Show Menu

System Admin CS Cheat Sheet by

ERROR checking

sudo apt update && sudo apt upgrade -y
upgrades your machine with all tools completely
any number other than 0
is a fail error
test -d /tmp/t­emp_dir test_rc=$?
check to see if directory was created
echo "­mkdir resulted in ${mkdi­r_rc}, test resulted in ${test­_rc­}."
check return codes
true && echo "We get here because the first part is true!" true || echo "We never see this because the first part is true :("
Check out how an exit status of 0 affects the logical operators:
false && echo "­Since we only continue after && with an exit status of 0, this is never printe­d." false || echo "­Because we only continue after || with a return code that is not 0, we see this!"
Check out how an exit status of 1 affects the logical operators:
if [[ $# -ne 3 ]]; then echo "­Inc­orrect usage!­" echo "­Usage: $0 <di­rec­tor­y_n­ame> <fi­le_­nam­e> <fi­le_­con­ten­t>" exit 1 fi
We need exactly three arguments, check how many have been passed to # the script.
direct­ory­_na­me=$1 file_n­ame=$2 file_c­ont­ent=$3
Save the arguments into variables.
create absolute path
if [[ ! -d ${dire­cto­ry_­name} ]]; then mkdir ${dire­cto­ry_­name} || { echo "­Cannot create directory, exiting script­!"; exit 1; } fi
Check if the directory exists; otherwise, try to create it.
if [[ ! -f ${abso­lut­e_f­ile­_path} ]]; then touch ${abso­lut­e_f­ile­_path} || { echo "­Cannot create file, exiting script­!"; exit 1; } fi
Try to create the file, if it does not exist.
echo ${file­_co­ntent} > ${abso­lut­e_f­ile­_path}
File has been created, echo the content to it.
cp /var/l­og/­dpk­g.log dpkg || { echo "­Cannot copy dpkg.log to the new direct­ory."; exit 1; }
Copy the log file to our new directory.
cd $(dirname $0)
Change directory to the script location.
cp /var/l­og/­dpk­g.log dpkg || { echo "­Cannot copy dpkg.log to the new direct­ory."; exit 1; }
Copy the log file to our new directory.
if [[ $# -ne 1 ]]; then echo "­Inc­orrect usage!­" echo "­Usage: $0 <file or directory path>" exit 1 fi
input validation

git keeper

git clone <ur­l>
copies url to directory
git add <fi­le>
keep track of git file
git commit -am "­don­e"
makes version of thing
git push
pushes version to git server

for loop

for word in ${words}; do echo "The word is: ${word­}" done
for loop example
" "
bash keep spaces together also prevents asterisk from being expanded
' '
no variables will be replaced in single quotes plus what double quotes do

Setting up Samba for file sharing

$ sudo yum install samba samba-­client samba-­common
install samba
$ sudo cp /etc/s­amb­a/s­mb.conf /etc/s­amb­a/s­mb.c­on­f.b­ackup
backup at each stage
$ sudo mkdir /Share­dFo­lder/ $ sudo chmod -R 755 /Share­dFo­lder/
grant user permis­sions
$ sudo firewa­ll-cmd --add-­ser­vic­e=samba $ sudo firewa­ll-cmd --reload
get past firewall
$ sudo nano /etc/s­amb­a/s­mb.conf
configure samba file
$ sudo smbpasswd –a <us­er>
create user
$ sudo systemctl enable­rvice $ sudo systemctl enable­rvice $ sudo systemctl start­rvice $ sudo systemctl start­rvice
start service
$testparm -v
listing of all the Samba config­uration options and the values to which they are currently set
$sudo smbpasswd -a <us­er>
set up password for user


ARRAY=(hi "how are" you)
set values
echo ${ARRA­Y[*]}
list variables in array
for x in "­${A­RRA­Y[@­]}";do echo $x; done
list variables in new lines
unset ARRAY[­var­iable]
remove variable
ARRAY+­=("b­lan­d" "­hel­lo")
add variables
echo ${#ARRAY}
get length of array
substitute variable
shift variables
declare -A aa
replace parts of a variable
remove substring


lists the contents of files to the terminal window
give your own name to a command or sequence of commands
inform­ation and files from Uniform Resource Locators (URLs) or internet addresses
shows the size, used space, and available space on the mounted filesy­stems of your computer
compares two text files and shows the differ­ences between them
close a terminal window
gives you a short dump of inform­ation about a user, including the time of the user’s last login, the user’s home directory, and the user account’s full name
summary of the memory usage with your computer.
tells you which groups a user is a member of
compresses files
gives you a listing of the first 10 lines of a file
terminate a process from the command line
view files without opening an editor
verify that you have network connec­tivity with another network device
lists running processes
shut down or reboot your Linux system
listing of the last 10 lines of a file
create an archive file
real-time display of the data relating to your Linux machine.
obtain some system inform­ation regarding the Linux computer you’re working on
lists the currently logged in users.
find out who you are logged in as or who is logged into an unmanned Linux terminal.

Add users

add user
sudo useradd <us­ern­ame>
add user password
sudo smbpasswd -a <us­ern­ame>
Add Admin
sudo useradd -g wheel <la­stn­ame­fir­stl­ett­er>

Installing and setting up samba

check samba is not running
ps ax | egrep "­sam­ba|­smb­d|n­mbd­|wi­nbindd
delete any samba files that are already on the system
smbd -b | grep "­CON­FIG­FIL­E" and smbd -b | egrep "­LOC­KDI­R|S­TAT­EDI­R|C­ACH­EDI­R|P­RIV­ATE­_DI­R"; delete any files that these commands find
provision Samba AD. We'll want to do it intera­ctively so our password can't be seen
samba-tool domain provision --use-­rfc2307 --inte­ractive
for the requests:
Realm: SAP.CS­LAB.MO­RAV­IAN.EDU Domain: SAP Server Role: dc DNS backend: SAMBA_­INT­ERNAL
Set your hostname to our domain:
hostname sap.cs­­rav­ hostname -b sap.cs­­rav­
Now enable samba and make it sure it will run at boot:
sudo systemctl start samba sudo systemctl enable samba

virtual enviro­nments

python3 -m venv /path/­to/­new­/vi­rtu­al/­env­iro­nment
create new virtual enviro­nment
-h, --help
man pages for enviro­nments
Give the virtual enviro­nment access to the system site-p­ackages dir.
Try to use symlinks rather than copies, when symlinks are not the default for the platform.
Try to use copies rather than symlinks, even when symlinks are the default for the platform.
Delete the contents of the enviro­nment directory if it already exists, before enviro­nment creation.
Upgrade the enviro­nment directory to use this version of Python, assuming Python has been upgraded in-place.
Skips installing or upgrading pip in the virtual enviro­nment (pip is bootst­rapped by default)
--prompt PROMPT
Provides an altern­ative prompt prefix for this enviro­nment.
<so­urc­e> <di­r>/­bin­/ac­tivate/
activate virtual env
pip install <some projec­t>
install a project
pip install -r requir­eme­nts.txt
install required files

Files and Direct­ories

to hide files
ls -a
shows all files in current folder
ls ..
look in directory
ls ../.. -a
look in directory above
ls -a ..
look in hidden directory
run program from current folder
present working directory
completes command
moves files somewhere else
rm ~/<­fil­ena­me>
delete file
rm -r <di­r>
delete direct­ories
mk dir
create direct­ories
wget <fo­lde­r>
download folder
tar -xzf <fo­lde­r>.t­ar.gz
unpack folder
cd <di­rec­tor­y>
change directory
cd \
go to home directory
History | grep <co­mma­nd>
find commands with <co­mma­nd> in it
to follow code to the end
-f -u <un­it>
filter by the type of unit
repeat command on line
everything that happened in a session

ports an firewalls

firewa­ll-cmd --perm­anent --add-­por­t=<­por­t#>/tcp
add port
firewa­ll-cmd --reload
reboot port
firewa­ll-cmd --list­-ports
list ports
firewa­ll-cmd --perm­anent --add-­ser­vic­e=http
use predefined service instead of port #
sudo tcpdump -a -c 1000
looks for the past 1000 connec­tions within server
show local ip

Network Diagnostic Tools

ping <we­bad­dre­ss> or <IP>
tracks the time the round trip took to server
ping -s <nu­mbe­r>
try a packet of <nu­mbe­r>
/path/­to/­tra­ceroot <we­bad­dre­ss>
shows whether it can reach a host, but also the route it takes
queries DNS servers and returns the inform­ation held about a particular domain.

Set up SMB

go to file
sudo nano /etc/s­amb­a/s­mb.conf
input values
[homes] comment = Home Direct­ories browsable = no writeable = yes valid users = sap.cs­­rav­\%S [printers] comment = All Printers path = /var/s­poo­l/samba browsable = no guest ok = no writeable = no printable = yes
sudo setsebool -P samba_­ena­ble­_ho­me_dirs on

Set up DHCP

Setting up Static IP on Server (For DHCP)
ip addr add 192.16­8.114.1 dev br0;
Setting up Bridging
sudo dnf install bridge­-utils sudo brctl addbr br0 sudo brctl addif enp1s0 sudo brctl addif eno1 sudo ifconfig br0 up
DHCP Config
subnet 192.16­8.114.0 netmask 255.25­5.255.0 { range 192.16­8.114.1 192.16­8.1­14.255; option subnet­-mask 255.25­5.2­55.0; option routers 192.16­8.1­14.1; option broadc­ast­-ad­dress 192.16­8.1­14.255; defaul­t-l­eas­e-time 600; max-le­ase­-time 7200; host interface0 { hardware ethernet 54:04:­a6:­3f:­85:35; fixed-­address 192.16­8.1­14.1; } }
DHCP Config pt.2
DHCP Config pt.3
DEVICE­=eno1 BOOTPR­OTO­:dhcp TYPE: ethernet ipaddr­=19­2.1­68.1­14.1 ONBOOT=yes

Permis­sions and Owners

ls -l
view permis­sions of files and direct­ories
execute file
chmod +x <fi­len­ame>
ls -l
added permission to execute file
chown bin
changes ownership of file(can only be used by root)
chgrp bin
changes group
chmod -x <fi­len­ame>
removed permission to execute file
chmod u+x <fi­len­ame>
assign execute permission to yourself only
chmod ug+rwx <fi­len­ame>
assign read, write, execute permission to user and group
etc /shadow
can only be run by root
chmod -R
show all command history
adds user

Cups printer

set up cups
lpadmin -p laserjet -L "­Pri­nte­r" -v usb://­HP/­Las­erJ­et%­202­200­?se­ria­l=0­0US­BGJ­02797
list the available backends and printers
lpinfo -v
The Bonjour (DNS-SD) protocol.
The Internet Printing Protocol (IPP) with optional encryp­tion.
The Internet Printing Protocol with mandatory encryp­tion.
The Line Printer Daemon protocol
The AppSocket (JetDi­rect) protocol.
Set printer
lpadmin -p printe­rname -v device-uri
aborts jobs. on printer
Enable­s/d­isables per-pr­inter sharing
-o printe­r-i­s-s­har­ed=­tru­e/false
Enables sharing of printers with other computers and mobile devices on your local network.
Expands printer sharing to any network that can reach your server.
create, modify, or delete a class
lpadmin -p printe­rname -c classname
printer is removed from the class
lpadmin -p printe­rname -r classname
deletes the named class
lpadmin -x classname
enable debug logging
cupsctl --debu­g-l­ogging
disable debug logging
cupsctl --no-d­ebu­g-l­ogging
creates a destin­ation for a printer at IP address 11.22.3­3.44
lpadmin -p printe­rname -E -v ipp://­11.2­2.3­3.4­4/­ipp­/print -m everywhere
creates a destin­ation for a HP LaserJet printer at IP address 11.22.3­3.44
lpadmin -p printe­rname -E -v socket­://­11.2­2.3­3.44 -m drv://­/sa­mpl­e.d­rv/­las­erj­et.ppd


$ ssh -l <ac­count name> <remote system>
log in
$ ssh <ac­count name>@­<remote system>
log in
$ ssh <remote system>
log in if on same local and remote system
$ ssh -l <ac­count name> <remote system> rm <ab­solute path name>
run a single command
$ scp <file name> <ac­count name>@­<remote server­>:
copy files from local to remote
$ scp <ac­count name>@­<remote system­>:<file name> .
copy files from remote to local
$ scp -r <ac­count name>@­<remote system­>t:­<di­rec­tor­y> .
copy directory


No comments yet. Add yours below!

Add a Comment

Your Comment

Please enter your name.

    Please enter your email address

      Please enter your Comment.

          Related Cheat Sheets

          Linux Basics/Pentesting Tutorials Cheat Sheet
          Comandos de terminal Linux Cheat Sheet
          Master Measures & Weights with this Cheat Sheet Cheat Sheet