Ubuntu Linux Reference

Ubuntu Linux reference information

Canonical Livepatch

livepatch.jpeg

To avoid downtime during kernel upgrades, you can use a feature of the Linux kernel called live patching. This feature makes it possible to implement kernel updates without rebooting.

What Is Livepatch and How Does It Work?

Canonical Livepatch uses the Kernel Live Patching technology built into the standard Linux kernel. Canonical’s Livepatch website notes that massive corporations like AT&T, Cisco, and Walmart use it.

It’s free for personal use on up to three computers, these can be “desktops, servers, virtual machines, or cloud instances.” Organizations can use it on more systems with a paid Ubuntu Advantage subscription.

Kernel Patches Are Necessary But Inconvenient

Linux kernel patches are a fact of life. Keeping your system secure and patched up to date is vital in the inter-connected world we live in. But having to reboot your computer to apply kernel patches can be a pain. Especially if the computer is providing some sort of service to users and you have to co-ordinate or negotiate with them to take the service off-line. And there’s a multiplier. If you maintain several Ubuntu machines, at some point you have to bite the bullet and do each one in turn.

The Canonical Livepatch Service removes all of the aggravation of keeping your Ubuntu systems up to date with critical kernel patches. It’s easy to set up and it takes one more chore off your shoulders.

Anything that reduces maintenance efforts, boosts security, and reduces downtime has to be an attractive proposition, right? Yes, but there are some caveats.

Installation

 There are two major maintainers for kernel live patches: Canonical, who provides their own Livepatch Service for Ubuntu, and KernelCare who support Ubuntu in addition to most other major Linux distributions. Both require registration to use, and only Canonical’s service is free for individual use.

You can register for a Livepatch key at https://auth.livepatch.canonical.com/.

After enrolling, you can install the canonical-livepatch snap package. Snap is another Ubuntu package manager that runs alongside apt.

sudo snap install canonical-livepatch

You can enable  canonical-livepatch with a one-line command using the key you obtained  when registering:

sudo canonical-livepatch enable your-key

The output should contain the message Successfully enabled device. The service should run in the background from now on without any further intervention, and you can check its status using canonical-livepatch status:

sudo canonical-livepatch status

After installing, you should see something like this:

Output
last check: 50 seconds ago
kernel: 5.15.0-25-generic
server check-in: succeeded
patch state: ✓ all applicable livepatch modules inserted
patch version: 84.1
tier: updates (Free usage; This machine beta tests new patches.)
machine id: 2565a9e7fc9f4405a167e4caf9b9dcf3

You have now configured automatic kernel updates for your server, meaning it should no longer be necessary to reboot in order to maintain a secure and up-to-date environment.


Updates

From time to time, you may need to update your livepatch software.  Since this is a Snap package you will need to perform the following to check if you need to  update it.

sudo snap info canonical-livepatch

You may also see a notification similar to this appear on your desktop's notification panel

Screenshot from 2023-04-14 21-31-36.png

To perform the update, follow these steps:
  1. Stop your existing Livepatch instance
sudo snap stop canonical-livepatch

      2.  Refresh your Livepatch instance

sudo snap refresh canonical-livepatch

If successful, you should see output in your terminal similar to this:

canonical-livepatch 10.5.4 from Canonical refreshed

Commands

Most frequently used CLI (Terminal) commands on Linux

Commands

Commands used for System Information

Command(s)
Sample Output

DATE

The simple “date” command displays the current date and time (including the day of the week, month, time, time zone, year).

 

date

Date TZ

By default, “date” command uses the time zone defined in path “/etc/localtime”. Linux user can change the time zone via Terminal by using command “TZ”.

 

TZ=GMT date
TZ=America/New_York date

Date --set

Linux allows its user to set the current date and time of the system manually.
Syntax: date –set=”Date_in_format(YYMMDD) Time_in_format(HH:MM)”

 

sudo date --set="YYYYMMDD HH:MM"

$ date Thu Mar  2 07:23:38 PM EST 2023 $ TZ=GMT date Fri Mar  3 12:03:59 AM GMT 2023 $ TZ=America/New_York date Thu Mar  2 07:04:12 PM EST 2023

 

 

 

 

 

 

 

 

 

 

 

 

Example - This would set the system date to May 18, 2023 10:10 PM 

sudo date --set="20230519 22:10"

DF

The command “df” shows the amount of disk space used and disk space available on every file system containing each filesystem’s name and its path.

 

df

The command “df -h” shows the same result as the command “df” but now the data is in a more human-readable format.

 

df -h


$ df Filesystem    1K-blocks       Used  Available Use% Mounted tmpfs         1623284       3612    1619672   1% /run /dev/nvme0n1p3 491343600   18123184  452739188   4% / tmpfs            8116400     104604    8011796   2% /dev/shm tmpfs               5120          4       5116   1% /run/lock tmpfs            8116400          0    8116400   0% /run/qemu /dev/nvme0n1p2   456036     182424     239424  44% /boot /dev/nvme0n1p1    98304      57271      41033  59% /boot/efi /dev/sda1       47744748      57156   45229840   1% /tmp /dev/sda3     2787016696 1123163768 1531975216  43% /home /dev/sda2     47745772   31301948   13986020  70% /var

 

$ df -h Filesystem     Size  Used Avail Use% Mounted on tmpfs           1.6G  3.6M  1.6G   1% /run /dev/nvme0n1p3  469G   18G  432G   4% / tmpfs           7.8G  103M  7.7G   2% /dev/shm tmpfs           5.0M  4.0K  5.0M   1% /run/lock tmpfs           7.8G     0  7.8G   0% /run/qemu /dev/nvme0n1p2  446M  179M  234M  44% /boot /dev/nvme0n1p1  96M   56M   41M  59% /boot/efi /dev/sda1       46G   56M   44G   1% /tmp /dev/sda3       2.6T  1.1T  1.5T  43% /home /dev/sda2       46G   30G   14G  70% /var

 

FREE

The command “free” displays the amount of free and used memory in the complete system.

 

free
$ free       total     used     free    shared  buff/cache   available Mem:  16232800  4698636  6761664 59100     4772500    11205016 Swap:  2097152   0  2097152

PS

The command “ps” which is also known as the process status command is used to provide information about the processes currently running on the system, including their respective process identification numbers (PIDs)

 

ps

PS AUX & PS -EF

Both list all processes of all users. In that aspect -e and ax are completely equivalent.

Where they differ is output format specifier, -f is "full", while u is "user-oriented". The displayed columns are different:

 

ps -ef
ps -aux

$ ps     PID TTY          TIME CMD  434765 pts/0    00:00:00 bash  441698 pts/0    00:00:00 ps

 

$ ps -ef UID          PID    PPID  C STIME TTY          TIME CMD root           1       0  0 Feb07 ?        00:19:03 /sbin/init splash root           2       0  0 Feb07 ?        00:00:03 [kthreadd] root           3       2  0 Feb07 ?        00:00:00 [rcu_gp] root           4       2  0 Feb07 ?        00:00:00 [rcu_par_gp] root           5       2  0 Feb07 ?        00:00:00 [slub_flushwq] root           6       2  0 Feb07 ?        00:00:00 [netns]

 

$ ps -aux USER  PID %CPU %MEM VSZ  RSS TTY STAT START TIME COMMAND root 1  0.0  0.0 169808 12472 ? Ss Feb07  19:03 /sbin/init splash root    2  0.0  0.0  0     0 ? S    Feb07   0:03 [kthreadd] root    3  0.0  0.0  0     0 ? I<   Feb07   0:00 [rcu_gp] root    4  0.0  0.0  0     0 ? I<   Feb07   0:00 [rcu_par_gp] root    5  0.0  0.0  0     0 ? I<   Feb07   0:00 [slub_flushwq] root    6  0.0  0.0      0     0 ?        I<   Feb07   0:00 [netns]



UPTIME

The command “uptime” provides information about how long the system has been running in one line. The result for this command includes the current time, the time duration system has been running, the number of users who are currently logged on, and the system load averages for the past 1, 5, and 15 minutes respectively.

 

uptime
$ uptime  19:59:06 up 22 days, 20:17,  1 user,  load average: 0.52, 0.39, 0.38

 W

The command “w” displays detailed information about the users who are logged into the system currently.

 

w
$ w  20:00:25 up 22 days, 20:18,  1 user,  load average: 0.44, 0.41, 0.38 USER     TTY      FROM             LOGIN   IDLE   JCPU   PCPU WHAT tim      :1       :1               07Feb23 xdm   2days  0.00s /usr/libexec/gdm-x-session --run-script env

PASSWD

The command “passwd” stands for password and it is used to change the password of the user.

 

passwd my_user
$ passwd tim changing password for tim. (current) UNIX password: Enter new UNIX password: Retype new UNIX password: passwd: password updated successfully

EXIT

The command “exit” as the name says it is used to exit from the system and log out from the current user.

 

exit
$ exit logout Connection to 192.168.1.1 closed.

SS

The ss command is a modern replacement for the classic netstat command. You can use it on Linux to get statistics about your network connections.

 

Use the -ltn flags to list all listening  ports on your system.

 

ss -ltn

Use the following to see if a specific port is listening on your system. In this case, the source port (sport) and destination port (dport) is 80 or you can use the protocol name, http, instead.

 

ss -a '( dport = :80 or sport = :80 )'
ss -a '( dport = :http or sport = :http )'

$ ss -ltn State   Recv-Q Send-Q Local Address:Port Peer Address:Port Process LISTEN  0      4096   0.0.0.0:9000       0.0.0.0:*             LISTEN  0      4096   0.0.0.0:6767       0.0.0.0:*             LISTEN  0      4096   0.0.0.0:111        0.0.0.0:*             LISTEN  0      4096   0.0.0.0:80         0.0.0.0:*

 

$ ss -a '( dport = :80 or sport = :80 )'
Netid State     Recv-Q Send-Q    Local Address:Port     Peer Address:PortProcess
tcp   LISTEN    0      4096            0.0.0.0:http          0.0.0.0:*          
tcp   LISTEN    0      4096               [::]:http             [::]:*

SHUTDOWN

The command “shutdown” is used to shut down the system.

 

Note: The shutdown command needs superuser privileges. Hence, you should either be root or run the command with sudo.

 

Using the command with no flags will schedule a shutdown 1 minute from execution.

 

sudo shutdown

Use the following to IMMEDIATELY shutdown your system.

 

sudo shutdown now

You can schedule a shutdown in future by providing the time argument either in +t format or in hh:mm format.

For example, if you want to shutdown the system after 15 minutes, you can use this command:

 

sudo shutdown +15

If you want to shutdown the system at 6 PM in the afternoon, you can use it in the following manner:

 

sudo shutdown 18:00

Cancel a shutdown

sudo shutdown -c

Reboot a system

sudo shutdown -r
sudo reboot
$ sudo shutdown Shutdown scheduled for Thu 2023-03-02 20:12:13 EST, use 'shutdown -c' to cancel.







Commands

Commands used for File Handling

LS

The command “ls” displays the list of all directories, folder, and files present in the current directory.

 

LS - LTR

The above-mentioned command displays the name of directories, folders, files with their respective owner name, group’s name, and rights your user has over these.

 

 

 

ls
ls -ltr
/$ ls
bin    dev   lib    libx32      mnt   root  snap      sys  usr
boot   etc   lib32  lost+found  opt   run   srv       tim  var
cdrom  home  lib64  media       proc  sbin  swapfile  tmp
/$ ls -ltr
total 2097256
drwxr-xr-x   2 root root       4096 Feb  9  2021 mnt
drwxr-xr-x  15 root root       4096 Feb  9  2021 var
drwx------   2 root root      16384 Feb 11  2022 lost+found
lrwxrwxrwx   1 root root          8 Feb 11  2022 sbin -> usr/sbin
lrwxrwxrwx   1 root root         10 Feb 11  2022 libx32 -> usr/libx32
lrwxrwxrwx   1 root root          9 Feb 11  2022 lib64 -> usr/lib64
lrwxrwxrwx   1 root root          9 Feb 11  2022 lib32 -> usr/lib32
lrwxrwxrwx   1 root root          7 Feb 11  2022 lib -> usr/lib
lrwxrwxrwx   1 root root          7 Feb 11  2022 bin -> usr/bin
drwxrwxr-x   2 root root       4096 Feb 11  2022 cdrom
drwx------  10 root root       4096 Feb 12  2022 tim
-rw-------   1 root root 2147487744 Aug  9  2022 swapfile
drwxr-xr-x   5 root root       4096 Aug 14  2022 home
drwxr-xr-x  14 root root       4096 Oct 22 14:08 usr
drwxrwxrwx   7 root root       4096 Nov 26 04:18 media
drwxrwxrwx  13 root root       4096 Jan  7 21:59 opt
drwxr-xr-x   2 root root       4096 Feb  5 07:19 srv
dr-xr-xr-x  13 root root          0 Feb  7 23:41 sys
dr-xr-xr-x 549 root root          0 Feb  7 23:41 proc
drwx------  12 root root       4096 Feb  8 04:25 root
drwxr-xr-x  20 root root       5120 Feb 17 23:04 dev
drwxr-xr-x  28 root root       4096 Feb 21 23:36 snap
drwxr-xr-x 168 root root      12288 Mar  1 06:24 etc
drwxr-xr-x   5 root root       4096 Mar  2 06:51 boot
drwxr-xr-x  46 root root       1500 Mar  2 20:11 run
drwxrwxrwt  32 root root      20480 Mar  2 21:06 tmp

MKDIR

The command “mkdir” allows users to create directories/folders in the system. The user running this command must have suitable rights over the parent directory to create a directory or they will receive an error.
Syntax: mkdir New_Directory’s_Name

 
mkdir NewDirectory

 

~$ mkdir poopoo
~$ 
~$ ls
 Android            Pictures
 AppImages          poopoo

RMDIR

The command “rmdir” allows users to remove directories/folders from the system. The user running this command must have suitable rights over the parent directory to remove a directory AND the directory must not have any files or sub-directories within it or you  will receive an error.
Syntax: rmdir Directory’s_Name

rmdir DirectoryName
~$ rmdir poopoo
rmdir: failed to remove 'poopoo': Directory not empty
# Could not delete directory 
# "poopoo" because it is not
# empty

~$ rm poopoo
rm: cannot remove 'poopoo': Is a directory
# Could not remove "poopoo" 
# because it is not a file

RM

The command “rm” is used to remove files from a directory.

 

 

 

 

 

 

 

 

RM -RF

Permanently deletes the specified directory and ALL files and sub-directories beneath the specified directory.

Be VERY careful using this command as you can inadvertently delete your whole drive!

rm filename

 

 

 

 

 

 

 

 

 

rm -rf /path/to/dir/name

 

# Listing shows poopoo.txt 
# file exists under 
# direcotry "poopoo"
~/poopoo$ ls
poopoo.txt

~/poopoo$ rm poopoo.txt 

# listing now shows 
# poopoo.txt has been
# removed (deleted) 
# from directory "poopoo"
~/poopoo$ ls
~/poopoo$

  

# Directory "poopoo" exists 
# in the listing below
~$ ls
 Android            Pictures
 AppImages          poopoo
 Audio              Public


~$ rm -rf poopoo
~$
# Successfully removed 
# "poopoo" directory 
# and all its contents
# as can be seen in the 
# listing below

~$ ls 
 Android            Parkitect
 AppImages          Pictures
 Audio              Public

MV

The command “mv” is used for two purposes

  • To move files or directories from one path to another path in the system.
  • To rename a file or folder.
mv Source_File_name Destination_File_Name
mv File_name New_name_for_file

CP

The command “cp” is used to copy data from a source file to the destination file. Its function is almost like the command “mv”. The only difference is by using the command “cp” the source file is not removed from the directory after its data is moved to the destination file.

cp source_file_name destination_file_name

TOUCH

Creates an empty file at the specified path with the specified name.

Useful for creating a blank file you intend to edit with a CLI editor, such as VIM or NANO.

touch /path/name/filename.ext
~$ ls doc.txt
ls: cannot access 'doc.txt': No such file or directory
~$ touch /home/tim/doc.txt
~$ ls doc.txt
doc.txt

CAT

The command “cat” is a reverse of the command “tac”. It is used to display each line of the file starting from the first row and finishing on its last row.

This command is more frequently used than “tac”.

cat file_name

ECHO

The command “echo” used to display any expression that is passed as an argument.

echo expression_to_be_displayed
~/poopoo$ echo something-poopoo
something-poopoo

GREP

The command “grep” is used to search for a text in the specified file/folder.

grep “expression_to_be_Searched” file_name_to_search_in
 

ZIP

The command “zip” is used to compress one or more files and store them in a new file with .zip extension.

zip new_zip_file_name.zip
~/poopoo$ zip files.zip file1.txt file2.txt file3.txt 
  adding: file1.txt (stored 0%)
  adding: file2.txt (stored 0%)
  adding: file3.txt (stored 0%)
~/poopoo$ ls
file1.txt  file2.txt  file3.txt  files.zip

UNZIP

The command “unzip” is used to decompress a .zip file and extract all the files within to current directory.

unzip zip_file_name.zip
~/poopoo$ unzip files.zip
Archive:  files.zip
replace file1.txt? [y]es, [n]o, [A]ll, [N]one, [r]ename: A
 extracting: file1.txt               
 extracting: file2.txt               
 extracting: file3.txt            

SUDO

Sudo stands for SuperUser DO and is used to access restricted files and operations. By default, Linux restricts access to certain parts of the system preventing sensitive files from being compromised.

The sudo command temporarily elevates privileges allowing users to complete sensitive tasks without logging in as the root user.

 

 

 

 

 

 

 

 

 

 

 

sudo -i elevates the user to root for the remainder of the session rather than a command by command basis.

sudo some-command

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

sudo -i
# No directory called "peepee"
# exists
$ ls
bin    dev   lib    libx32      mnt   root  snap      sys  usr
boot   etc   lib32  lost+found  opt   run   srv       tim  var
cdrom  home  lib64  media       proc  sbin  swapfile  tmp

# Attempt to make directory 
# "peepee" as a noraml user
# fails because I'm 
# trying to make the 
# directory in a path I 
# don't have rights to
$ mkdir peepee
mkdir: cannot create directory ‘peepee’: Permission denied

# using SUDO to temporarily 
# elevate my privileges, I 
# can now create the 
# directory "peepee"
# in the path as can be seen 
# in the listing below:
$ sudo mkdir peepee
[sudo] password for tim:

$ ls
bin    dev   lib    libx32      mnt     proc  sbin  swapfile  tmp
boot   etc   lib32  lost+found  opt     root  snap  sys       usr
cdrom  home  lib64  media       peepee  run   srv   tim       var
~/poopoo$ sudo -i
[sudo] password for tim: 
~#