WEBVTT

1
00:00:00.120 --> 00:00:02.359
<v Speaker 1>You know, it's kind of incredible when you stop and

2
00:00:02.399 --> 00:00:06.000
<v Speaker 1>think about it. So much of our digital world, I

3
00:00:06.000 --> 00:00:09.119
<v Speaker 1>mean really, so much is built on something most people

4
00:00:09.160 --> 00:00:13.359
<v Speaker 1>barely notice. Linux. You might not realize it, but it's

5
00:00:13.439 --> 00:00:18.519
<v Speaker 1>literally everywhere your Internet router, proble, Linux, Android phone, yep,

6
00:00:18.600 --> 00:00:22.320
<v Speaker 1>Linux kernel, even like smart thermostats and stuff. It's this

7
00:00:22.480 --> 00:00:23.920
<v Speaker 1>silent workhorse.

8
00:00:24.079 --> 00:00:27.039
<v Speaker 2>It really is the backbone for a huge amount of tech.

9
00:00:27.280 --> 00:00:29.559
<v Speaker 1>Okay, so let's unpack this a bit, because, you know,

10
00:00:29.640 --> 00:00:32.119
<v Speaker 1>for something that's so pervasive, jumping into Linux for the

11
00:00:32.119 --> 00:00:34.399
<v Speaker 1>first time, it can feel really complex, like looking at

12
00:00:34.399 --> 00:00:37.039
<v Speaker 1>this massive technical diagram.

13
00:00:36.679 --> 00:00:38.280
<v Speaker 2>Definitely daunting at first glance.

14
00:00:38.359 --> 00:00:41.320
<v Speaker 1>Yeah, but what if what if understanding just a few

15
00:00:41.359 --> 00:00:44.920
<v Speaker 1>core ideas could actually give you this like superpower, real

16
00:00:44.920 --> 00:00:48.479
<v Speaker 1>control and insight into how these digital systems actually work.

17
00:00:48.560 --> 00:00:50.960
<v Speaker 2>Well, that's exactly what we're aiming for today. We've gone

18
00:00:50.960 --> 00:00:54.840
<v Speaker 2>through a pretty hefty Linux certification guide and pulled out

19
00:00:54.880 --> 00:00:58.600
<v Speaker 2>the absolute foundational stuff you need. Our mission basically is

20
00:00:58.640 --> 00:01:01.840
<v Speaker 2>to demistify the Linux five system, gets you comfortable with

21
00:01:01.880 --> 00:01:05.239
<v Speaker 2>some key command line tools, show you how to manage

22
00:01:05.319 --> 00:01:08.480
<v Speaker 2>running programs, the actual processes, and also lay down the

23
00:01:08.480 --> 00:01:10.040
<v Speaker 2>groundwork for essential security.

24
00:01:10.280 --> 00:01:13.200
<v Speaker 1>So The goal isn't just memorizing commands.

25
00:01:12.760 --> 00:01:14.920
<v Speaker 2>No, not at all. It's about understanding how it all

26
00:01:14.959 --> 00:01:17.719
<v Speaker 2>fits together, turning that feeling of whoa, this is too

27
00:01:17.799 --> 00:01:22.359
<v Speaker 2>much into those aha moments, really getting how Linux operates

28
00:01:22.400 --> 00:01:22.920
<v Speaker 2>under the hood.

29
00:01:22.959 --> 00:01:25.400
<v Speaker 1>All right, let's dive in. Where do we start? The

30
00:01:25.439 --> 00:01:26.120
<v Speaker 1>ground floor?

31
00:01:26.159 --> 00:01:28.200
<v Speaker 2>The ground floor is perfect. Yeah, let's talk about how

32
00:01:28.280 --> 00:01:32.799
<v Speaker 2>Linux organizes information. It's structure unlike say Windows, where you

33
00:01:32.840 --> 00:01:34.799
<v Speaker 2>often see different drives like CD.

34
00:01:34.680 --> 00:01:36.120
<v Speaker 1>Whatever, multiple partitions.

35
00:01:36.159 --> 00:01:39.840
<v Speaker 2>Yeah, Linux uses a single unified directory tree. Everything starts

36
00:01:39.840 --> 00:01:42.640
<v Speaker 2>from the root, represented by a forward slash trick. And

37
00:01:42.680 --> 00:01:45.879
<v Speaker 2>this whole structure follows a standard. It's called the File

38
00:01:45.959 --> 00:01:49.159
<v Speaker 2>System Hierarchy Standard or FHS.

39
00:01:49.359 --> 00:01:49.840
<v Speaker 1>FHS.

40
00:01:49.879 --> 00:01:53.040
<v Speaker 2>Okay, so it's like a blueprint, exactly standardized blueprint. So

41
00:01:53.319 --> 00:01:55.840
<v Speaker 2>whether you're on Fedora or open sets or a Buntu,

42
00:01:56.319 --> 00:01:58.560
<v Speaker 2>you generally know where to look for things. Core system

43
00:01:58.599 --> 00:02:00.959
<v Speaker 2>can fig files, they'll be in its own user home

44
00:02:01.000 --> 00:02:05.079
<v Speaker 2>directories under home the kernel itself. Boot files they live

45
00:02:05.120 --> 00:02:09.599
<v Speaker 2>in boot. This consistency is well, it's incredibly valuable. Makes

46
00:02:09.599 --> 00:02:11.840
<v Speaker 2>an administration much more predictable.

47
00:02:11.400 --> 00:02:14.039
<v Speaker 1>Like a universal address system for files. Then, and the

48
00:02:14.120 --> 00:02:16.319
<v Speaker 1>main way you navigate this is using the shell right

49
00:02:17.159 --> 00:02:18.719
<v Speaker 1>Bash usually yeah.

50
00:02:18.719 --> 00:02:21.599
<v Speaker 2>The basa shell is your command line interface. It's where

51
00:02:21.639 --> 00:02:24.759
<v Speaker 2>you type your commands. But it's worth asking, you know

52
00:02:25.000 --> 00:02:27.719
<v Speaker 2>what actually happens when you type a command and press enter.

53
00:02:28.039 --> 00:02:29.599
<v Speaker 2>How does the shell process that?

54
00:02:29.680 --> 00:02:30.199
<v Speaker 1>Good question?

55
00:02:30.319 --> 00:02:33.479
<v Speaker 2>That uses something called file descriptors. Every command inherently has

56
00:02:33.520 --> 00:02:37.400
<v Speaker 2>three of these, standard input or stend in okay, input

57
00:02:37.639 --> 00:02:40.400
<v Speaker 2>like the keyboard usually yeah. By default, stending comes from

58
00:02:40.400 --> 00:02:40.960
<v Speaker 2>your keyboard.

59
00:02:41.039 --> 00:02:41.280
<v Speaker 1>Yeah.

60
00:02:41.319 --> 00:02:44.199
<v Speaker 2>Then their standard output stand out, which is the normal

61
00:02:44.240 --> 00:02:48.000
<v Speaker 2>result of the command, and standard error stender for any

62
00:02:48.080 --> 00:02:50.759
<v Speaker 2>error messages. And those both go to the screen by default. Yes,

63
00:02:51.080 --> 00:02:53.960
<v Speaker 2>stid out and stender both display on your terminal. But

64
00:02:54.520 --> 00:02:56.719
<v Speaker 2>and this is where gets really interesting. You can mess

65
00:02:56.719 --> 00:02:58.039
<v Speaker 2>with these. You can redirect them.

66
00:02:58.080 --> 00:02:59.919
<v Speaker 1>Redirect how so Well.

67
00:03:00.000 --> 00:03:02.680
<v Speaker 2>Instead of sending the output to the screen, you can

68
00:03:02.719 --> 00:03:05.439
<v Speaker 2>send it directly into a file. You use the symbol

69
00:03:05.439 --> 00:03:07.960
<v Speaker 2>to overwrite a file or to just add the output

70
00:03:08.039 --> 00:03:08.680
<v Speaker 2>to the end of it.

71
00:03:08.840 --> 00:03:12.520
<v Speaker 1>Ah okay, So you can save command results easily.

72
00:03:12.240 --> 00:03:16.599
<v Speaker 2>Exactly, and even more powerful, you can pipe output. Use

73
00:03:16.599 --> 00:03:19.439
<v Speaker 2>the symbol the vertical bar to take the standard output

74
00:03:19.439 --> 00:03:21.960
<v Speaker 2>of one command and use it directly as the standard

75
00:03:21.960 --> 00:03:23.120
<v Speaker 2>input for another command.

76
00:03:23.280 --> 00:03:26.919
<v Speaker 1>WHOA Okay, So you can chain commands together precisely.

77
00:03:27.000 --> 00:03:31.400
<v Speaker 2>You build pipelines, filter data, process text, complex operations from

78
00:03:31.400 --> 00:03:35.919
<v Speaker 2>simple building blocks. It's fundamental to the Unix philosophy. Really,

79
00:03:35.919 --> 00:03:37.039
<v Speaker 2>it makes you way more efficient.

80
00:03:37.159 --> 00:03:39.479
<v Speaker 1>I could see that. Well, let's be AHH has those

81
00:03:39.479 --> 00:03:41.960
<v Speaker 1>wildcard things too, right, like oh yeah.

82
00:03:41.719 --> 00:03:45.639
<v Speaker 2>Meta characters, Yeah, matches anything. Media matches a single character.

83
00:03:46.280 --> 00:03:48.560
<v Speaker 2>Huge time savers when you're looking for files or working

84
00:03:48.599 --> 00:03:52.560
<v Speaker 2>with multiple files at once. Knowing redirection, piping and meta

85
00:03:52.599 --> 00:03:54.240
<v Speaker 2>characters really unlocks the command line.

86
00:03:54.280 --> 00:03:57.599
<v Speaker 1>Okay, So with that power, what are the essential commands for? Just,

87
00:03:57.719 --> 00:04:00.240
<v Speaker 1>you know, interacting with files day to day, listing them,

88
00:04:00.240 --> 00:04:01.159
<v Speaker 1>seeing what's inside?

89
00:04:01.240 --> 00:04:03.319
<v Speaker 2>All right, Well, you'll live in l's. That's for listing

90
00:04:03.319 --> 00:04:06.280
<v Speaker 2>directory contents. Just l's gives you names, simple enough, but

91
00:04:06.560 --> 00:04:08.599
<v Speaker 2>l's L is often what you really want. The LLL

92
00:04:08.719 --> 00:04:14.639
<v Speaker 2>gives you a long listing shows permissions, owner, group size, modification, date,

93
00:04:15.360 --> 00:04:16.399
<v Speaker 2>tons is useful info.

94
00:04:16.519 --> 00:04:19.040
<v Speaker 1>Okay, that's the detailed view. If you're not even sure

95
00:04:19.040 --> 00:04:21.279
<v Speaker 1>what kind of file something is like? Is it text?

96
00:04:21.399 --> 00:04:22.439
<v Speaker 1>Is it a program?

97
00:04:22.680 --> 00:04:25.399
<v Speaker 2>A good one? For that? You use the file command.

98
00:04:25.920 --> 00:04:28.199
<v Speaker 2>Just file in a file name. It'll inspect the file

99
00:04:28.279 --> 00:04:32.120
<v Speaker 2>until you it's best guess ye asci text ELF sixty

100
00:04:32.120 --> 00:04:35.560
<v Speaker 2>four bit executable symbolic link, that kind of thing. It's

101
00:04:35.600 --> 00:04:37.160
<v Speaker 2>like a quick detective tool neat.

102
00:04:37.399 --> 00:04:42.120
<v Speaker 1>Okay, So we can list files, identify them. What about

103
00:04:42.120 --> 00:04:44.600
<v Speaker 1>actually looking inside them? Assuming they're text files?

104
00:04:44.680 --> 00:04:47.240
<v Speaker 2>Sure, for text you've got a few options. The cat

105
00:04:47.319 --> 00:04:49.680
<v Speaker 2>just concatenates and displays the whole file to the screen.

106
00:04:50.240 --> 00:04:50.920
<v Speaker 2>Quick and dirty.

107
00:04:50.959 --> 00:04:52.879
<v Speaker 1>Okay. Good for short files, maybe.

108
00:04:52.680 --> 00:04:55.680
<v Speaker 2>Yeah, exactly. For longer files, more is useful. It shows

109
00:04:55.720 --> 00:04:57.639
<v Speaker 2>the file one page at a time. You hit spacebar

110
00:04:57.720 --> 00:05:00.360
<v Speaker 2>to go down a page, Enter for a line, que quit.

111
00:05:00.680 --> 00:05:02.360
<v Speaker 2>It even shows you the percentage viewed.

112
00:05:02.480 --> 00:05:02.920
<v Speaker 1>Got it?

113
00:05:03.199 --> 00:05:07.079
<v Speaker 2>But honestly, less is often preferred. There's like more but

114
00:05:07.199 --> 00:05:10.480
<v Speaker 2>more powerful. You can scroll backwards as well as forwards

115
00:05:10.600 --> 00:05:14.040
<v Speaker 2>using arrow keys or page upage down. Much more flexible

116
00:05:14.079 --> 00:05:16.639
<v Speaker 2>For examining long files like logs.

117
00:05:16.480 --> 00:05:19.720
<v Speaker 1>Less is more and searching within files if I'm looking

118
00:05:19.759 --> 00:05:21.839
<v Speaker 1>for a specific word or error message.

119
00:05:21.879 --> 00:05:24.839
<v Speaker 2>That's g REP stands for a global regular expression print.

120
00:05:25.000 --> 00:05:26.879
<v Speaker 2>You give it a pattern and a file name, and

121
00:05:26.920 --> 00:05:30.240
<v Speaker 2>it prints lines that match. Incredibly powerful, especially with the

122
00:05:30.240 --> 00:05:33.160
<v Speaker 2>log files. There's also e g REP for extended patterns

123
00:05:33.160 --> 00:05:35.800
<v Speaker 2>and f GP, which is faster for simple fixed strengths

124
00:05:35.800 --> 00:05:38.720
<v Speaker 2>because it doesn't do the complex pattern matching crap.

125
00:05:38.839 --> 00:05:41.279
<v Speaker 1>Okay, that sounds indispensable for troubleshooting.

126
00:05:41.319 --> 00:05:43.680
<v Speaker 2>Oh absolutely, yeah, And then you have your basics dot

127
00:05:43.720 --> 00:05:47.279
<v Speaker 2>CP to copy files, PP for copy, MV to move

128
00:05:47.319 --> 00:05:49.000
<v Speaker 2>files or actually to rename them too.

129
00:05:49.439 --> 00:05:52.480
<v Speaker 1>The rename okay, RM to remove.

130
00:05:52.240 --> 00:05:54.839
<v Speaker 2>Files, be careful that one right RM is delete. And

131
00:05:54.879 --> 00:05:57.399
<v Speaker 2>for directories ramder deer to make a directory, and are

132
00:05:57.480 --> 00:05:58.839
<v Speaker 2>malage to remove an empty directory.

133
00:05:58.879 --> 00:06:02.199
<v Speaker 1>Okay, standard stuff. Now you mentioned linking earlier, hard links

134
00:06:02.240 --> 00:06:05.319
<v Speaker 1>and symbolic links. That sounds important, very important concept. Yeah.

135
00:06:05.720 --> 00:06:08.120
<v Speaker 2>Linking lets you have multiple names point to the same

136
00:06:08.160 --> 00:06:12.759
<v Speaker 2>actual data. Save space. Helps organize two types hard links

137
00:06:12.800 --> 00:06:13.839
<v Speaker 2>and symbolic links.

138
00:06:14.120 --> 00:06:14.879
<v Speaker 1>What's the difference?

139
00:06:15.279 --> 00:06:19.040
<v Speaker 2>Okay, A hard link made with LNN filename link name

140
00:06:19.399 --> 00:06:22.560
<v Speaker 2>is basically just another directory entry pointing to the exact

141
00:06:22.600 --> 00:06:26.279
<v Speaker 2>same underlying data block on the disc card air the

142
00:06:26.319 --> 00:06:28.160
<v Speaker 2>inode technically.

143
00:06:27.680 --> 00:06:31.000
<v Speaker 1>So like two names for the very same file data exactly.

144
00:06:31.279 --> 00:06:33.399
<v Speaker 2>And because of that, hard links have to be on

145
00:06:33.439 --> 00:06:36.360
<v Speaker 2>the same filesystem, the same disc partition. If you delete

146
00:06:36.399 --> 00:06:38.839
<v Speaker 2>the original filename, the data is still there as long

147
00:06:38.879 --> 00:06:41.600
<v Speaker 2>as a hard link exists. That data only goes away

148
00:06:41.639 --> 00:06:43.519
<v Speaker 2>when the last link pointing to it is removed.

149
00:06:43.839 --> 00:06:46.399
<v Speaker 1>Interesting data sticks around. What about symbolic links? Then?

150
00:06:46.439 --> 00:06:49.680
<v Speaker 2>Symbolic links or sim links made with LNS target file

151
00:06:49.720 --> 00:06:52.319
<v Speaker 2>link name are different. They're more like shortcuts and windows

152
00:06:52.399 --> 00:06:55.079
<v Speaker 2>or aliases on a Mac. A sim link is actually

153
00:06:55.120 --> 00:06:57.199
<v Speaker 2>a tiny file that just contains the path to the

154
00:06:57.360 --> 00:06:58.639
<v Speaker 2>target file or directory.

155
00:06:58.720 --> 00:07:01.000
<v Speaker 1>Ah, so it's just a pointer exactly, It's.

156
00:07:00.800 --> 00:07:03.920
<v Speaker 2>Just a pointer. Because of this, sim links can point

157
00:07:03.920 --> 00:07:07.600
<v Speaker 2>across different filesystems. But the downside is if you delete

158
00:07:07.879 --> 00:07:11.279
<v Speaker 2>or move the original target file, the semb link becomes broken.

159
00:07:11.720 --> 00:07:12.600
<v Speaker 2>It points to nothing.

160
00:07:12.920 --> 00:07:15.519
<v Speaker 1>Okay, So why choose one over the other. When would

161
00:07:15.519 --> 00:07:17.680
<v Speaker 1>you use a hard link versus a symbolic one?

162
00:07:17.839 --> 00:07:22.480
<v Speaker 2>Good question. It's about resilience versus flexibility. Hard links give

163
00:07:22.519 --> 00:07:25.360
<v Speaker 2>you that data resilience on a single file system. The

164
00:07:25.439 --> 00:07:28.839
<v Speaker 2>data won't disappear until all names are gone. Symbolic links

165
00:07:28.839 --> 00:07:32.160
<v Speaker 2>give you massive flexibility, linking across disks, creating easy to

166
00:07:32.240 --> 00:07:36.639
<v Speaker 2>update pointers, organizing complex structures without moving the actual data around.

167
00:07:36.959 --> 00:07:39.079
<v Speaker 2>You choose based on whether you need the data backup

168
00:07:39.120 --> 00:07:42.120
<v Speaker 2>inherent in hard links or the organizational flexibility of semb

169
00:07:42.120 --> 00:07:43.120
<v Speaker 2>links makes sense.

170
00:07:43.279 --> 00:07:46.800
<v Speaker 1>Resilience on one desk versus flexible pointing anywhere pretty much. Okay,

171
00:07:46.800 --> 00:07:49.319
<v Speaker 1>so we've mapped the territory with fahs. We've got tools

172
00:07:49.360 --> 00:07:53.600
<v Speaker 1>like l's kat grap ln. But any shared system needs rules,

173
00:07:53.680 --> 00:07:56.800
<v Speaker 1>right Who gets to actually use these tools on which files?

174
00:07:57.079 --> 00:07:58.839
<v Speaker 1>That sounds like permissions precisely.

175
00:07:59.079 --> 00:08:01.959
<v Speaker 2>File permissions are the aid keepers. Every single file and

176
00:08:02.000 --> 00:08:05.839
<v Speaker 2>directory in Linux has permissions defined for three categories of users.

177
00:08:06.000 --> 00:08:07.240
<v Speaker 1>Three categories, yep.

178
00:08:07.279 --> 00:08:10.319
<v Speaker 2>First, the actual user who owns the file, usually the

179
00:08:10.319 --> 00:08:13.360
<v Speaker 2>person who created it. Second, the group that owns the file,

180
00:08:13.839 --> 00:08:16.879
<v Speaker 2>think of groups like teams or departments. And third everyone

181
00:08:16.959 --> 00:08:18.759
<v Speaker 2>else on the system, often just called.

182
00:08:18.600 --> 00:08:22.639
<v Speaker 1>Other user group other. Okay, and what permissions can they have.

183
00:08:23.079 --> 00:08:25.959
<v Speaker 2>For each of those three categories? User group, other? You

184
00:08:26.000 --> 00:08:30.439
<v Speaker 2>can grant or deny three basic permissions read, write, and execute,

185
00:08:30.800 --> 00:08:33.080
<v Speaker 2>often shown as r W and X.

186
00:08:33.480 --> 00:08:37.639
<v Speaker 1>Read write execute r WX makes sense for files, Read

187
00:08:37.720 --> 00:08:41.519
<v Speaker 1>means view, right means change. Execute means run if it's

188
00:08:41.559 --> 00:08:45.480
<v Speaker 1>a program. What about for directories? Execute seems weird for

189
00:08:45.519 --> 00:08:46.679
<v Speaker 1>a directory.

190
00:08:46.240 --> 00:08:49.399
<v Speaker 2>That's a key point. For a directory, execute permission means

191
00:08:49.399 --> 00:08:51.960
<v Speaker 2>something different. It means you're allowed to enter the directory

192
00:08:52.080 --> 00:08:54.600
<v Speaker 2>like using the CD command. If you also have red

193
00:08:54.600 --> 00:08:57.440
<v Speaker 2>permission on the directory, you can list its contents with LS,

194
00:08:57.799 --> 00:08:59.639
<v Speaker 2>but without execute you can't even get inside.

195
00:09:00.039 --> 00:09:03.240
<v Speaker 1>Ah, okay, execute, let's you traverse into the directory. Got it?

196
00:09:03.480 --> 00:09:05.720
<v Speaker 1>So how do we change these permissions.

197
00:09:05.320 --> 00:09:09.559
<v Speaker 2>With the chmud command change mode? You can use symbolic notation,

198
00:09:09.720 --> 00:09:12.480
<v Speaker 2>which is maybe more intuitive at first, like chmud U

199
00:09:12.600 --> 00:09:15.240
<v Speaker 2>plus x file name adds execute permission for the user,

200
00:09:15.559 --> 00:09:18.679
<v Speaker 2>GW removes right for the group. Jerry R sets other

201
00:09:18.679 --> 00:09:20.000
<v Speaker 2>permissions to only read.

202
00:09:20.080 --> 00:09:24.679
<v Speaker 1>User, group other dot. Yougo plus minus equals okay.

203
00:09:24.840 --> 00:09:27.159
<v Speaker 2>Or and this is very common, you use numeric occal codes.

204
00:09:27.600 --> 00:09:30.480
<v Speaker 2>Each permission gets a number. Read is four, right is

205
00:09:30.519 --> 00:09:33.559
<v Speaker 2>to execute is one. You add them up for each category.

206
00:09:33.200 --> 00:09:35.639
<v Speaker 1>So read and wright would be four plus two equals six.

207
00:09:35.799 --> 00:09:38.600
<v Speaker 2>Exactly, read write execute is four plus two plus one

208
00:09:38.600 --> 00:09:41.440
<v Speaker 2>equal seven. Read and execute is four plus one eqals five.

209
00:09:41.759 --> 00:09:44.480
<v Speaker 2>So the very common permission set is to mode seven

210
00:09:44.519 --> 00:09:45.519
<v Speaker 2>five file.

211
00:09:45.360 --> 00:09:47.840
<v Speaker 1>Name seven fifty five okay. Seven for the user read

212
00:09:47.879 --> 00:09:51.080
<v Speaker 1>write execute, five for the group read execute, and five

213
00:09:51.120 --> 00:09:52.279
<v Speaker 1>for others read.

214
00:09:52.039 --> 00:09:54.320
<v Speaker 2>Execute You got it. It seems our kane at first,

215
00:09:54.320 --> 00:09:56.720
<v Speaker 2>but you get used to it fast and getting permissions wrong.

216
00:09:57.039 --> 00:09:59.559
<v Speaker 2>It's a huge source of security problem, so understanding mode

217
00:09:59.639 --> 00:10:01.200
<v Speaker 2>is critical definitely.

218
00:10:00.919 --> 00:10:03.840
<v Speaker 1>Now I remember reading about special permissions too, suid and

219
00:10:03.840 --> 00:10:04.360
<v Speaker 1>things like that.

220
00:10:04.399 --> 00:10:07.519
<v Speaker 2>Ah. Yes, Beyond the basic arius there are special permission bits.

221
00:10:07.799 --> 00:10:11.440
<v Speaker 2>The SUID bit or set user id bit is fascinating.

222
00:10:11.600 --> 00:10:13.679
<v Speaker 2>If you set this on an executable.

223
00:10:13.080 --> 00:10:15.559
<v Speaker 1>File only executables, right when a.

224
00:10:15.519 --> 00:10:18.399
<v Speaker 2>Regular user runs that file, the process runs not with

225
00:10:18.440 --> 00:10:21.519
<v Speaker 2>their permissions, but with the permissions of the owner of

226
00:10:21.559 --> 00:10:22.000
<v Speaker 2>the file.

227
00:10:22.240 --> 00:10:24.159
<v Speaker 1>WHOA why would you want that?

228
00:10:24.440 --> 00:10:27.879
<v Speaker 2>Think about the password command you need to change your password,

229
00:10:28.120 --> 00:10:31.480
<v Speaker 2>which involves modifying the protected etsetter shadow file. You don't

230
00:10:31.519 --> 00:10:34.720
<v Speaker 2>have permission right there, but the password program is owned

231
00:10:34.720 --> 00:10:38.840
<v Speaker 2>by Route and has the suid bit set, so when

232
00:10:38.879 --> 00:10:41.519
<v Speaker 2>you run it, it temporarily runs as Route just to

233
00:10:41.600 --> 00:10:42.759
<v Speaker 2>change your password safely.

234
00:10:42.879 --> 00:10:46.440
<v Speaker 1>Ah okay, controlled privileged escalation. Very clever.

235
00:10:46.679 --> 00:10:50.759
<v Speaker 2>Very There's also the SGID bit set group ID, which

236
00:10:50.799 --> 00:10:54.679
<v Speaker 2>works similarly for group permissions and is especially useful on directories.

237
00:10:55.399 --> 00:10:58.399
<v Speaker 2>If SGID is set on a directory, any new file

238
00:10:58.480 --> 00:11:03.039
<v Speaker 2>or subdirectory created inside it automatically inherits the directory's group ownership,

239
00:11:03.159 --> 00:11:06.279
<v Speaker 2>not the user's primary group. Great for shared project folders.

240
00:11:06.480 --> 00:11:08.440
<v Speaker 1>Keeps everything in the right group automatically.

241
00:11:08.600 --> 00:11:11.080
<v Speaker 2>Nice and the sticky bit. You often see this on

242
00:11:11.159 --> 00:11:14.080
<v Speaker 2>shared directories like tabaquin. If the sticky bit is set

243
00:11:14.120 --> 00:11:16.799
<v Speaker 2>on a directory, a user can only delete or rename

244
00:11:16.840 --> 00:11:19.440
<v Speaker 2>files within that directory if they own the file, even

245
00:11:19.480 --> 00:11:21.720
<v Speaker 2>if they have right permission on the directory itself.

246
00:11:21.840 --> 00:11:23.759
<v Speaker 1>So I can put files in TAMP. You can put

247
00:11:23.799 --> 00:11:27.200
<v Speaker 1>files in TAMP, but I can't delete your files, even

248
00:11:27.240 --> 00:11:30.200
<v Speaker 1>though we can both write to the directory exactly.

249
00:11:30.399 --> 00:11:33.399
<v Speaker 2>It prevents users from messing with each other's stuff in

250
00:11:33.440 --> 00:11:35.919
<v Speaker 2>a common space like a bubble locker room.

251
00:11:35.960 --> 00:11:38.799
<v Speaker 1>Okay, this is getting deep. What about protecting files even

252
00:11:39.080 --> 00:11:44.480
<v Speaker 1>from accidental deletion by the root user? If root can

253
00:11:44.480 --> 00:11:45.960
<v Speaker 1>bypass normal permissions.

254
00:11:46.200 --> 00:11:48.399
<v Speaker 2>That's where file attributes come in. Yeah, managed by the

255
00:11:48.480 --> 00:11:51.600
<v Speaker 2>check at command. These are separate from the standard artob permissions.

256
00:11:51.759 --> 00:11:55.120
<v Speaker 2>One really important attribute is immutable. If you set chat

257
00:11:55.159 --> 00:11:57.000
<v Speaker 2>tree plus i on.

258
00:11:57.000 --> 00:11:59.600
<v Speaker 1>A file, plus i for immutable, right, that.

259
00:11:59.519 --> 00:12:02.919
<v Speaker 2>File can be modified, deleted, renamed, or even linked to

260
00:12:03.320 --> 00:12:07.000
<v Speaker 2>even by the root user until someone explicitly removes that attribute.

261
00:12:07.000 --> 00:12:10.399
<v Speaker 2>With chat tree, it's like a superlock essential for protecting

262
00:12:10.519 --> 00:12:12.679
<v Speaker 2>really critical system configuration files.

263
00:12:12.759 --> 00:12:15.320
<v Speaker 1>Wow. Okay, so chatplus i is serious protection.

264
00:12:15.480 --> 00:12:18.799
<v Speaker 2>It is an extra layer against mistakes or even malicious actions.

265
00:12:18.879 --> 00:12:23.039
<v Speaker 1>All right, we've covered the static landscape, files, directories, permissions, attributes.

266
00:12:23.240 --> 00:12:27.519
<v Speaker 1>But Linux isn't static, right, It's alive with running programs processes.

267
00:12:27.559 --> 00:12:28.519
<v Speaker 1>How do we manage those?

268
00:12:28.799 --> 00:12:32.200
<v Speaker 2>Yeah? Processes are the dynamic part. Everything running is a process.

269
00:12:32.559 --> 00:12:35.519
<v Speaker 2>Each one gets a unique number. It's process ID.

270
00:12:35.440 --> 00:12:37.759
<v Speaker 1>Or PID PID unique number.

271
00:12:37.559 --> 00:12:40.559
<v Speaker 2>And every process except the very first one also has

272
00:12:40.559 --> 00:12:44.080
<v Speaker 2>a parent process ID, the PPID that's the PID of

273
00:12:44.080 --> 00:12:45.159
<v Speaker 2>the process that started it.

274
00:12:45.240 --> 00:12:47.200
<v Speaker 1>So there's a family tree exactly.

275
00:12:47.600 --> 00:12:50.240
<v Speaker 2>You can trace the lineage of any process back up

276
00:12:50.240 --> 00:12:54.039
<v Speaker 2>through its parents. And the ultimate ancestor PID one is

277
00:12:54.080 --> 00:12:58.559
<v Speaker 2>the NIT process or on most modern systems systemed it's

278
00:12:58.600 --> 00:13:01.039
<v Speaker 2>the first process started by the current a boot, and

279
00:13:01.080 --> 00:13:02.600
<v Speaker 2>it's the ancestor of everything else.

280
00:13:02.679 --> 00:13:04.080
<v Speaker 1>Can you actually see that tree?

281
00:13:04.159 --> 00:13:07.200
<v Speaker 2>Yep? The street command displays it visually. Should you which

282
00:13:07.200 --> 00:13:11.799
<v Speaker 2>process spond? Which really helpful for understanding relationships, especially something

283
00:13:11.840 --> 00:13:13.000
<v Speaker 2>unexpected is running?

284
00:13:13.039 --> 00:13:15.399
<v Speaker 1>Cool? So how do we just see what's running now?

285
00:13:15.440 --> 00:13:18.759
<v Speaker 2>The main command is PS for Process status. Just PS

286
00:13:18.759 --> 00:13:21.720
<v Speaker 2>by itself usually shows only processes running in your current terminal.

287
00:13:22.200 --> 00:13:24.320
<v Speaker 1>Not very useful, Okay, So what options do we need?

288
00:13:24.519 --> 00:13:27.600
<v Speaker 2>Common ones are psee to show every process on the system,

289
00:13:28.039 --> 00:13:30.799
<v Speaker 2>or PSO, which is a popular combination, giving lots of

290
00:13:30.840 --> 00:13:34.639
<v Speaker 2>detail in the user friendly format. Ps gives a long,

291
00:13:34.759 --> 00:13:39.159
<v Speaker 2>more technical format. PSF gives a full format, often showing

292
00:13:39.159 --> 00:13:40.080
<v Speaker 2>the parent PID.

293
00:13:40.440 --> 00:13:43.559
<v Speaker 1>PSO seems like a good starting point then, but that's

294
00:13:43.600 --> 00:13:45.679
<v Speaker 1>just a snapshot, right. What if I want to see

295
00:13:45.679 --> 00:13:48.320
<v Speaker 1>what's happening in real time, like which process is suddenly

296
00:13:48.360 --> 00:13:49.440
<v Speaker 1>eating all the CPU?

297
00:13:49.720 --> 00:13:53.080
<v Speaker 2>Ah for that? Your go to is TOP. It's a dynamic,

298
00:13:53.200 --> 00:13:57.279
<v Speaker 2>real time view of running processes. It updates continuously, usually

299
00:13:57.360 --> 00:14:01.240
<v Speaker 2>sorted by CPU usage. By default, you can see memory usage,

300
00:14:01.399 --> 00:14:05.159
<v Speaker 2>uptime load average. It's the system administrator's dashboard TOP.

301
00:14:05.440 --> 00:14:07.159
<v Speaker 1>That's how you spot a runaway.

302
00:14:06.759 --> 00:14:10.159
<v Speaker 2>Process exactly identify the resource ocs now. Once you see

303
00:14:10.200 --> 00:14:12.440
<v Speaker 2>these processes, how do you manage them? Sometimes the command

304
00:14:12.480 --> 00:14:14.279
<v Speaker 2>takes a long time and it just sits there in

305
00:14:14.320 --> 00:14:15.720
<v Speaker 2>your terminal right the.

306
00:14:15.679 --> 00:14:17.279
<v Speaker 1>Foreground Yeah, ties up the prompt.

307
00:14:17.320 --> 00:14:19.080
<v Speaker 2>You can run a command in the background by just

308
00:14:19.120 --> 00:14:22.120
<v Speaker 2>adding an amper sand at the end of theman line.

309
00:14:22.440 --> 00:14:25.559
<v Speaker 2>Just then hit enter. The command starts, The system gives

310
00:14:25.559 --> 00:14:27.960
<v Speaker 2>you a job number and the PID, and you immediately

311
00:14:28.000 --> 00:14:31.120
<v Speaker 2>get your shell prompt back. You can keep working. Simple

312
00:14:31.480 --> 00:14:33.639
<v Speaker 2>but incredibly useful for multitasking.

313
00:14:33.960 --> 00:14:37.919
<v Speaker 1>Backgrounding with enter. Okay. What if a process foreground or

314
00:14:37.960 --> 00:14:41.679
<v Speaker 1>background is stuck or misbehaving, how do I stop it?

315
00:14:41.919 --> 00:14:44.879
<v Speaker 2>You kill it using the kill command. But kill is

316
00:14:44.919 --> 00:14:47.679
<v Speaker 2>a bit of a misnomer. You're actually sending a signal

317
00:14:47.720 --> 00:14:48.000
<v Speaker 2>to the.

318
00:14:47.960 --> 00:14:50.799
<v Speaker 1>Process, signals like telling it what to do, kind of.

319
00:14:51.039 --> 00:14:53.480
<v Speaker 2>There are many different signals. The default signal if you

320
00:14:53.519 --> 00:14:57.000
<v Speaker 2>just type kill pid is sigturn signal number fifteen. This

321
00:14:57.080 --> 00:15:00.559
<v Speaker 2>is a plight request, please terminate gracefully. It gives the

322
00:15:00.600 --> 00:15:04.480
<v Speaker 2>process a chance to shut down cleanly, save data, release resources.

323
00:15:04.480 --> 00:15:06.399
<v Speaker 1>Hey, the nice way sigterm right.

324
00:15:06.639 --> 00:15:09.559
<v Speaker 2>But sometimes a process ignores sigterm or is totally frozen.

325
00:15:09.799 --> 00:15:12.960
<v Speaker 2>Then you bring out the big gun, sigkill signal number nine,

326
00:15:13.159 --> 00:15:14.679
<v Speaker 2>kill number nine PID.

327
00:15:14.399 --> 00:15:15.720
<v Speaker 1>The famous kill mon of nine.

328
00:15:15.799 --> 00:15:18.759
<v Speaker 2>That's the one sigkill is into requests and order directly

329
00:15:18.799 --> 00:15:22.600
<v Speaker 2>to the colonel, terminate this process immediately. Now the colonel

330
00:15:22.639 --> 00:15:25.000
<v Speaker 2>just yanks its resources away. It doesn't get a chance

331
00:15:25.000 --> 00:15:27.440
<v Speaker 2>to clean up. It's forceful. Use it when sigterm fails.

332
00:15:27.799 --> 00:15:30.679
<v Speaker 1>Hard reset for a process. Got it? What about running

333
00:15:30.720 --> 00:15:32.960
<v Speaker 1>things later? Not now, not in the background, but like

334
00:15:33.519 --> 00:15:34.840
<v Speaker 1>tomorrow at two.

335
00:15:34.679 --> 00:15:39.399
<v Speaker 2>Am, scheduling for one time tasks in the future. You

336
00:15:39.519 --> 00:15:42.159
<v Speaker 2>use the at command and it's damon at FALB. You'd

337
00:15:42.159 --> 00:15:44.679
<v Speaker 2>say something like it two point am tomorrow, hit enter,

338
00:15:44.960 --> 00:15:47.200
<v Speaker 2>then type the commands you want to run one per line,

339
00:15:47.480 --> 00:15:49.799
<v Speaker 2>Press foryal plus D when you're done, and it just

340
00:15:50.080 --> 00:15:53.000
<v Speaker 2>remembers ye AT wakes up at the specified time and

341
00:15:53.080 --> 00:15:55.000
<v Speaker 2>runs your commands. It gives you a job I D

342
00:15:55.080 --> 00:15:56.840
<v Speaker 2>when you schedule it, so you can check the queue

343
00:15:56.840 --> 00:15:58.759
<v Speaker 2>of that queue or remove a job with that room.

344
00:15:58.720 --> 00:16:01.399
<v Speaker 1>At for one off future ta asks. What about repetitive

345
00:16:01.399 --> 00:16:03.159
<v Speaker 1>stuff like run a backupscript every.

346
00:16:03.080 --> 00:16:05.879
<v Speaker 2>Night for recurring tasks. That's the job of the kron

347
00:16:05.960 --> 00:16:09.879
<v Speaker 2>demon Trond. It reads configuration files called kron tables or

348
00:16:10.000 --> 00:16:11.320
<v Speaker 2>kron tabs corontabs.

349
00:16:11.360 --> 00:16:11.639
<v Speaker 1>Okay.

350
00:16:11.639 --> 00:16:13.840
<v Speaker 2>Each line in a corontab specifies a schedule in a

351
00:16:13.879 --> 00:16:17.519
<v Speaker 2>command as six fields minute zero five nine hour zero

352
00:16:17.519 --> 00:16:20.320
<v Speaker 2>twenty three, day of the month, one thirty one month,

353
00:16:20.360 --> 00:16:23.320
<v Speaker 2>one twelve, day of the week zero seven we're both

354
00:16:23.360 --> 00:16:25.600
<v Speaker 2>zero zero and seven or Sunday, and then the command to.

355
00:16:25.639 --> 00:16:28.679
<v Speaker 1>Run whoa okay, minute, our day, month, day of week.

356
00:16:28.720 --> 00:16:30.799
<v Speaker 1>Command precise scheduling.

357
00:16:30.759 --> 00:16:34.399
<v Speaker 2>Very precise. There's a system wide corontab usually et cetera

358
00:16:34.480 --> 00:16:37.320
<v Speaker 2>tab and each user can also have their own personal

359
00:16:37.399 --> 00:16:40.879
<v Speaker 2>contab managed with the corontab e command. This is how

360
00:16:40.879 --> 00:16:43.799
<v Speaker 2>cissimmins automate pretty much all routine maintenance.

361
00:16:43.919 --> 00:16:47.600
<v Speaker 1>Kron for automation makes sense. Now, all this process management,

362
00:16:47.639 --> 00:16:51.559
<v Speaker 1>file ownership, permissions, it all comes back to users in

363
00:16:51.639 --> 00:16:52.279
<v Speaker 1>groups right.

364
00:16:52.440 --> 00:16:56.559
<v Speaker 2>Absolutely. Linux is fundamentally a multi user system. It needs

365
00:16:56.600 --> 00:16:59.159
<v Speaker 2>to know who is who. Every user account has a

366
00:16:59.240 --> 00:17:02.799
<v Speaker 2>unique user ID or UID. Every group has a unique

367
00:17:02.799 --> 00:17:04.279
<v Speaker 2>group ID or GID.

368
00:17:04.640 --> 00:17:07.759
<v Speaker 1>UID and GID numbers identify users and groups.

369
00:17:07.880 --> 00:17:11.000
<v Speaker 2>Correct the mapping between user names and UIDs. Plus basic

370
00:17:11.079 --> 00:17:14.079
<v Speaker 2>info like their home directory and default login shell is

371
00:17:14.119 --> 00:17:15.680
<v Speaker 2>stored in the et cetera pass wood.

372
00:17:15.519 --> 00:17:17.519
<v Speaker 1>File, et cetera. Past I've heard of thought, does it

373
00:17:17.559 --> 00:17:18.640
<v Speaker 1>actually have passwords in it?

374
00:17:18.880 --> 00:17:20.920
<v Speaker 2>Not anymore. That used to be the case long ago,

375
00:17:21.039 --> 00:17:24.279
<v Speaker 2>big security risk. Now the encrypted passwords, along with password

376
00:17:24.319 --> 00:17:26.720
<v Speaker 2>aging policies and stuff like that, are stored in a separate,

377
00:17:26.799 --> 00:17:30.119
<v Speaker 2>highly protected file etcetera shadow. Only rood can read.

378
00:17:30.000 --> 00:17:33.519
<v Speaker 1>It, ETCETERA shadow for the secret stuff. Good? What about groups?

379
00:17:33.799 --> 00:17:37.680
<v Speaker 2>Group definitions? The group name, the GID and which users

380
00:17:37.720 --> 00:17:40.119
<v Speaker 2>are members of that group are in the etcetera group file.

381
00:17:40.039 --> 00:17:42.960
<v Speaker 1>Et cetera pass good, etcetera shadow etcetera group, the core

382
00:17:43.079 --> 00:17:43.960
<v Speaker 1>identity file.

383
00:17:43.880 --> 00:17:45.559
<v Speaker 2>Those of the main ones. Yeah. Yeah. When you create

384
00:17:45.599 --> 00:17:48.160
<v Speaker 2>a file, its owner is your UID and its group

385
00:17:48.200 --> 00:17:51.039
<v Speaker 2>owner is typically your primary group, which is also defined

386
00:17:51.039 --> 00:17:55.240
<v Speaker 2>in etcetera. Pass route. Admins use commands like userrad, user mod,

387
00:17:55.400 --> 00:17:59.119
<v Speaker 2>pass route group pad group mod to manage all these accounts.

388
00:17:58.759 --> 00:18:02.240
<v Speaker 1>And groups, and you mention groups being important for permissions. Yeah,

389
00:18:02.400 --> 00:18:05.279
<v Speaker 1>any specific examples like that? Wheel group, right.

390
00:18:05.400 --> 00:18:08.079
<v Speaker 2>The Wheel group is a common convention on many systems.

391
00:18:08.680 --> 00:18:11.319
<v Speaker 2>Often only users who are members of the Wheel group

392
00:18:11.640 --> 00:18:14.519
<v Speaker 2>are allowed to use commands like sue to switch user

393
00:18:14.599 --> 00:18:17.519
<v Speaker 2>often to root, or pseudo to execute a command as

394
00:18:17.519 --> 00:18:19.000
<v Speaker 2>another user, again usually root.

395
00:18:19.160 --> 00:18:21.559
<v Speaker 1>So being in wheel gives you admin privileges.

396
00:18:21.680 --> 00:18:25.279
<v Speaker 2>Essentially, it's a mechanism for delegating admin privileges. Instead of

397
00:18:25.359 --> 00:18:28.359
<v Speaker 2>giving everyone the root password, you put trusted users in

398
00:18:28.440 --> 00:18:31.000
<v Speaker 2>the Wheel group and configure pseudo to let them run

399
00:18:31.079 --> 00:18:34.440
<v Speaker 2>specific commands as root, usually after re entering their own password.

400
00:18:34.799 --> 00:18:35.599
<v Speaker 2>Much more secure and.

401
00:18:35.599 --> 00:18:39.960
<v Speaker 1>Accountable delegated administration via groups like Wheel. Okay, that makes

402
00:18:39.960 --> 00:18:40.559
<v Speaker 1>a lot of sense.

403
00:18:40.680 --> 00:18:43.119
<v Speaker 2>It's fundamental to secure multi user management.

404
00:18:43.200 --> 00:18:45.839
<v Speaker 1>Okay, So managing a Linux system isn't just about the

405
00:18:46.039 --> 00:18:49.640
<v Speaker 1>here and now creating files, running processes. It's also about

406
00:18:49.720 --> 00:18:53.200
<v Speaker 1>long term health and security. What are the key things there?

407
00:18:53.319 --> 00:18:54.880
<v Speaker 1>Logging seems important.

408
00:18:54.599 --> 00:18:58.599
<v Speaker 2>Oh, absolutely critical. System logging is basically your system's diary

409
00:18:58.759 --> 00:19:05.680
<v Speaker 2>or memory. Everything that happens, especially background services, are demons, records, messages, information, warnings,

410
00:19:06.000 --> 00:19:07.240
<v Speaker 2>errors into log files.

411
00:19:07.480 --> 00:19:09.000
<v Speaker 1>Where do these logs usually live?

412
00:19:09.480 --> 00:19:12.359
<v Speaker 2>The standard location is under the varlog directory. You'll find

413
00:19:12.440 --> 00:19:16.799
<v Speaker 2>logs or system messages, authentication attempts specific services like the

414
00:19:16.839 --> 00:19:19.759
<v Speaker 2>web server or mail server. It's the first place you

415
00:19:19.799 --> 00:19:20.839
<v Speaker 2>look when something goes wrong.

416
00:19:21.039 --> 00:19:23.599
<v Speaker 1>And how are these logs managed? What creates them?

417
00:19:24.039 --> 00:19:27.279
<v Speaker 2>On modern Linux systems, the primary mechanism is often the

418
00:19:27.319 --> 00:19:30.759
<v Speaker 2>system to journal damon journal. It collects logs from everywhere

419
00:19:30.799 --> 00:19:34.559
<v Speaker 2>into a structured binary format. You typically query it using

420
00:19:34.640 --> 00:19:35.799
<v Speaker 2>the journal diical.

421
00:19:35.559 --> 00:19:37.400
<v Speaker 1>Command Journal diaryl Okay.

422
00:19:37.799 --> 00:19:42.039
<v Speaker 2>Mini systems also still run older logging services like rzslogged,

423
00:19:42.559 --> 00:19:46.079
<v Speaker 2>which reads messages sometimes from the journal, sometimes directly, and

424
00:19:46.200 --> 00:19:49.000
<v Speaker 2>writes them out to those traditional text files in varlog

425
00:19:49.359 --> 00:19:52.079
<v Speaker 2>based on rules in its configuration. So you might interact

426
00:19:52.119 --> 00:19:52.480
<v Speaker 2>with both.

427
00:19:52.759 --> 00:19:55.680
<v Speaker 1>Logs tell the story. But they must get huge, right?

428
00:19:55.799 --> 00:19:56.960
<v Speaker 1>Do they just fill up the disk?

429
00:19:57.119 --> 00:20:00.519
<v Speaker 2>They definitely can, That's why Linux has a utility caused aggretate.

430
00:20:01.039 --> 00:20:05.000
<v Speaker 2>It runs periodically, usually via cron. Based on its configuration,

431
00:20:05.400 --> 00:20:09.400
<v Speaker 2>it will automatically archive old log files, maybe renamed cislog

432
00:20:09.480 --> 00:20:13.559
<v Speaker 2>to cislog dot one, compress them cislog dot one dot chezy,

433
00:20:13.880 --> 00:20:15.480
<v Speaker 2>and eventually delete the oldest ones.

434
00:20:15.680 --> 00:20:19.160
<v Speaker 1>Ah. The digital janitor we talked about earlier keeps things tidy.

435
00:20:19.119 --> 00:20:22.599
<v Speaker 2>Exactly, prevents logs from consuming all your disk space, vital

436
00:20:22.640 --> 00:20:23.680
<v Speaker 2>for long term stability.

437
00:20:23.759 --> 00:20:26.680
<v Speaker 1>Okay, logs help us understand what happened? What about preventing

438
00:20:26.759 --> 00:20:30.279
<v Speaker 1>bad things from happening, especially from the network firewalls.

439
00:20:30.559 --> 00:20:33.960
<v Speaker 2>Firewalls are your primary network defense. They act as a gatekeeper,

440
00:20:34.160 --> 00:20:36.799
<v Speaker 2>inspecting network traffic coming into or going out of your

441
00:20:36.839 --> 00:20:40.000
<v Speaker 2>system and deciding whether to allow or block it based

442
00:20:40.000 --> 00:20:40.720
<v Speaker 2>on a set of rules.

443
00:20:40.799 --> 00:20:41.960
<v Speaker 1>How do you set up these rules?

444
00:20:42.279 --> 00:20:45.680
<v Speaker 2>Several tools exist. The classic low level tool is imptables,

445
00:20:46.160 --> 00:20:50.319
<v Speaker 2>very powerful but complex syntax. Many distributions now offer easier

446
00:20:50.359 --> 00:20:54.000
<v Speaker 2>to use front ends like two uncomplicated firewall or firewall

447
00:20:54.079 --> 00:20:57.079
<v Speaker 2>CMD part of firewall common on red hat based systems.

448
00:20:57.559 --> 00:21:00.559
<v Speaker 2>They manage the underlying iptables or newer NF table rules for.

449
00:21:00.680 --> 00:21:04.119
<v Speaker 1>You who firewall cmd okay and what can the rules

450
00:21:04.160 --> 00:21:05.640
<v Speaker 1>do just allow or block?

451
00:21:05.720 --> 00:21:09.200
<v Speaker 2>They can do more. Typically, rules specify criteria like source, destination,

452
00:21:09.240 --> 00:21:12.920
<v Speaker 2>IP address, port, number, protocol, and an action. Actions include

453
00:21:13.599 --> 00:21:16.920
<v Speaker 2>allow let the packet through, de ROPI to silently discard

454
00:21:16.960 --> 00:21:20.279
<v Speaker 2>the packet the center doesn't know is blocked, reject discard

455
00:21:20.319 --> 00:21:22.319
<v Speaker 2>the packup and send an error message back like port

456
00:21:22.359 --> 00:21:25.920
<v Speaker 2>and reachable or sometimes log record the back at details,

457
00:21:25.960 --> 00:21:28.240
<v Speaker 2>but still allow or block it based on subsequent.

458
00:21:27.920 --> 00:21:31.039
<v Speaker 1>Rules drop versus reject subtle difference does.

459
00:21:30.960 --> 00:21:34.759
<v Speaker 2>The order matter hugely? Firewall rules are processed sequentially, usually

460
00:21:34.839 --> 00:21:37.759
<v Speaker 2>first match wins, so a broad allow rule placed too

461
00:21:37.839 --> 00:21:41.000
<v Speaker 2>early might let traffic through that a later, more specific

462
00:21:41.119 --> 00:21:44.200
<v Speaker 2>deny rule was supposed to block. Order is absolutely critical

463
00:21:44.279 --> 00:21:45.640
<v Speaker 2>for effective firewall policy.

464
00:21:45.920 --> 00:21:48.880
<v Speaker 1>Gotcha, get the order wrong, and you've basically unlocked the door.

465
00:21:48.960 --> 00:21:53.000
<v Speaker 2>Pretty much now Beyond the network parameter, Linux has deeper

466
00:21:53.119 --> 00:21:56.440
<v Speaker 2>security mechanisms too, things like SELINICX.

467
00:21:56.039 --> 00:21:59.839
<v Speaker 1>Or a Parmer CELINICX Security Enhance Linux. What does that do?

468
00:22:00.400 --> 00:22:02.799
<v Speaker 2>Think of ce Linux and a Parmer as internal security

469
00:22:02.839 --> 00:22:06.079
<v Speaker 2>guards for your applications. They operate at the kernel level

470
00:22:06.240 --> 00:22:11.400
<v Speaker 2>using mandatory access control MAC. They define very strict profiles

471
00:22:11.480 --> 00:22:16.359
<v Speaker 2>or policies about what system resources, files, network ports, other processes.

472
00:22:16.880 --> 00:22:20.279
<v Speaker 2>Each specific program is allowed to interact with regardless of

473
00:22:20.319 --> 00:22:21.839
<v Speaker 2>the standard user group permissions.

474
00:22:22.119 --> 00:22:24.400
<v Speaker 1>So even if a program gets compromised like a web

475
00:22:24.480 --> 00:22:26.599
<v Speaker 1>server vulnerability, exactly.

476
00:22:26.640 --> 00:22:29.039
<v Speaker 2>Even if an attacker exploits a bug in the web server,

477
00:22:29.440 --> 00:22:33.160
<v Speaker 2>CYLINEX or a parmer can prevent that compromised process from say,

478
00:22:33.759 --> 00:22:36.720
<v Speaker 2>reading sensitive files outside the web root, or connecting to

479
00:22:36.880 --> 00:22:41.119
<v Speaker 2>unexpected network ports, or executing other programs. It contains the damage.

480
00:22:41.160 --> 00:22:43.640
<v Speaker 2>It's a powerful proactive defense layer.

481
00:22:43.920 --> 00:22:47.200
<v Speaker 1>Wow, that sounds complex, but really valuable. What about protecting

482
00:22:47.240 --> 00:22:48.680
<v Speaker 1>the data itself? Encryption?

483
00:22:49.160 --> 00:22:53.440
<v Speaker 2>Yeah, for data confidentiality and integrity. GNU Privacy Guard or

484
00:22:53.599 --> 00:22:57.200
<v Speaker 2>GPG is a standard tool. It implements the open PGP

485
00:22:57.359 --> 00:23:01.079
<v Speaker 2>standard for encrypting and digitally signing files and communications.

486
00:23:01.519 --> 00:23:02.160
<v Speaker 1>How does it work?

487
00:23:02.240 --> 00:23:05.960
<v Speaker 2>Basically, it uses public key cryptography. You generate a key pair,

488
00:23:06.319 --> 00:23:09.359
<v Speaker 2>a private key you keep secret protected by a passphrase,

489
00:23:09.720 --> 00:23:12.240
<v Speaker 2>and a public key you can share freely. Others use

490
00:23:12.279 --> 00:23:15.000
<v Speaker 2>your public key to encrypt messages only you can decrypt

491
00:23:15.240 --> 00:23:17.599
<v Speaker 2>with your private key. You use your private key to

492
00:23:17.680 --> 00:23:20.400
<v Speaker 2>digitally signed files, and others use your public key to

493
00:23:20.480 --> 00:23:23.039
<v Speaker 2>verify that signature, proving the file came from you and

494
00:23:23.119 --> 00:23:24.160
<v Speaker 2>has been tampered.

495
00:23:23.880 --> 00:23:26.960
<v Speaker 1>With GPG for encrypting files and verifying identity. Okay.

496
00:23:27.799 --> 00:23:31.319
<v Speaker 2>And one last simple but effective practice log in banners.

497
00:23:31.440 --> 00:23:34.279
<v Speaker 1>Log In banners like welcome messages sort.

498
00:23:34.079 --> 00:23:36.920
<v Speaker 2>Of by putting text in the etc file message of

499
00:23:37.000 --> 00:23:39.880
<v Speaker 2>the day, you can display important notices or acceptable use

500
00:23:39.920 --> 00:23:43.680
<v Speaker 2>policy reminders to users after they successfully log in. It

501
00:23:43.759 --> 00:23:46.440
<v Speaker 2>doesn't prevent log in, but it's a constant reinforcement of

502
00:23:46.480 --> 00:23:48.599
<v Speaker 2>security policies and system status.

503
00:23:48.839 --> 00:23:51.599
<v Speaker 1>A simple nudge, etcetera mod good for reminders. Okay.

504
00:23:51.799 --> 00:23:53.680
<v Speaker 2>It all adds up layers of security.

505
00:23:54.039 --> 00:23:56.720
<v Speaker 1>Wow. Okay, we've covered a lot of ground here. From

506
00:23:56.759 --> 00:24:00.720
<v Speaker 1>the filesystem map the FA just to navigating with BH,

507
00:24:01.240 --> 00:24:04.759
<v Speaker 1>using tools like OLS and GP, managing permissions with schmood

508
00:24:04.839 --> 00:24:05.640
<v Speaker 1>and attributes with.

509
00:24:05.759 --> 00:24:09.000
<v Speaker 2>Chat, then diving into processes with EAPs and TOP, controlling

510
00:24:09.079 --> 00:24:11.319
<v Speaker 2>them with kill ND and ground scheduling with AT.

511
00:24:11.240 --> 00:24:14.799
<v Speaker 1>And CRON, understanding users and groups with UIDs, GIDS and

512
00:24:14.880 --> 00:24:16.960
<v Speaker 1>the key files like et cetera, pastured and itch and

513
00:24:17.000 --> 00:24:23.720
<v Speaker 1>a shadow, and finally touching on essential security like logging, firewalls, Celinux, GPG,

514
00:24:23.960 --> 00:24:25.440
<v Speaker 1>and even login banners.

515
00:24:25.839 --> 00:24:29.160
<v Speaker 2>It's quite a foundation, it really is, and hopefully you

516
00:24:29.200 --> 00:24:31.640
<v Speaker 2>can see how these pieces connect. Lenox isn't just a

517
00:24:31.680 --> 00:24:35.200
<v Speaker 2>collection of commands. It's a coherent system built on some powerful,

518
00:24:35.480 --> 00:24:39.200
<v Speaker 2>often elegant principles. It's this philosophy of openness and control

519
00:24:39.319 --> 00:24:41.519
<v Speaker 2>that makes it so adaptable.

520
00:24:41.119 --> 00:24:45.079
<v Speaker 1>Adaptable enough to run supercomputers and smart thermostats. It's kind

521
00:24:45.119 --> 00:24:46.359
<v Speaker 1>of amazing, it truly is.

522
00:24:46.400 --> 00:24:48.920
<v Speaker 2>It gives you that fine grain control over your digital environment,

523
00:24:49.000 --> 00:24:50.200
<v Speaker 2>which is rare these days.

524
00:24:50.519 --> 00:24:53.240
<v Speaker 1>So for everyone listening, what does this all mean? Hopefully

525
00:24:53.279 --> 00:24:55.400
<v Speaker 1>you've gained insights that take you beyond just being a

526
00:24:55.480 --> 00:24:58.680
<v Speaker 1>casual user. You've got a better toolkit now for interacting

527
00:24:58.720 --> 00:25:02.279
<v Speaker 1>with this incredibly important operating system. It's definitely a foundation

528
00:25:02.400 --> 00:25:02.920
<v Speaker 1>to build.

529
00:25:02.799 --> 00:25:09.359
<v Speaker 2>On and thinking about that adaptability. Linux is already in spacecraft, routers, phones, servers, desktops,

530
00:25:09.359 --> 00:25:12.880
<v Speaker 2>embedded devices. If we look ahead, say ten years, what

531
00:25:13.119 --> 00:25:16.359
<v Speaker 2>completely unexpected places do you think we'll find Linux powering next?

532
00:25:16.839 --> 00:25:19.680
<v Speaker 2>And maybe more importantly, what new challenges will that bring

533
00:25:19.759 --> 00:25:22.400
<v Speaker 2>from managing and securing it for both admins and maybe

534
00:25:22.400 --> 00:25:25.400
<v Speaker 2>even everyday users interacting with these new Linux powered things.

535
00:25:25.720 --> 00:25:27.400
<v Speaker 2>Something to think about, Keep exploring