boot and the name is read from these files. HOSTNAME=hostname.domain.

com
LINUX Admin Quick Reference /etc/NETWORKING
(Slackware) May change manually.
Jialong He
Jialong_he@bigfoot.com /etc/sysconfig/network NFS File Sharing
http://www.bigfoot.com/~jialong_he (Redhat)
Files
specify name server, DNS domain and
User Management search order. For Example: /etc/fstab file systems mounted during boot.
etc/resolv.conf search la.asu.edu
Files nameserver 129.219.17.200
/etc/exports NFS server export list.

/etc/group /etc/auto.master auto mount master file.

/etc/hosts host name to IP mapping file.
/etc/passwd User account information.
/etc/shadow host name information look up order. Commands
Example:
/etc/bashrc /etc/host.conf mount mount a file system or all entries in fstab.
order hosts, bind
/etc/profile bash system wide and per user init files. multi on exportfs export file system listed in exports
$HOME/.bashrc
$HOME/.bash_profile /etc/nsswitch.conf new way to specify information source. showmount –e show file systems exported
hostname
/etc/csh.cshrc /etc/networks
/etc/csh.login /etc/protocols TCP/IP services and ports mapping.
$HOME/.cshrc tcsh system wide and per user init files. /etc/services
Printer Configuration
$HOME/.tcshrc /etc/rpc RPC service name to their program numbers
$HOME/.login mapping. Files
/etc/skel template files for new users. /etc/printcap
Commands Printer capabilities data base.
/etc/default default for certain commands. /etc/printcap.local
netconfig menu driven Ethernet setup program.
/etc/redhat-release Redhat/Slackware version info (Linux kernel /etc/lpd.conf LPRng configuration file.
/etc/slackware-version version with “uname –a”) pppsetup setup PPP connection (Slackware).
permissions control file for the LPRng line
/etc/lpd.perms printer spooler
setup Ethernet during boot, for example
Commands
/etc/hosts.lpd Access control (BSD lpd).
script to create an new user interactively /sbin/ifconfig eth0 ${IPADDR} broadcast
adduser (slackware) or link to useradd (Redhat). ${BROADCAST} netmask ${NETMASK} /etc/hosts.equiv trusted hosts.

useradd, userdel, create, delete, modify an new user or update ifconfig PRINTER Environment variable of default printer.
/sbin/route add -net ${NETWORK} netmask
usermod default new user information.. ${NETMASK} eth0 /dev/lp0 parallel port.
newusers update and create new users (batch mode).
/sbin/route add default gw ${GATEWAY} netmask Commands
groupadd, groupdel, add, delete or modify group. 0.0.0.0 metric 1
groupmod line printer control program, print queue
lpc, lpq, lprm maintain
host lookup host name or IP (similar to nslookup).
modify account policy (password length,
expire data etc.) or finger information (full dnsdomainname show DNS domain name.
chage. ch fn, chsh
name, phone number etc.) change default login arping; arp find out Ethernet address by first arping then arp. Sendmail
shell.
ipchains firewall and NAT (/etc/sysconfig/ipchains on Redhat) Files
gain root access during boot prompt without
linux init=/bin/sh rw iptables firewall and NAT (/etc/sysconfig/iptables on Redhat)
password, can be used to fix some problems. “sendmail.cf” is the configuration file. “sendmail.mc” is
mount –w -n –o remount / sendmail.cf a macro file which can be used to generate “sendmail.cf”
sendmail.mc by: m4 sendmail.mc > sendmail.cf
Redhat files in /etc/sysconfig
mail aliases, must run “newaliases” after change. use
Network Configuration Configuration Files aliases :include: to include external list in a file.
Files keyboard map, e.g., mail access control, FEATURE(access_db) should be set
keyboard KEYBOARD=”/usr/lib/kdb/keytables/us.map” in sendmail.mc. For example, in /etc/mail/access
/etc/rc.d/rc.inet1
(Slackware) IP address, Network mask, Default gateway cyberpromo.com REJECT
Mouse type, e.g.,
/etc/sysconfig/nework- are in these files. May edit manually to access mydomain.com RELAY
mouse MOUSETYPE=Microsoft spam@somewhere.com DISCARD
scripts/ifcfg-eth0 (Redhat) modify network parameters. XEMU3=yes
network settings, contains makemap hash /etc/mail/access < /etc/mail/access
/etc/HOSTNAME hostname is set by “/bin/hostname” during network NETWORKING=yes
/etc/mail/relay- list all host/domain accepted for relaying.
domains nmap scan a host for opened ports.

Commands Manage Modules crontab show or edit cron jobs.

sys-unconfig unconfigure system
newaliases rebuild the data base for the mail aliases file. insmod, lsmod, modinfo,
modprobe, rmmod, Manage loadable modules. chkconfig --list list services started at different run level.
build access database, e.g,
makemap depmod probe for new hardware (Redhat).
makemap hash access.db<access kudzu
rpm -i INSTALL a package
Useful Configuration Files Miscellaneous rpm
rpm -e UNINSTALL a package
rpm -q QUERY a package
Files Files rpm -U UPDATE a package
/etc/shells allowed login shells save a man page as a text file and remove control
httpd.conf Apache web server configuration file. man cmd | col –b
characters.
/etc/ftpusers user names NOT allowed to use ftp. >cmd.txt
smb.conf Samba server (file and print for Windows).
LILO boot loder configuration file. /etc/hosts.allow TCP wrapper access control files. Run ntop and listen on web port 3000. View traffic
lilo.conf
/etc/hosts.deny with browser to http://hostsname:3000
System log daemon (syslogd) configuration. ntop –w 3000
syslog.conf
/etc/sysconfig contains system configuration files.
ssh_config SSH client and server configuration files. (redhat)
sshd_config
/dev/fd0 floppy drive A
ld.so.conf default dynamic library search path (run Configure Apache 2.0 with SSL
ldconfig). /etc/inittab system run level control file.
/etc/init.d mod_ssl
mtools.conf mtool configuration file (access DOS file). (1) when compile apache, specify –enable-ssl for configure script.
DNS name server (BIND).
Commands By default, ssl is not enabled. After compiling, use “httpd –l”
named.conf
fromdos, todos to list the modules. “mod_ssl” should be in them.
sysctl.conf kernel parameters by sysctl (Redhat). (2) generate private key with command:
(Slackware)
ntp.conf net time server. dos2unix, convert text file from/to linux format. openssl genrsa -out server.key 1024
inetd.conf Internet super server. unix2dos
(Redhat) (3) generate certificate request
Xinetd.conf, Xinet.d Extended inetd configuration. openssl req -new -key server.key -out server.csr
pwck, grpck verify integrity of password and group files.
directory
pwconv, (4) generate self-signed certificate
proftpd.conf proftpd FTP server. openssl x509 -req -days 60 -in server.csr -signkey server.key -out
pwunconv, convert to and from shadow passwords and groups.
amanda.conf network backup server. grpconv, server.crt
PINE mail client system wide settings. grpuncov
/etc/pine.conf (5) modify “ssl.conf” which is included in “httpd.conf”. Note,
/etc/pine.conf.fixed shadowconfig toggle shadow passwords on and off. specify “httpd –DSSL”, otherwise, commented out <IfDefine SSL>
quota, in ssl.conf.
edquota,
Rebuild Kernel quotacheck,
Manage disk quota. Syslog.conf
Configure Kernel Parameters quotaon,
quotaoff,
Unpack the tarball in /usr/src directory repquota, Each line consists of a selector and an action. A selector has two parts:
make config bzip2 -dc linux-2.4.0.tar.bz2 | tar xvf – facilities and priorites, separated by a period (.),You may precede every
lilo -D dos set LILO default OS (default=dos in lilo.conf)
make menuconfig priority with an equation sign (``='') to specify only this single priority
make xconfig Configuring the kernel with interactive, menu ldd find out shared library dependencies. and not any of the above. You may also (both is valid, too) precede the
or X window interface. priority with an exclamation mark (``!'') to ignore all that priorities, either
lsof list opened files.
exact this one or this and any higher priority.
Compile Kernel Source fuser filename show processes that using the file.
Example:
make dep ifdown mail.notice /var/log/mail # log to a file
bring up/down a network interface (Redhat)
make zImage Building and installing a new kernel. ifup *.emerg @myhost.mydomain.org # log to remote host
make zdisk cp arch/i386/boot/bzImage /boot/vmlinuz
sysctl configure kernel parameters (Redhat).
make zlilo cp System.map /boot/System.map Note: separator between first column and second colume (log file name)
make bzImage socklist list opened socked. must be TAB, not spaces.

Compile Modules shutdown [–r|h] auth, auth-priv, cron, daemon, kern, lpr, mail, mark,
reboot / halt computer facilities news, syslog, user, uucp, local0 – local7.
now
make modules Building and installing modules.
priorities debug, info, notice, warning, err, crit, alert, emerg. RELATED The matching packet is starting a new connection
Commands related in some way to an existing connection.
Regular File:
action File with full pathname beginning with “/”. The matching packet is either creating a new
--flush | -F Flush (delete) rules in the selected chain. NEW
connection or is part of a two-way connection not
Terminal and Console: --policy | -P Set default policy for a particular chain. previously seen.
Specify a tty, same with /dev/console.
Remote Machine: --list | -L List all rules in filter table, use [–t tablename] to INVALID The matching packet cannot be tied to a known
@myhost.mydomain.org specify other tables. connection.
--append | -A A appends a rule to the end of the specified chain.

IPtables (Netfilter) -insert | -I Inserts a rule in a chain at a particular point. X Window (XFree86)
Command Syntax Other commands: Files
(1) --new | -N (2) --delete | -D (3) --replace | -D (4) --zero | -Z
iptables [-t <table >] <command > <chain > <parameters> (5) –check | -C (6) delete-chain | -X (7) rename-chain | -E To set screen resolution, in “Screen” section and Subsection “Display”,
specify a mode. For example: Modes “1024x768”
Parameters
Save and Restore rules
/sbin/iptables-save > /etc/sysconfig/iptables To specify screen refresh rate, in “Monitor” section, specify vertical rate.
/sbin/iptables-restore < /etc/sysconfig/iptables For example: VertRefresh 70-120
--proto | -p [!] name protocol: by number or name, including tcp,
Firewall script sample udp, icmp or all. $HOME/.xinitrc
http://tiger.la.asu.edu/iptables_examples.htm --source | -s [!] addr/mask source IP address. /etc/X11/xinit/xinitrc
/etc/X11/xinit/xinitrc.d scripts run after X server started
Build-in Table --destination | -d addr/mask destination IP address. $HOME/.Xclients
incoming interface name, e.g. eth0 or ppp0. /etc/X11/xinit/Xclients
filter This is the default table for handling network packets. Build- --in-interface | -i
in chains are: decide which desktop (GNORM, KDE) to start
--out-interface | -o outgoing interface name. /etc/sysconfig/desktop (Redhat). (by /etc/X11/prefdm)
1. INPUT — This chain applies to packets receiv ed
via a network interface. --jump | -j jump to a particular target when matching a
/etc/X11/fs/config configuration of X11 font path (font server).
2. OUTPUT — This chain applies to packets sent rule. Standard options: ACCEPT, DROP,
out via the same network interface which received QUEUE, RETURN, REJECT. May jump Commands
the packets. to a user defined chain.
3. FORWARD — This chain applies to packets startx start X window system.
--fragment | -f match second or further fragments only.
received on one network interface and sent out on Xconfigurator
another.
Options for TCP and UDP protocol (Redhat)
setup X server and generate XF86config.
nat This table used to alter packets that create a new connection. xfree86setup
Build-in chains: --sport | --source-port source and/or destination port. Can specify a (Slackware)
1. PREROUTING — This chain alters packets --dport | destination-port range like 0:65535, use exclamation xf86config
received via a network interface when they arrive. character (!) to NOT match ports. XFreee86 auto configuration (Plug-n-Play),
2. OUTPUT — This chain alters locally -generated XFree86 -configure generate a template named “XF86Config.new”
packets before they are routed via a network Options for TCP only Ctrl+Alt+Del stop X server (on some system Ctrl+Alt+ESC).
interface.
3. POSTROUTING — This chain alters packets --syn Match SYN packets. Ctrl+Alt+F1 F1 temporary switch to text mode, F7 switch
before they are sent out via a network interface. Ctrl+Alt+F7 back to graphic mode.
--tcp-flags Match TCP packets with specific bits set. For example, -p
## Masquerade everything out ppp0. tcp –tcp-flags ACK,FIN,SYN SYN will only match TCP SuperProbe detect graphic hardware.
iptables -t nat -A POSTROUTING -o ppp0 -j packets that have the SYN flag set and the ACK and FIN
MASQUERADE xvidtune adjust X server origin and size.
flags unset.
xmodmap modifying key map and mouse button map.
Options for ICMP only
## Change source addresses to 1.2.3.4.
iptables -t nat -A POSTROUTING -o eth0 -j SNAT --to xhost server access control program for X.
1.2.3.4 root window parameter setting utility for X.
--icmp-type [!] type Match specified ICMP type. Valid ICMP type can be xsetroot
mangle This table is used for specific types of packet alteration. list by xlsfonts server font list displayer for X.
Build-in chains: iptables –p icmp -h
1. PREROUTING — This chain alters packets xset ser preference utility for X.
received via a network interface before they are
routed.
Option for state module (-m state --state)
2. OUTPUT — This chain alters locally-generated ESTABLISHED The matching packet is associated with other XF86Config
packets before they are routed via a network packets in an established connection.
interface.
XFree86 uses a configuration file called XF86Config for its initial setup. Option "OffTime" "time" EXAMPLE
This file is normally located in “/etc/X11” or “/etc” directory. The Sets the inactivity timeout for the "off" phase of DPMS mode, default 40 Section "InputDevice"
XF86Config file is composed of a number of sections which may be min. Identifier "Generic Keyboard"
present in any order. Each section has the form: Driver "keyboard"
Option "DefaultServerLayout" "layout_id" Option "AutoRepeat" "500 30"
Specify the default ServerLayout section to use. Default is the first
Section "SectionName" Option "CoreKeyboard"
ServerLayout section.
SectionEntry EndSection
... EXAMPLE
EndSection Section "ServerFlags" Section "InputDevice"
Option "BlankTime" "99999" Identifier "PS2 Mouse"
The graphics boards are described in the Device sections, and the monitors Option "StandbyTime" "99999" Driver "mouse"
are described in the Monitor sect ions. They are bound together by a Screen Option "SuspendTime" "99999" Option "CorePointer"
section. Keyboard and Mouse are described in InputDevice sections, Option "OffTime" "99999" Option "Device" "/dev/mouse"
although Keyboard and Pointer are still recognized. ServerLayout section EndSection Option "Protocol" "PS/2"
is at the highest level and bind together the InputDevice and Screen Option "Emulate3Buttons" "true"
sections. EndSection
Module Section
A special keyword called Option may be used to provide free-form data to
various components of the server. The Option keyword takes either one or Load "modulename"
two string arguments. The first is the option name, and the optional second Load a module. The module name given should be the module's standard Device Section
argument is the option value. All Option values must be enclosed in quotes. name, not the module file name. Specifies information about the video card used by the system. You must
EXAMPLE have at least one Device section in your configuration file. The active device
File Section Section "Module" is in ServerLayout->Screen.
FontPath "path" Load "extmod"
Identifier
Font path elements may be either absolute directory paths, or a font server Load "type1" Specify an unique name for this graphics card.
identifier EndSection
Driver
RGBPath "path" Specify the name of the driver to use for this graphics card.
Sets the path name for the RGB color database.
InputDevice Section EXAMPLE
ModulePath "path" Section "Device"
Allows you to set up multiple directories to use for storing modules loaded There are normally at least two InputDevice sections, one for Keyboard and Identifier "ATI Mach64"
by the XFree86 server. one for Mouse. VendorName "ATI MACH64"
EXAMPLE Identifier VideoRam 2048
Section "Files" Specify an unique name for this input device. EndSection
RgbPath "/usr/X11R6/lib/X11/rgb"
FontPath "unix/:7100" Driver
Specify the name of the driver to use for this input device..
EndSection Monitor Section
Option "CorePointer"
Serverflags Section This input device is installed as the primary pointer device. Monitor section describes a monitor. There must be at least one monitor
section and the active one is used in ServerLayout ->Screen.
Option "DontZap" "boolean" Option "CoreKeyboard"
Disable use Ctrl+Alt+Backspace to terminate X server. This input device is the primary Keyboard. Identifier
Specify an unique name for this monitor.
Option "DontZoom" "boolean"
Disable use ‘Ctrl+Alt +Keypad +’ and ‘Ctrl+Alt +Keypad -’ to switch video HorizSync horizsync-range
mode. Gives the range(s) of horizontal sync frequencies of this monitor in kHz.
Option "BlankTime" "time" VertRefresh vertrefresh-range
Sets the inactivity timeout for the blanking phase of the screensaver in Gives the range(s) of vertical sync frequencies of this monitor in Hz.
minutes. Default 10 min.
EXAMPLE
Option "StandbyTime" "time" Section "Monitor"
Sets the inactivity timeout for the "standby" phase of DPMS mode in Identifier "Generic Monitor "
minutes. Default 20 min. VendorName "Monitor Vendor"
ModelName "Monitor Model"
Option "SuspendTime" "time" HorizSync 31.5-56.6
Sets the inactivity timeout for the "suspend" phase of DPMS mode, default VertRefresh 40-70
30 min. EndSection
Screen Section Identifier
An unique name for this ServerLayout Section.
Screen Section binds Device and Monitor sections. There must be at least
one Screen Section. The active one is in ServerLayout section. Screen screen-num "screen-id" position-information
The screen-id field is mandatory, and specifies the Screen section being
Identifier referenced.
Specify an unique name for this Screen Section.
InputDevice "idev-id" "option" ...
Device "device-id" Normally at least two are required, one for the core pointer and the other for
This specifies the Identifier of Device section to be used for this screen. the primary keyboard devices.
Monitor "monitor-id" EXAMPLE
This specifies the Identifier of Monitor section to be used for this screen. Section "ServerLayout"
Identifier "Default Layout"
DefaultDepth depth Screen "My Screen"
Default color depth, like 8, 16 or 24.
InputDevice "Generic Keyboard"
Option "Accel" InputDevice "PS/2 Mouse"
Enables XAA (X Acceleration Architecture), default is ON. EndSection
DISPLAY SUBSECTION
Each Screen section must have at least one Display Subsection which
matches the depth values in DefaultDepth.
Depth depth
This entry specifies what color depth of this Display Subsection.
Virtual xdim ydim
Specifies the virtual screen resolution to be used.
ViewPort x0 y0
Sets the upper left corner of the initial display.
Modes "mode-name" ...
Secifies the list of video modes to use. Each mode-name specified must be
in double quotes. They must correspond to those specified in the appropriate
Monitor section (including implicitly referenced built -in ESA standard
modes). mode can be switched with Ctrl+Alt+Keypad-Plus or
Ctrl+Alt+Keypad-Minus.
EXAMPLE
Section "Screen"
Identifier "My Screen”
Device " ATI Mach64"
Monitor " Generic Monitor"
DefaultDepth 16
SubSection "Display"
Depth 16
Modes "1024x768" "800x600" "640x480"
EndSubSection
SubSection "Display"
Depth 24
Modes "1024x768" "800x600" "640x480"
EndSubSection
EndSection

ServerLayout Section
ServerLayout section binds a Screen section and one or more InputSection
to form a complete configuration. The active ServerLayout section is
specified in ServerFlags. If not, the first ServerLayout section is active. If no
ServerLayout sections are present, the single active screen and two active
(core) input devices are selected as described in the relevant sections.