Basic Linux Commands
Basic Command Structure
The following describes how GNU/Linux Bash is structured:
Note that GNU/Linux is case-sensitive. So, IT means ssh is not the same as Ssh
pompt$ command -option keywork/argument
- Option – Options (Also known as switches) usually come after hyphen
-. They intend to modify the output of the command. A command might have none or some options. Each option might have no argument or one argument. For example,-c 4inping -c 3 8.8.8.8 - Keyword – This is specified parameter defined by OS. For example,
start sshinsystemctl start ssh - Argument – is not predefined and is assigned by the user. For example
8.8.8.8inping 8.8.8.8
As a side note, remember the Linux commands are case sensitive. Implies that Training is not the same as TRAINING.
Manual Pages
Command man is used to view the manual pages. For example you have so far used command systemctl quiet a few times lets use man command in conjunction with systemctl command to get the manual page for systemctl command.
┌──(kaliă‰¿kali)-[~]
└─$ man systemctl
SYSTEMCTL(1) systemctl SYSTEMCTL(1)
NAME
systemctl - Control the systemd system and service manager
SYNOPSIS
systemctl [OPTIONS...] COMMAND [UNIT...]
DESCRIPTION
systemctl may be used to introspect and control the state of the "systemd" system and service manager. Please refer to systemd(1) for an introduction into the basic concepts and
functionality this tool manages.
COMMANDS
The following commands are understood:
Manual page systemctl(1) line 1 (press h for help or q to quit)apropos
This command is helpful for finding a particular command based on description. Let’s say we want to change our password and we don’t know what command to use.
┌──(kaliă‰¿kali)-[~]
└─$ apropos "change user password"
chage (1) - change user password expiry information
passwd (1) - change user passwordWe can then check the manual pages for the aforementioned commands to understand which command caters to our need.
sudo
By default, Shell restricts access to certain parts of the system. SuperUser DO (sudo) is used to temporarily elevate your user privilege as sudoer privilege.
Manual page of sudo best describes what it does:
sudo allows a permitted user to execute a command as the superuser or another user.
You have previously used sudo command in order to be able to start or stop a service using systemctl.
Listing Files
The ls command lists the files on the current directory or on a specified path.
┌──(kaliă‰¿kali)-[~]
└─$ ls
Desktop Documents Downloads Music Pictures Public Templates Videos
┌──(kaliă‰¿kali)-[~]
└─$ ls Desktop
file1 file2Exercise:
Use man page to see the different switches/options for ls and try different switches to list the directories. For example, try these:
ls -a
ls -l
ls -la
ls -lha
ls -lhat
ls -lhatrThe Linux Filesystem
Filesystem Hierarchy Standard (FHS) describes the Linux/Unix file hierarchy. ls -l / shows you the directories in FHS. The directories you will find most useful are:
/is the root/bin– common programs (ls, cd, cat, etc.)/sbin– system programs (fdisk, mkfs, sysctl, etc)/etc– system configuration files. similar to Control Panel in Windows/tmp– temporary files (typically deleted on boot)/usr/share– application support and data files/home– home directory of the user
You can use command man file-hierarchy for more information on your GNU/Linux distribution.
┌──(kaliă‰¿kali)-[~]
└─$ man file-hierarchy
NAME
file-hierarchy - File system hierarchy overview
DESCRIPTION
Operating systems using the systemd(1) system and service manager are organized based on a file system hierarchy inspired by UNIX, more specifically the hierarchy described in the File
System Hierarchy[1] specification and hier(7), with various extensions, partially documented in the XDG Base Directory Specification[2] and XDG User Directories[3]. This manual page
describes a more generalized, though minimal and modernized subset of these specifications that defines more strictly the suggestions and restrictions systemd makes on the file system
hierarchy.
Many of the paths described here can be queried with the systemd-path(1) tool.
GENERAL STRUCTURE
/
The file system root. Usually writable, but this is not required. Possibly a temporary file system ("tmpfs"). Not shared with other hosts (unless read-only).
/boot/
The boot partition used for bringing up the system. On EFI systems, this is possibly the EFI System Partition (ESP), also see systemd-gpt-auto-generator(8). This directory is
usually strictly local to the host, and should be considered read-only, except when a new kernel or boot loader is installed. This directory only exists on systems that run on
physical or emulated hardware that requires boot loaders.
/efi/
If the boot partition /boot/ is maintained separately from the EFI System Partition (ESP), the latter is mounted here. Tools that need to operate on the EFI system partition should
look for it at this mount point first, and fall back to /boot/ — if the former doesn't qualify (for example if it is not a mount point or does not have the correct file system type
MSDOS_SUPER_MAGIC).
/etc/
System-specific configuration. This directory may or may not be read-only. Frequently, this directory is pre-populated with vendor-supplied configuration files, but applications
should not make assumptions about this directory being fully populated or populated at all, and should fall back to defaults if configuration is missing.
/home/
The location for normal user's home directories. Possibly shared with other systems, and never read-only. This directory should only be used for normal users, never for system
users. This directory and possibly the directories contained within it might only become available or writable in late boot or even only after user authentication. This directory
might be placed on limited-functionality network file systems, hence applications should not assume the full set of file API is available on this directory. Applications should
generally not reference this directory directly, but via the per-user $HOME environment variable, or via the home directory field of the user database.
/root/
The home directory of the root user. The root user's home directory is located outside of /home/ in order to make sure the root user may log in even without /home/ being available
and mounted.
/srv/
The place to store general server payload, managed by the administrator. No restrictions are made how this directory is organized internally. Generally writable, and possibly
shared among systems. This directory might become available or writable only very late during boot.
/tmp/
The place for small temporary files. This directory is usually mounted as a "tmpfs" instance, and should hence not be used for larger files. (Use /var/tmp/ for larger files.) This
directory is usually flushed at boot-up. Also, files that are not accessed within a certain time may be automatically deleted.
If applications find the environment variable $TMPDIR set, they should use the directory specified in it instead of /tmp/ (see environ(7) and IEEE Std 1003.1[4] for details).
Since /tmp/ is accessible to other users of the system, it is essential that files and subdirectories under this directory are only created with mkstemp(3), mkdtemp(3), and similar
calls. For more details, see Using /tmp/ and /var/tmp/ Safely[5].
RUNTIME DATA
/run/
A "tmpfs" file system for system packages to place runtime data, socket files, and similar. This directory is flushed on boot, and generally writable for privileged programs only.
Always writable.
/run/log/
Runtime system logs. System components may place private logs in this directory. Always writable, even when /var/log/ might not be accessible yet.
Manual page file-hierarchy(7) line 1 (press h for help or q to quit)You might be wanting to look at the post here for more information about FHS.
Work On the Command Line
Absolute Path vs Relative Path
A combination of / and alphanumeric characters is called path and it points to a location to a file or a directory. For example: /home/kali/TRAINING/.
Absolute Path
When you represent the location of a file or a directory from root directory which is /; you are using absolute path. For example: /etc/passwd.
Relative Path
Relative path is relative your present working directory (pwd).
┌──(kaliă‰¿kali)-[~]
└─$ ls TRAINING/
file1 file2The above snippet is the same as using absolute path ls /home/kali/TRAINING
To reference a directory from the parent directory, we use ../. For example
┌──(kaliă‰¿kali)-[~]
└─$ ls ../
kali
As another example when we employ ../../ it means we reference a directory from a grandparent directory:
┌──(kaliă‰¿kali)-[~]
└─$ ls ../../
bin boot dev etc home initrd.img initrd.img.old lib lib32 lib64 libx32 lost+found media mnt opt proc root run sbin srv sys tmp usr var vmlinuz vmlinuz.oldWe also have ./ which refers to current directory. Try, cd ./VIDEOS
Some Keyboard shortcuts
Ctrl+L clears the screen.
Tab Completion: In Bash shell you can hit tab key to complete filenames and directory paths.
Up arrow ↑ writes the last command you entered in Bash shell to the command prompt. Conversely, down arrow ↓ scrolls forward in history.
Ctrl+R invokes the reverse-i-search wherein you can type a set of letters to match for the most recent command in your history that contains those letters.
Ctrl+C stops the running command immediately. For example, when you ping 1.1.1.1 the program won’t stop unless you hit this key composition.
Exercise
Run few command such as the ones which shown below, then let’s try to invoke reverse-i-search
sudo systemctl start ssh
sudo systemctl enable ssh
sudo systemctl status ssh
sudo systemctl start apache2
sudo systemctl enable apache2
sudo systemctl status apache2
ping 8.8.8.8
^C
ping 1.1.1.1
^COnly with Ctrl+R, 2 letters (do not use digits), and Return (Enter) key, try to invoke the following commands.
sudo systemctl status ssh
ping 8.8.8.8Moving Around
To check the current working directory use command pwd.
┌──(kaliă‰¿kali)-[~]
└─$ pwd
/home/kaliTo traverse to different directories, use cd following by the directory name. using cd with no arguments, brings you back to the home directory.
┌──(kaliă‰¿kali)-[~]
└─$ cd Desktop
┌──(kaliă‰¿kali)-[~/Desktop]
└─$ pwd
/home/kali/DesktopCreating and Removing the Directories
You can create folder(s) using mkdir command followed by the name(s) of the folder(s).
┌──(kaliă‰¿kali)-[~]
└─$ mkdir Documents/TRAINING
┌──(kaliă‰¿kali)-[~]
└─$ ls Documents/
TRAINING
┌──(kaliă‰¿kali)-[~]
└─$ cd Documents/TRAINING
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ pwd
/home/kali/Documents/TRAINING
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ mkdir CCIE 2022
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ ls
2022 CCIEIn the example above we intended to create a directory called CCIE 2022, but instead we created two distinct directories called CCIE and 2022. We can use command rf -rm to remove the directories. Pay careful attention that once the directories/files are removed from terminal, you cannot undo the operation. Now, Let’s remove all the contents in TRAINING folder we have just created above. First, we make sure we are in the right directory.
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ pwd
/home/kali/Documents/TRAINING
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ rm -rf CCIE/ 2022/
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ ls
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$Note that, if you have too many directories and files and you wanted to remove all those, instead of calling their names, you could use wildcard *. So, the command would be rm -rf *.
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ touch file1 file2
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ rm -rf *
zsh: sure you want to delete all 2 files in /home/kali/Documents/TRAINING [yn]? y
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$touch
touch command with no option and argument is used to create an/multiple empty file(s). See the example above. We created two files in the last example. Can you see the filenames?
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ touch file1 file2
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ ls -l
total 0
-rw-r--r-- 1 kali kali 0 Apr 3 21:20 file1
-rw-r--r-- 1 kali kali 0 Apr 3 21:20 file2If you touch an existing file, you will update the timestamp of the file to the current timestamp.
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ touch file1
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ ls -l
total 0
-rw-r--r-- 1 kali kali 0 Apr 3 21:22 file1
-rw-r--r-- 1 kali kali 0 Apr 3 21:20 file2Copy, Move, and Rename
copy
Command cp copies files and directories
┌──(kaliă‰¿kali)-[~/Documents]
└─$ cd TRAINING
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ ls
file1 file2
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ cp file1 file3
┌──(kaliă‰¿kali)-[~/Documents/TRAINING]
└─$ ls
file1 file2 file3
┌──(kaliă‰¿kali)-[~/Documents]
└─$ cp -r TRAINING ../
┌──(kaliă‰¿kali)-[~/Documents]
└─$ cd ..
┌──(kaliă‰¿kali)-[~]
└─$ ls
Desktop Documents Downloads Music Pictures Public TRAININGMove
Command mv moves the files. Moving means that it copies the file(s) from original path to a new path. It will then removes the file from the old path. Analogous to cut and paste.
┌──(kaliă‰¿kali)-[~/Documents]
└─$ mv TSHOOT../
┌──(kaliă‰¿kali)-[~/Documents]
└─$ ls
┌──(kaliă‰¿kali)-[~/Documents]
└─$ cd ..
┌──(kaliă‰¿kali)-[~]
└─$ ls
Desktop Documents Downloads Music Pictures Public TRAINING TSHOOTRename
Command mv also renames the files. You only need to specify the new name to the final destination
┌──(kaliă‰¿kali)-[~/TRAINING]
└─$ ls
file1 file2 file3
┌──(kaliă‰¿kali)-[~/TRAINING]
└─$ mv file3 file4
┌──(kaliă‰¿kali)-[~/TRAINING]
└─$ ls
file1 file2 file4echo
The echo command displays a line of text
┌──(kaliă‰¿kali)-[~]
└─$ echo "Hello World"
Hello WorldEnvironment Variable
Environment Variable is a variable which holds a value. Here are some environment variable when you open a new terminal:
- USER
- PWD
- HOME
- PATH
When we want to call a variable we prepend a $ sign to that variable.
┌──(kaliă‰¿kali)-[~]
└─$ echo $USER
kali
┌──(kaliă‰¿kali)-[~]
└─$ echo $PATH
/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/home/kali/.dotnet/toolsThe command env shows you the Environment Variable defined by Kali Linux.
┌──(kaliă‰¿kali)-[~]
└─$ env
USER=kali
LOGNAME=kali
HOME=/home/kali
PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:/home/kali/.dotnet/tools
SHELL=/usr/bin/zsh
TERM=xterm
DISPLAY=localhost:10.0
XDG_SESSION_ID=764
XDG_RUNTIME_DIR=/run/user/1000
DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
XDG_SESSION_TYPE=tty
XDG_SESSION_CLASS=user
MOTD_SHOWN=pam
COMMAND_NOT_FOUND_INSTALL_PROMPT=1
POWERSHELL_UPDATECHECK=Off
POWERSHELL_TELEMETRY_OPTOUT=1
DOTNET_CLI_TELEMETRY_OPTOUT=1
LANG=en_US.UTF-8
SSH_CLIENT=10.0.0.1 28203 22
SSH_CONNECTION=10.0.0.1 28203 10.0.0.80 22
SSH_TTY=/dev/pts/1
SHLVL=1
PWD=/home/kali
OLDPWD=/home/kali/TRAINING
LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=00:su=37;
LESS_TERMCAP_mb=
LESS_TERMCAP_md=
LESS_TERMCAP_me=
LESS_TERMCAP_so=
LESS_TERMCAP_se=
LESS_TERMCAP_us=
LESS_TERMCAP_ue=
_=/usr/bin/envcat
The command cat prints the content of the file on the standard output (You will learn more about standard output later)
┌──(kaliă‰¿kali)-[~]
└─$ cat /proc/sys/kernel/version
#1 SMP Debian 5.15.15-2kali1 (2022-01-31)
head, tail
The command head prints the first 10 lines of a files. You can modify the default numbers of the lines with option -n. For example head -n 5.
┌──(kaliă‰¿kali)-[~]
└─$ head -n5 /etc/passwd
root:x:0:0:root:/root:/usr/bin/zsh
daemon:x:1:1:daemon:/usr/sbin:/usr/sbin/nologin
bin:x:2:2:bin:/bin:/usr/sbin/nologin
sys:x:3:3:sys:/dev:/usr/sbin/nologin
sync:x:4:65534:sync:/bin:/bin/sync
Conversely, the command tail prints the last 10 lines of the file. You can modify the default numbers of the lines with option -n. For example tail -n 3.
┌──(kaliă‰¿kali)-[~]
└─$ tail -n 3 /etc/passwd
geoclue:x:132:140::/var/lib/geoclue:/usr/sbin/nologin
king-phisher:x:133:141::/var/lib/king-phisher:/usr/sbin/nologin
kali:x:1000:1000:Kali,,,:/home/kali:/usr/bin/zsh
