du: Disk Usage utility.
    • -s: Summary mode (display total size of the folder, not individual subfiles).
    • -h: Human-readable format.
    • /var/log: Path to analyze.

32.4 Partitioning Disks using fdisk and parted

  • fdisk is a traditional, text-based interactive utility for partitioning MBR disks (and basic GPT support).

  • parted is a modern partitioning tool that supports GPT (GUID Partition Tables) and disks larger than 2TB.

  • Syntax:

    fdisk [device]
parted [device]

  • Example Command:

    # Print the partition layout of /dev/sda
sudo fdisk -l /dev/sda

  • Expected Output:

    Disk /dev/sda: 500 GiB, 536870912000 bytes, 1048576000 sectors
Disk model: Virtual Disk
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
Partition table type: gpt

Device         Start        End    Sectors   Size Type
/dev/sda1       2048    1050623    1048576   512M EFI System
/dev/sda2    1050624 1048575966 1047525343 499.5G Linux filesystem

  • Flag & Command Breakdown:

    • fdisk: Fixed Disk utility.
    • -l: Lists the partition tables for the specified device.

32.5 Creating Filesystems (Formatting) with mkfs

Filesystem creation formats raw partitions so Linux can write files.

  • Syntax:

    mkfs.[fstype] [device]

  • Example Command:

    sudo mkfs.ext4 /dev/sdb1

  • Expected Output:

    mke2fs 1.46.5 (30-Dec-2021)
Creating filesystem with 262144 4k blocks and 65536 inodes
Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (8192 blocks): done
Writing superblocks and filesystem accounting information: done

  • Flag & Command Breakdown:

    • mkfs.ext4: Formats a device with the EXT4 robust journaling filesystem.
    • /dev/sdb1: Target block partition to format.

32.6 Mounting and Unmounting Filesystems: mount and umount

To access files inside a filesystem, the device must be attached (mounted) to a directory (mount point).

  • Syntax:

    mount [options] device mount_point
umount device_or_mount_point

  • Example Command:

    sudo mount /dev/sdb1 /mnt/data
sudo umount /mnt/data

  • Expected Output: (No output is printed on success)

  • Flag & Command Breakdown:

    • mount: Attaches the disk structure to /mnt/data.
    • umount: Detaches the filesystem safely. Note the command spelling (no ‘n’ in umount).

32.7 Persistent Mounts: Configuring /etc/fstab

The /etc/fstab (filesystem table) configuration file lists filesystems mounted automatically at boot.

  • A typical line in fstab contains 6 columns:
    1. Device/UUID: E.g. UUID=a1b2c3d4-e5f6-7a8b... (Find via blkid).
    2. Mount Point: Target directory (e.g., /mnt/data).
    3. Filesystem Type: E.g. ext4, xfs, vfat.
    4. Mount Options: E.g., defaults, noatime, ro.
    5. Dump: Dynamic backup flag (0 to disable).
    6. Pass (FSCK order): Boot check sequence (0 for none, 1 for root, 2 for others).

32.8 Checking and Repairing Filesystems with fsck

fsck checks filesystems for corruption. The device must be unmounted before running fsck to prevent data loss.

  • Syntax:

    fsck [options] device

  • Example Command:

    sudo fsck -y /dev/sdb1

  • Expected Output:

    fsck from util-linux 2.37.2
/dev/sdb1: clean, 11/65536 files, 12955/262144 blocks

  • Flag & Command Breakdown:

    • fsck: Filesystem Consistency Check.
    • -y: Automatically answers “yes” to repair prompts during operation.

32.9 Creating and Managing Swap Space: mkswap, swapon, and swapoff

Swap space extends RAM by moving inactive pages to disk space.

  • Syntax:

    mkswap device_or_file
swapon device_or_file
swapoff device_or_file

  • Example Command:

    # Setup swap on a dedicated partition /dev/sdb2
sudo mkswap /dev/sdb2
sudo swapon /dev/sdb2

  • Expected Output:

    Setting up swapspace version 1, size = 2 GiB (2147483648 bytes)
no label, UUID=d7756f71-2cb2-4cb3-91ee-e4352db715ad

  • Flag & Command Breakdown:

    • mkswap: Initializes the block partition as swap memory.
    • swapon: Activates the swap space on the system immediately.

32.10 Disk Benchmarking and Imaging with the dd Utility

dd (Data Duplicator) is a low-level utility to copy and convert files block-by-block.

  • Syntax:

    dd if=input_source of=output_target [options]

  • Example Command:

    # Create a bootable ISO drive safely
sudo dd if=ubuntu.iso of=/dev/sdc bs=4M status=progress conv=fdatasync

  • Expected Output:

    1048576000 bytes (1.0 GB, 960 MiB) copied, 25 s, 41.9 MB/s
250+0 records in
250+0 records out
1048576000 bytes (1.0 GB) copied, 25.12 s, 41.7 MB/s

  • Flag & Command Breakdown:

    • dd: Disk copier utility.
    • if=ubuntu.iso: Input file (source ISO).
    • of=/dev/sdc: Output file (target raw USB drive).
    • bs=4M: Read and write 4 Megabytes at a time for faster performance.
    • status=progress: Shows periodic transfer speed and size outputs.
    • conv=fdatasync: Ensures data is physically written to disk before finishing.

Chapter 33: Network Configuration & Tools

33.1 Linux Network Interfaces and the ip Command

ip replaces the legacy ifconfig tool to show or configure network adapters, routing tables, and ARP lists.

  • Syntax:

    ip [object] [command]

  • Example Command:

    ip -br addr show

  • Expected Output:

    lo               UNKNOWN        127.0.0.1/8 ::1/128 
eth0             UP             192.168.1.45/24 fe80::a00:27ff:fe8a:1b2c/64

  • Flag & Command Breakdown:

    • ip: Main network administration command.
    • -br: Brief output mode (removes verbose interface metadata).
    • addr show: Displays interface IP addresses.

33.2 Querying Domain Names and DNS Records with dig and host

dig (Domain Information Groper) queries DNS servers for troubleshooting records.

  • Syntax:

    dig [@dns_server] domain_name [type]

  • Example Command:

    dig google.com A +short

  • Expected Output:

    142.250.190.46

  • Flag & Command Breakdown:

    • dig: DNS lookup utility.
    • google.com: Domain to query.
    • A: Standard IPv4 record type.
    • +short: Reduces output to only show IPs, omitting debug headers.

33.3 Testing Connectivity and Latency with ping

ping sends ICMP Echo Request packets to test remote server reachable states.

  • Syntax:

    ping [options] destination

  • Example Command:

    ping -c 3 google.com

  • Expected Output:

    PING google.com (142.250.190.46) 56(84) bytes of data.
64 bytes from dfw25s46-in-f14.1e100.net (142.250.190.46): icmp_seq=1 ttl=116 time=12.4 ms
64 bytes from dfw25s46-in-f14.1e100.net (142.250.190.46): icmp_seq=2 ttl=116 time=12.1 ms
64 bytes from dfw25s46-in-f14.1e100.net (142.250.190.46): icmp_seq=3 ttl=116 time=12.8 ms

--- google.com ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 2003ms
rtt min/avg/max/mdev = 12.102/12.433/12.801/0.285 ms

  • Flag & Command Breakdown:

    • ping: Packet Internet Groper.
    • -c 3: Stops sending ping requests after 3 counts.

33.4 Tracing Network Routes with traceroute and mtr

traceroute tracks the path network packets travel from source to destination. mtr (My Traceroute) combines traceroute and ping into a dynamic real-time reporting tool.

  • Syntax:

    traceroute destination
mtr destination

  • Example Command:

    traceroute -n google.com

  • Expected Output:

    traceroute to google.com (142.250.190.46), 30 hops max, 60 byte packets
 1  192.168.1.1  1.231 ms  1.102 ms  0.982 ms
 2  10.0.0.1  4.821 ms  4.502 ms  4.901 ms
 3  142.250.190.46  12.502 ms  12.102 ms  12.304 ms

  • Flag & Command Breakdown:

    • traceroute: Path query tool.
    • -n: Numeric mode; skips reverse-DNS resolution of router hostnames for faster output.

33.5 Downloading Files and API Testing with curl

curl transfers data to or from a server using various network protocols (HTTP, HTTPS, FTP, etc.).

  • Syntax:

    curl [options] URL

  • Example Command:

    curl -I https://www.google.com

  • Expected Output:

    HTTP/2 200
content-type: text/html; charset=ISO-8859-1
date: Fri, 12 Jun 2026 08:15:30 GMT
server: gws

  • Flag & Command Breakdown:

    • curl: Command Line URL client.
    • -I: Performs a HEAD request, fetching only header metadata.

33.6 Non-interactive Web Downloader: wget

wget downloads files in the background, supporting recursive mirror downloads.

  • Syntax:

    wget [options] URL

  • Example Command:

    wget -c -O localfile.zip https://example.com/remotefile.zip

  • Expected Output:

    --2026-06-12 08:20:00--  https://example.com/remotefile.zip
Resolving example.com... 93.184.216.34
Connecting to example.com|93.184.216.34|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1048576 (1.0M) [application/zip]
Saving to: ‘localfile.zip’

localfile.zip        100%[===================>]   1.00M  2.45MB/s    in 0.4s    

2026-06-12 08:20:01 (2.45 MB/s) - ‘localfile.zip’ saved [1048576/1048576]

  • Flag & Command Breakdown:

    • wget: Web Get utility.
    • -c: Resumes partially downloaded files if the connection was interrupted.
    • -O localfile.zip: Renames the saved local output file.

33.7 Auditing Ports and Network Connections: ss and netstat

ss displays socket statistics, serving as a faster replacement for netstat.

  • Syntax:

    ss [options]

  • Example Command:

    ss -tunlp

  • Expected Output:

    Netid State  Recv-Q Send-Q  Local Address:Port   Peer Address:Port Process
udp   UNCONN 0      0             0.0.0.0:5353        0.0.0.0:*    users:(("avahi-daemon",pid=612,fd=12))
tcp   LISTEN 0      4096          0.0.0.0:22          0.0.0.0:*    users:(("sshd",pid=781,fd=3))

  • Flag & Command Breakdown:

    • ss: Socket Statistics viewer.
    • -t: Shows TCP sockets.
    • -u: Shows UDP sockets.
    • -n: Displays numeric port numbers (e.g. 22 instead of ssh).
    • -l: Displays listening sockets only.
    • -p: Shows the process ID (PID) and command using the socket.

33.8 Transferring Files securely: scp and sftp

scp uses SSH to transfer files securely between hosts. sftp is an interactive secure file transfer subsystem.

  • Syntax:

    scp [options] source destination

  • Example Command:

    scp -P 2222 backup.tar.gz [email protected]:/home/suresh/backups/

  • Expected Output:

    backup.tar.gz                                100%   15MB   4.8MB/s   00:03

  • Flag & Command Breakdown:

    • scp: Secure Copy.
    • -P 2222: Uses custom SSH port 2222 instead of the default 22.
    • backup.tar.gz: The local file to upload.
    • [email protected]:/home/suresh/backups/: Target remote user, host IP, and target directory.

33.9 Network Troubleshooting and Raw Socket Connections with nc (Netcat)

nc (Netcat) reads and writes data across network connections. It is a powerful tool for port scanning and diagnostics.

  • Syntax:

    nc [options] host port

  • Example Command:

    # Check if port 22 is open on server
nc -zv 192.168.1.100 22

  • Expected Output:

    Connection to 192.168.1.100 22 port [tcp/ssh] succeeded!

  • Flag & Command Breakdown:

    • nc: Netcat network diagnostic tool.
    • -z: Zero-I/O mode; scans for open ports without sending data.
    • -v: Verbose output.
    • 192.168.1.100 22: Host address and target port to query.

33.10 Basic Network Configuration Files: /etc/hosts and /etc/resolv.conf

These files control local hostname lookup and DNS resolution.

  • /etc/hosts: Maps static IP addresses to domain hostnames locally before querying external DNS. Format: 127.0.0.1 localhost 192.168.1.100 server.local
  • /etc/resolv.conf: Configures DNS nameservers for system-wide name resolution. Format: nameserver 8.8.8.8 nameserver 1.1.1.1

External Resources