You may find that you want to modify the prompt. This can help you create visibility for special features or just modify it to something more useful. You can view the default settings for the prompt by using this command:
As stated above it will show user, hostname, location and definition whether it is a normal user or root.
Create a single character
The space behind the $ is enforced by placing the quotes so it does not run into your text. The $ is typically used to show that it is a normal user not the root user indicated by the “#”.
Change options for the prompt
\d : the date Weekday Month Date format
\h : the hostname up to the first ‘.’
\A : the current time in 24-hour HH:MM format
\u : the username of the current user
\w : the current working directory, with $HOME abbreviated with a tilde
\$ : if the effective UID is 0, a #, otherwise a $
Create a colored prompt
You may want to create a color prompt that you can use for visibility. In this example the hostname has been dropped to make a shorter prompt and the prompt is turned red but the commands that you enter will be black. The export command will change these features.
mike@ub:~$ export PS1=’\e[0;31m[\u:\w]\$ \e[m ‘
This will color the prompt but not any commands that you enter.
List of Color codes
Replace digit 0 with 1 for a lighter color.
Make Changes permanent
All of the changes you make will be lost when you close the terminal or log out. Here are directions to make them permanent.
# uncomment for a colored prompt, if the terminal has the capability; turned
# off by default to not distract the user: the focus in a terminal window
# should be on the output of commands, not on the prompt
The .bashrc file in each user’s home directory allows you to change the default for the prompt to a color prompt by uncommenting the line:
Unfortunately a typo in the line must also be corrected so that it should read:
Ubuntu or CentOS
Place your custom prompt in the user .bashrc file with this command:
export PS1=’\e[0;31m[\u:\w]\$ \e[m ‘
F-Spot photo manager is an application that comes as the default Gnome photo manager providing users with many photo managing features and an easy to use interface. F-Spot photo manager features over 15 different file types including more common file types like JPEG, GIF, TIFF, RAW, and more. F-Spot also allows users easy access to importing photos from iPod, hard drive or digital camera. Tags allow the organization and grouping of photos in F-Spot and really come in handy when managing a large number of photos.
F-Spot also boasts a photo editor that allows users to easily rotate, crop, re-size, and adjust red eye and other color settings with a few simple clicks. Another feature that comes in useful almost every time photos are accessed is the color adjustments which allows for precise adjustments color including brightness, contrast, hue, saturation, and temperature.
View the F-Spot Videos that include how to’s on importing photos, adding tags to photos, changing views, managing extensions, and adding tags to your collection in F-spot.
The Linux file system is a directory tree that is consistent with each Linux distribution. This directory tree begins with the / (root) and then expands under that position like an upside down tree. Each directory under / has a specific purpose whether it is to store system files, constantly changing log files, device drivers or files created by users on the system. The file system consists of several parts. The file system is a method of consistently naming objects and organizing them in an orderly manner. This is represented by the directory tree mentioned above. The file system is an Application Programming Interface, API, a method of system calls for navigating and object manipulation. The file system also contains a method of securing files, directories and objects in the file system. This is represented by the file permissions that are so critical to a system’s operation. The final aspect of a file system is that their must be software that can connect the hardware to the file system itself so it can all function.
The Linux file system reduces everything to a simple file. If you have a partition which is /dev/hdb1, that drive is represented by a device node, a file. If you have a mouse, that hardware device is represented by a device node file in the /dev directory. The advantage this provides is the ability to configure each file, device, etc. with a file editor.
The file system directory tree provides a unified method of moving through the file system and accessing objects. A Pathname is the list of directories from a starting point to an end point, like driving from one location to another.
Pathnames can be absolute or relative. The Path that is shown above is an absolute Path. Absolute Paths always start with a ”/”, starting at the beginning of the file system and working toward the directory or file. Relative paths never start with a “/” and are based on where the user is in the file system. When a user logs into the system they will log into their /home/username directory. When the user wants to move through the file system they can use absolute paths which use a reference from the start of the file system and then list each directory in the path of the file system. For example if the user would like to access the logs in the var directory these would be located at /var/log using an absolute pathname. If the user wanted to access a directory that was already created in their home directory called world in the games directory that could be accessed with a relative path of games/world or an absolute path of /home/username/games/world. Relative paths are interpreted in reference to the user’s current location.
Relative Path example.
Each section of the pathname can be no longer than 255 characters and one pathname cannot contain more than 4,095 characters. Though there are few restrictions on naming conventions for directories and files, you will find that avoiding spaces in names will be to your advantage. Use CaMeL TeXt, CapitalsInText or use u_n_d_e_rscores in your text instead of spaces.
Specific searches for information can provide excellent resources for troubleshooting. This section will help you examine a number of ways to find the information that you need.
When Ubuntu updates packages it keeps a package cache of .deb files in /var/cache/apt/archives. This archive can be used to review recent changes on your server. Here are a series of examples to help with searching packages.
Search packages added in last week
find /var/cache/apt/archives -iname ‘*.deb’ -atime -7
Note that atime is used because packages in this directory are not modified they are only added.
Search for packages which have a specific name
Be sure to use the “-n” option as it will force the search to be used for file that have the text string, in this example “apache”, in the name. Otherwise it will include those who have that text string in the description.
apt-cache search -n apache
This search will provide very helpful information for what packages were changed on an update. The “reverse depends” list shows packages which require, recommend or suggest the package searched. The “dependencies” list shows which packages are required, recommended, or suggested for your searched package.
Search for Sizes
Find all files over 10 MB
find / -size +10000000c 2> /dev/null
Find all files over 50 MB
find / -size +50000000c 2> /dev/null
The “2> /dev/null” sends all error messages to the trash instead of the screen.
Search User Owned Files
If you want to find files that belong to only a certain user, you can do that with the “-user” switch. Add a second criterion to find only files of a certain type that belong to a certain user.
find / -user tom -iname ‘*.txt’
You can adjust this search by changing the text string which represents the file type. In the example, “.txt” is used but that could be changed to and file type, like; “.rtf”,”.conf”,”.jpg”,”.gif”, etc.
Using the “-v” option you can show the version of many programs to verify which version is current. Here are a few examples.
Server version: Apache/2.2.8 (Ubuntu)
Server built: Jun 25 2008 13:54:13
Using Aptitude to Locate Information
Aptitude is a text mode tool with a menu front end for apt. It can easily provide information about packages and the versions that you currently have installed as well as packages that are not installed. You can access aptitude with:
When you open aptitude you will see a menu bar at the top of the screen with two panes below the menu bar. The top pane lists package categories and the bottom pane contains information related to the packages and package categories that you select.
Caution: You can easily break your system using aptitude carelessly as you will be running as root and you can easily install or uninstall packages.
— Installed Packages
— Not Installed Packages
— Obsolete and Locally Create Packages
— Virtual Packages (do not exist but the names are required by other programs)
— Tasks (select packages by groups)
Select any of the five categories and it will expand to show groups related to software packages. For example if you select Installed Packages you will see a list of categories that starts like this:
— main (Fully supported software)
I grub 0.97-29ubu
— universe (Unsupported software)
Select a specific category and you will see the individual repository that the packages come from. When you select a repository you will see a list of applications followed by the version that is used. If you see an “I” it indicates that it is installed on the system. In the bottom pane you will see a description of the package.
Whenever you list packages they will have one of these indicators in front of the package to indicate the status of the package.
i: Installed package
c: Package not installed, but package configuration remains on system
p: Purged from system
v: Virtual package -
B: Broken package
u: Unpacked files, but package not yet configured
C: Half-configured – Configuration failed and requires fix
H: Half-installed – Removal failed and requires fix
You can use the F10 key to access the menu across the top.
Actions Undo Package Resolver Search Options Views Help
Actions – install and uninstall options, clean cache
Undo – undo actions
Package – manage install, remove, purge, etc of packages
Resolver – try to resolve issues with conflicts
Find – locate packages
Options – display options
Views – quick access to various view options
Help – basic help
Using dpkg to Locate Information
The dpkg or Debian Package Management tool is an additional way to locate information about packages. If you use the “-l” option you can provide a topic and it will list the package version that is installed.
dpkg -l apache2
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
ii apache2 2.2.8-1ubuntu0.3 Next generation, scalable, extendable web server
dpkg -l cron
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
ii cron 3.0pl1-100ubuntu2 management of regular background processing
If you want to list all packages installed use “-l” alone. It will list the package name, version and brief description.
|/ Err?=(none)/Hold/Reinst-required/X=both-problems (Status,Err: uppercase=bad)
||/ Name Version Description
ii acl 2.2.45-1 Access control li
ii acpi 0.09-3ubuntu1 displays information on ACPI devices
ii acpi-support 0.109 a collection of useful events for acpi
ii acpid 1.0.4-5ubuntu9 Utilities for using ACPI power management
ii adduser 3.105ubuntu1 add and remove users and groups
How to Acquire root Privileges
There are several ways to escalate the normal user privileges to the root user privileges. You may wonder why this needs to be done. There are many files and directories that cannot be modified by the normal user. If you are trying to fix problems and sometimes when you are trying locate problems you will need the privileges of root.
The su command allows you to “substitute user”. One of the major disadvantages of this process is that su does not record the commands executed as root. It does create a log entry for which user became root and when but not what they did with the power! Once logged in as a user you can switch to root with this command:
The system will then ask for the root password. This will then provide the user with full control of the entire system and access to all files and directories on the system. One item of note for Ubuntu users. If the root account has not been configured to enable this feature you will not be able to become root with su.
su – root
This is an additional option that will place you in the root home directory when executed and provide you with the environment of the root users as well. Details of the root user environment will be discussed in the path explanation.
When Ubuntu is installed the first user to be installed on the system will be able use the sudo su command to administer the system. This is because the first user is placed in groups that allow these special privileges. Subsequent users that are added do not get these privileges by default. You can see in the example below that the first user mike is placed in a number of special groups providing these privileges while the users tom and diane do not have the same rights. This can be viewed when you open the /etc/group file with cat, short for catenate.
The advantage of using sudo is that there is better command logging for accountability, you can limit access, you do not have to reveal the root password, and sudo is faster
How to use the sudo command
The first user created on the system, because they are added to special groups, has the privileges to run administrative commands even though they are a normal user. If mike a normal user wanted to check the firewall configuration and executed the command, iptables -L, would only see a response that they did not have the correct privileges as you can see below.
mike@ub:/etc$ iptables -L
iptables v1.3.8: can’t initialize iptables table `filter': Permission denied (you must be root)
Perhaps iptables or your kernel needs to be upgraded.
Now if mike was a normal user that had been placed in the privileged groups he could use the sudo command to be able to execute that command. The sudo command precedes the command you want to run with root privileges.
Format → sudo command options
In the example below sudo precedes the command iptables which is followed by the option -L.
mike@ub:/etc$ sudo iptables -L
[sudo] password for mike:
Chain INPUT (policy DROP)
target prot opt source destination
ufw-before-input all — anywhere anywhere
ufw-after-input all — anywhere anywhere
In Ubuntu the sudo command can be joined with su to create the privileges needed to execute administrative commands and to change users to root as long as you remained logged in.
This will mean that the user will receive root privileges and be actually running as the root user which will be reflected in the prompt as you see below. Note that the “$” on the end which signifies a normal user has been replaced by the “#” which indicates that the user is now functioning as root in all of the commands they execute.
This is a dangerous thing to do because any mistake you make will be a permanent change, which no warning.
Who you are as a user on the Linux system is important to understanding what you can do. Just like Windows, Linux is a multi-user operating system and all users do not possess the same rights. There are three basic types of users on the Linux system; the root user, normal user accounts and the service users.
The root user account is created by the operating system when it is installed. This user is the superuser who basically has complete control of the entire system. This means that great care should be taken to preserve the integrity of this account. One aspect of this care is to ensure that the root password is complex and changed on a regular basis. In addition, the root account should not be used to log into a server because if anyone gains access to the root account they have complete control of all services and information located on the server.
Service accounts such as apache, squid, cups, etc. are each created when the service is installed. Typically there is no need to change these accounts. These accounts often are accounts that cannot be used to log into the server. A number of service accounts cannot be used to log into the system. This is simply a security matter and should not be changed nor will it offer any problems.
Normal users are users that are created on Linux file system and have a home directory in /home. So if you had 4 users on the system called; fred, jane, mary and tom you would see these /home directories.
Normal users do not all have the same privileges. The fist user created on the system can use a special command called “sudo” to gain root privileges so that this account could be used to manage a server or desktop. Other users do not by default have these rights nor can they gain these rights unless the root user provides them with those special rights.
Typically users can do anything they want in their own home directories. They can create, copy or delete files and directories in their home. They also have the rights to read just about any file on the entire Linux system. That means that they can read any of the configuration files in the /etc directory or any of the program listings in the /usr directory. Normal users can move all around the file system. There are very few limitations, one of those is the /root directory. No user is allowed to view or move into the /root directory which is the home directory for the root user.
The implications of a normal user in the file system is that they can only save files or backups to their own home directory, they will not be able to save anywhere else.
When users are created they will also be created as a member of a group with the same name. So when the user tom is created, immediately the group tom is created with the user tom being the only member. Groups allow several users to share files if they needed to. Here are a few examples.
fred fred, tom, mary
In the examples above, each user is created and the group with their name is also created. However, when you look at the group fred both tom and mary have been added to that group so that fred, tom and mary could share files that were owned by the group.
A user’s login name must be unique and less than 32 characters. It may contain any characters except colons and new lines. Typically login names are lower case, some Linux distros require lower case. When you create login names a standard is important as these names also reflect what will be available for email addresses.
User passwords are encrypted and kept in a separate file which is not available to anyone but root. This file is /etc/shadow. Passwords must be encrypted which means they must be created with the passwd command or encrypted and copied to the account. However, editing accounts by hand is filled with possibilities of mistakes so should be avoided. Most Linux distributions use the MD5 encryption which allows for random lengths in passwords.
When users are create d they will get a login name for the users to recognize but the system will user a UID or User Identification number. These numbers will begin at either 500 or 1000 and be incremented by one for each new user. So if you create the user tom and tom is the first user to be created he will have a UID of 1001.
In addition to UIDs that are created, a GID or Group Identification number is also created for each user name. The GID is a private group with Ubuntu which means that no other users have read access to a user’s files. If tom is the first created user and his UID is 1001 he will also have a GID of 1001. Again, the numbers that relate to the users is for the operating system. Here are some examples.
User UID GID
tom 1001 1001
mary 1002 1002
jane 1003 1003
fred 1004 1005
Note that the UID and the GID do not have to be the same. If you created a special group before you created fred then all the rest of the numbers will be out of sync which is not a problem but something you need to be aware of.
The root User
The root user is the superuser on the system. Root has access to all files and directories on the system and is able to configure all aspects of the system. The UID for root is 0, which you can see in /etc/passwd. There should only be one user with a UID of 0 on the system as this could lead to serious security abuse. Many activities on the system are limited to the root user only. Changes like creating device files, setting the hostname, configuring network interfaces, working with privileged network ports (below 1024) are examples of activities that can only be performed by root. This is a powerful and yet dangerous account as root can make, and will make mistakes that could take the system down.
Best security practices suggest that you never login as root. When you login as the administrator of the Linux system you need to recognize the dangers of allowing the server to run as root. Any access gained into the system as root user will give intruders complete control of the server. If you login as a normal user this means that you must become root using the “su root” command. This is simply to protect your system when online since if the system was cracked when you are logged in as a regular user there is much less damage done than if you were logged in as root, allowing full access. The issue is file and directory ownership and access. User Identification numbers (UID) and Group Identification numbers are mapped to each user and group and recorded in /etc/passwd and /etc/group. These UIDs and GIDs are used to determine ownership and access to files and directories. In addition, users run processes and the owner of a process can send process signals that can impact the process activity.
The root user is intended to run many commands that are not available to other users of the operating system. Here are several directories that are intended only for the root user:
/sbin – This directory contains commands for modifying disk partitions (fdisk), changing boot procedures (lilo), and changing system states (init).
/usr/sbin – This directory has commands for managing user accounts (adduser), configuring the mouse(mouseconfig) or keyboard (kbdconfig). Most daemon processes are also in this directory.
/bin and /usr/bin contain commands that both root and users will use. For example: /bin/mount is a command that root will mount directories but users will use this command to list mounted directories.
The /usr/share/man/man8 directory lists many of the commands that are intended for use by the system administrator.