DEV Community: Chielo Chiamaka

Another way to manage your Linux server, without the terminal

Chielo Chiamaka — Tue, 20 May 2025 15:44:21 +0000

If the terminal ever felt overwhelming or your system froze during a long session (like mine just did), let me introduce you to Cockpit.

It’s a browser-based dashboard for Linux.

With it, you can:

Monitor CPU, RAM, disk usage
Start/stop services
Manage users and updates
Even access the terminal (if you still want to)

Just open your browser and go to https://your-server-ip:9090. Login with your Linux username, and you're in!

Works well on RHEL, Fedora, Ubuntu, etc. And it’s perfect for home labs or remote server admins.

Sometimes, the best fix is a backup way to manage things. That’s what Cockpit gave me.

Have you used it before?

📌Stay tuned for a guide on how to launch Cockpit from the terminal.

Implementing and Managing Security Protocols in Linux

Chielo Chiamaka — Fri, 16 May 2025 12:15:45 +0000

Introduction

If you're managing a Linux system, one of the most important responsibilities you'll take on is securing your environment.

You can’t afford to leave your system open to threats, and that’s where understanding security protocols comes in.

This guide covers essential security measures every Linux system administrator should enforce to safeguard a Linux environment effectively.

1. Securing SSH Access
2. Managing Firewalls with Firewalld
3. Enforcing Policies with SELinux
4. Controlling Access with Users, Groups, and Permissions
5. Keeping the System Updated
6. Monitoring and Auditing Activity
Conclusion
Let's Connect on LinkedIn

1. Securing SSH Access

SSH is the main entry point for remote system administration, making it a high-priority target for attackers.

Why It Matters

Hackers scan for open SSH ports constantly, looking for weak configurations to break in. If SSH security is compromised, an attacker could take full control of the system.

Best Practices

Disable Root Login (Prevent direct root access)
- Edit configuration:
```
sudo nano /etc/ssh/sshd_config
```
- Change:
```
PermitRootLogin no
```
- Restart SSH:
```
sudo systemctl restart sshd
```

Why? If an attacker gains access as root, they can install malware, delete files, or shut down the server. Hackers often target root because it’s a default username, making it easier for brute-force attacks.

Use Key-Based Authentication Instead of Passwords
- Generate SSH keys:
```
ssh-keygen
```
- Copy the key to the remote server:
```
ssh-copy-id user@server
```

Why? Keys eliminate password-based authentication, making it impossible for attackers to brute-force their way in.

Consider Changing the Default SSH Port
- Modify SSH config:
```
Port 2222
```

While not a replacement for strong authentication, changing the port reduces automated scans targeting default SSH ports.

2. Managing Firewalls with Firewalld

Firewalld controls network access, defining which services can communicate with the system.

Why It Matters

Without a firewall, any service running on the system is exposed to the internet including ones that shouldn’t be accessible externally. Firewalld blocks unauthorized traffic while allowing trusted services like SSH and HTTPS.

Basic Firewall Commands

Check Firewall Status:

  sudo firewall-cmd --state

Confirms whether Firewalld is active.
- List Allowed Services:

  sudo firewall-cmd --list-all

Shows currently permitted services and firewall rules.
- Add a Trusted Service (e.g., SSH):

  sudo firewall-cmd --permanent --add-service=ssh
  sudo firewall-cmd --reload

The --permanent flag ensures rules persist after a reboot.
--reload applies changes immediately.

Zones in Firewalld

Zones define trust levels for network traffic:

Public – Least trusted (minimal access).
Internal – More trusted (used in private networks).
Trusted, External, Home, Work, Block – Various levels of restriction.

Setting the appropriate zone for each network interface ensures that services are only accessible where needed.

3. Enforcing Policies with SELinux

SELinux provides mandatory access control, preventing unauthorized programs from accessing system files—even if exploited.

Why It Matters

A compromised application could attempt to access system resources. SELinux ensures that even if an attacker gains access, they are restricted from making further changes outside predefined security rules.

Basic SELinux Commands

Check SELinux Status:

  getenforce

Shows if SELinux is Enforcing, Permissive, or Disabled.
- Enable Enforcing Mode Temporarily:

  sudo setenforce 1

Immediately activates SELinux restrictions.
- Make It Permanent (Survives Reboots):

  sudo nano /etc/selinux/config

Change:
```
SELINUX=enforcing
```
Save and reboot.

Troubleshooting SELinux

Use sealert (GUI tool for SELinux alerts)
Check logs for blocked actions:

  cat /var/log/audit/audit.log | grep AVC

This helps diagnose issues related to SELinux restrictions.

4. Controlling Access with Users, Groups, and Permissions

Proper user management ensures files and directories are only accessible by authorized users.

Key Tools for Access Control

Change permissions (chmod)

  chmod 600 secret.txt

Restricts access to the file’s owner.
- Change ownership (chown)

  chown user:group file

Assigns a new owner and group.
- Grant limited admin access (sudo)

  sudo usermod -aG wheel username

Adds the user to the administrator group for controlled privilege escalation.

5. Keeping the System Updated

Unpatched systems are prime targets for attackers exploiting known vulnerabilities.

Keeping Software Up to Date

Manually update the system:

  sudo dnf update

Enable automatic updates:

  sudo dnf install dnf-automatic
  sudo systemctl enable --now dnf-automatic.timer

This ensures regular background updates, reducing security risks.

6. Monitoring and Auditing Activity

Tracking who did what on the system ensures accountability and security.

Key Log Files

Authentication logs:

  /var/log/secure

System-wide logs:

  journalctl

Security audit logs:

  auditd (audit service)

Using auditd to Monitor Activity

Enable auditd:

   sudo systemctl enable --now auditd

Check audit logs for specific user actions:

   sudo ausearch -ua yourusername

Helps track security-related activities.

Conclusion

Implementing these security protocols ensures a stronger, more resilient Linux system.

Stay consistent with these and regularly review your systems to maintain a strong security posture.

This knowledge will serve you well whether you’re managing a single server or a complex network.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

As I automate my journey into RHCE and Ansible, I’d love to connect with fellow learners and professionals. Feel free to reach out and join me as I share tips, resources, and insights throughout this 30-day challenge.

cloudwhistler #30daysLinuxchallenge

find command

Chielo Chiamaka — Wed, 14 May 2025 11:25:58 +0000

Introduction to the `find` Command in Linux

The find command helps you search for files and directories across your filesystem based on name, type, size, modification time, permissions, and more.

Unlike grep, which searches inside files, find searches for files or directories themselves.

Here’s how to get comfortable with it.

Basic Syntax of find
1. Find by Exact File Name
2. Case-Insensitive File Name Search
3. Find Files by Type
4. Find Files by Extension
5. Find Empty Files or Directories
6. Find Files by Size
7. Find Files by Modification Time
8. Find Files Accessed Recently
9. Find Files with Specific Permissions
10. Find Files by Owner
11. Find and Copy Files Owned by a User
12. Find and Delete Files Owned by a User
13. Find and Delete Files
14. Find and List with Full Path
15. Combine Multiple Conditions
Conclusion
Let's Connect on LinkedIn

Basic Syntax of find

find [starting_point] [options] [expression]

starting_point: where the search begins (e.g., . for current directory or /home/user)
options / expression: what to look for (e.g., -name, -type, etc.)

1. Find by Exact File Name

find <directory> -name <filename>

<directory> means search from the current directory.
-name tells find to look for a file with the exact name "notes.txt".
If it finds the file, it will show you the full path.

2. Case-Insensitive File Name Search

find <directory> -iname <filename>

-iname is just like -name but ignores case. So it will match CASEi.txt, Casei.TXT, etc.

3. Find Files by Type

In the find command, -type is used to specify the type of file you're looking for.

Common values for -type:

Letter	Meaning
`f`	Regular file (e.g., .txt, .log, .sh)
`d`	Directory
`l`	Symbolic link
`c`	Character device file (like `/dev/tty`)
`b`	Block device file (like `/dev/sda`)

Examples:

To find files only:

find <directory> -type f

To find directories only:

find . -type d

This is useful if you're searching inside complex folders.

4. Find Files by Extension

find <directory> -name "*.log"

This finds all files ending in .log.

You can use -iname "*.log" to do it case-insensitively.

5. Find Empty Files or Directories

find <directory> -empty

Returns empty files or folders
Useful for cleanup.

6. Find Files by Size

Find files smaller than 100 MB:

find <directory> -size -500k

Find files larger than 10 MB:

find <directory>  -size +10M

To find files between 50MB and 100MB:

find <directory> -size +50M -size -100M

Size units:

c = bytes
k = kilobytes
M = megabytes
G = gigabytes

Examples:

-size -500k = smaller than 500 KB
-size +1G = larger than 1 GB

7. Find Files by Modification Time

find <directory> -mtime -1

Finds files modified in the last 1 day.

-1 means less than 1 day ago.

Use +7 for files older than 7 days.

8. Find Files Accessed Recently

find <directory> -atime -2

-atime = accessed time.
Finds files accessed within the last 2 days.

9. Find Files with Specific Permissions

find <directory> -perm 644

Finds files with exact permission 755 (owner can read/write & execute, group and others can read & write).

Other modes:

-perm -mode = must have all permission bits
-perm /mode = match any of the bits

10. Find Files by Owner

find <directory> -user <username>

Finds files owned by a specific user.

Example:

find /var/log -user john

Useful for checking user activity or auditing.

11. Find and Copy Files Owned by a User

find <directory> -user <username> -exec cp {} <location> \;

Finds files owned by a user and copies each one to a backup folder.
Replace secteam with your desired backup path.

12. Find and Delete Files Owned by a User

find <directory> -user <username> -exec rm {} \;

Searches for files owned by the user and deletes them. Be cautious, test first using ls instead of rm.

13. Find and Delete Files

find <directory> -name "filename" -exec rm {} \;

-exec lets you run a command on each found file.
{} is replaced with the filename.
\; ends the -exec command.

Test safely:

find <directory> -name "filename" -exec ls {} \;

14. Find and List with Full Path

find "$(pwd)" -name "*.sh"

$(pwd) gives full path of current directory.
Useful to know exact locations of found files.

15. Combine Multiple Conditions

find . -type f -name "*.log" -size +1M

Finds all .log files that are regular files and larger than 1 MB.

Conclusion

From everyday maintenance to system-wide audits, the find command proves its worth in countless scenarios.

Knowing how to use it efficiently can save you time and prevent costly mistakes.

Start with simple queries, build your confidence, and you'll soon be a find command power user.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

grep Command in Linux

Chielo Chiamaka — Mon, 12 May 2025 11:47:21 +0000

When you're working with Linux log files, it's easy to rely on basic grep searches and call it a day.

But grep has powerful options that can help you find exactly what you're looking for, faster and with more precision.

Here are essential grep options and commands to help you analyze your logs more effectively and detect potential threats faster.

Common grep Options Overview
1. Search for a Keyword in a File
2. Search for a Keyword in Multiple Files
3. Show files that do NOT contain "server"
4. Show line numbers with the match
5. Search case-insensitively
6. Show Match Count (-c)
7. List Filenames with Matches (-l)
8. Show Inverse Results (-v)
9. Search for Lines Starting with a Keyword (^)
10. Search for Lines Ending with a Keyword ($)
11. Redirect Search Results into a File (>)
12. Append Results into a File (>>)
Conclusion
Let's Connect on LinkedIn

Common `grep` Options Overview

Option	Description
`-c`	Count only the number of matching lines
`-i`	Ignore case when matching (case-insensitive search)
`-v`	Invert match (show lines that do not match the pattern)
`-n`	Show the line number of each matching line
`-l`	List file names that contain the match
`-L`	List file names that do not contain the match
`^`	Anchor to match lines starting with the keyword (e.g., `^root`)
`$`	Anchor to match lines ending with the keyword (e.g., `nologin$`)
`>`	Redirect output to a new file (overwrites the file)
`>>`	Append output to the end of an existing file (does not overwrite)

1. Search for a Keyword in a File

grep <Keyword> <Source>

Purpose: Find all lines that contain "files".

Expected Output:

What it does:
Scans the grep_test.txt file and returns lines that include the word "files".

Explanation:
This shows every line where "files" appears. It’s useful for checking which users or settings involve root privileges.

2. Search for a Keyword in Multiple Files

grep <keyword> <source1> <source2>

Expected Output:

Explanation:
Each result shows the filename, line number, and the matching line. This is helpful for scanning system logs for error messages.

3. Show files that do NOT contain "server"

grep -L <keyword> <source

Purpose:
List files that do NOT contain the word "server".

Expected Output:

If all files contain "server", you’ll see no output.
If one file doesn’t, you'll see:

log2.txt

4. Show line numbers with the match

grep -n <keyword> <source>

Expected Output:

Each match is prefixed with:

filename

line number

the line content containing the match

5. Search case-insensitively

grep -i <keyword> <source>

Purpose:
Search ignoring case (so server, SERVER, and Server are all valid matches).

Expected Output

If any file had:

SERVER CRASHED.

It would show that too.

6. Show Match Count (-c)

This option tells grep to show how many times the pattern appears in the file, rather than displaying the matching lines themselves.

grep -c <keyword> <source>

Expected Output:

7. List Filenames with Matches (-l)

This option shows only the names of files that contain the matching keyword, not the actual matching lines.

grep -l <keyword> <source>

Expected Output:

This is helpful when you just want to know which files have the keyword, without seeing the lines themselves.

8. Show Inverse Results (-v)

This option tells grep to show lines that do not match the given pattern.

grep -v <keyword> <source>

Expected Output:

The lines that do not contain "server" are displayed. This is useful if you want to exclude certain patterns from your search.

9. Search for Lines Starting with a Keyword (^)

The caret ^ is used to search for lines that start with the specified pattern.

grep "^<keyword>" <source>

Expected Output:

The ^ symbol means the search looks for lines that begin with the given pattern. Here, it finds the line where "Restart" is at the start of the line.

10. Search for Lines Ending with a Keyword ($)

The dollar sign $ is used to search for lines that end with the specified pattern.

grep "<keyword>$" <source>

Expected Output:

The $ symbol signifies that the search looks for lines that end with the specified pattern

11. Redirect Search Results into a File (>)

This option allows you to redirect the output of the grep command to a new file, overwriting any existing content.

grep <keyword> <source> > <destination_file>

Output:

No output to the screen because it's redirected to server.txt.

The content of errors.txt will be the lines from log1.txt containing the word "server".

The > operator redirects the search results into the specified file, overwriting the file content.

12. Append Results into a File (>>)

This option allows you to append the results of the grep command to an existing file, rather than overwriting it.

grep <keyword> <source> >> <destination_file>

Output:

The >> operator appends the output to the file, ensuring that existing content is preserved while adding new results

Conclusion

Whether you're filtering logs, scanning config files, or troubleshooting issues, the right grep option can save you time and give you clarity.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

Linux Backup Strategies

Chielo Chiamaka — Thu, 08 May 2025 10:02:55 +0000

In enterprise Linux environments especially on RHEL-based systems, backups are a must.

Backups are about resilience, recovery, and continuity.

It shouldn't be treated as a “set-it-and-forget-it” task.

If neglected, it will lead to serious gaps when incidents strike.

Let’s break down common Linux specific backup strategy failures, and how to automate smarter, safer systems.

1. Single Point of Backup Failure
2. No Backup Testing
3. Infrequent Backup Schedules
4. No Remote or Cloud Backups
5. No Encryption or Access Control
6. No Documented Recovery Plan
7. No Compliance Awareness
Conclusion
Let's Connect on LinkedIn

1. Single Point of Backup Failure

Storing backups on the same disk (/dev/sda1 or /home/backup) puts you one disk failure away from total data loss.

Fix: Automate off-site backups with tools like:

rsync to a remote SSH server
rclone for cloud targets (S3, Google Drive)
Restic or Duplicity for encrypted, versioned backups

2. No Backup Testing

If you’ve never restored your backup, it might not work. Admins often skip testing restore procedures until it's too late.

Fix: Automate testing using scripts that:

Verify archive integrity (tar -tvf, sha256sum)
Perform dummy restores with cron-scheduled dry runs

Tools:

BorgBackup (prune, verify)
Restic (check, restore --verify)

3. Infrequent Backup Schedules

Manual weekly backups or inconsistent cron jobs are risky especially for systems with frequent config or database changes.

Fix: Use automation tools and schedules like:

cron + rsnapshot for versioned backups
systemd timers for reliability and logging
Ansible playbooks to deploy consistent backup routines across environments

4. No Remote or Cloud Backups

Storing to a USB drive or NAS isn’t enough if disaster strikes your site.

Fix: Automate secure, remote backups with:

rclone or Restic + cron/systemd timers to S3, Azure, or Google Cloud
Duplicity for incremental encrypted backups with cloud support

5. No Encryption or Access Control

Plain-text backups stored in /opt/backups with chmod 777? That’s an insider threat waiting to happen.

Fix: Automate with:

gpg encryption in backup scripts
Access control via group permissions and sudoers
Backup targets mounted only during scheduled jobs

6. No Documented Recovery Plan

Even if backups exist, teams often don’t know where they are, how to restore, or who’s responsible.

Fix: Include a disaster recovery automation plan with:

Versioned documentation (README.md, runbooks)
Bash or Ansible scripts for automated restoration
Monitoring alerts (Nagios, Zabbix, or Prometheus + Alertmanager) for failed backups

7. No Compliance Awareness

Healthcare, finance, or government orgs have specific retention and encryption rules—and noncompliance is costly.

Fix:

Automate log backups (logrotate, auditd)
Ensure compliance with data retention scripts + cron schedules
Use backup tools that support GPG, incremental backup metadata, and logging

Conclusion

Linux servers offer robust flexibility and control, but a lack of adequate backup strategies can lead to significant risks.

Ensure your Linux-based systems are protected by a solid backup plan and disaster recovery procedure don’t wait for a crisis to test your recovery.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

Avoid the Mistakes That Led to the NTT Breach: Secure Linux User Onboarding and Access Control

Chielo Chiamaka — Mon, 05 May 2025 10:39:03 +0000

18,000 organizations paid the price for poor access control.

Don’t let yours be the next headline.

The NTT Communications breach showed us what happens when user permissions and privileges are mismanaged. Attackers exploited weak access control and exposed sensitive data from over 18,000 organizations.

Security should be a top priority in every organization, it’s not something to joke with.

With that mindset, I approached this mini project focused on securing a Linux environment.

I simulated the onboarding of a technical team by creating secure user and group accounts, assigning minimal and appropriate privileges, enforcing password policies, and implementing basic monitoring, all to ensure sensitive data remains protected.

Scenario: You’re the SysAdmin
1. Create a New Group
2. Create User Accounts
3. Secure Home Directories
4. Assign Sudo Access to Team Lead
5. Implement Security Policies
- a. Password Complexity
- b. Password Expiry
- c. Protect Sensitive Files
6. Shared Directory for Collaboration
7. Basic Monitoring
Best Practices Recap
Conclusion: Secure by Design
Let's Connect on LinkedIn

Scenario: You’re the SysAdmin

You’ve been assigned to set up a secure system for a newly hired technical team. Your goals:

Create users and groups
Apply controlled access
Enforce security policies
Protect sensitive data

1. Create a New Group

2. Create User Accounts

Create three users (mr.a, mr.b, mrs.c), add them to the tech_team, and set their passwords:

sudo passwd mr.a
sudo passwd mrs.c

Force password change on first login:

3. Secure Home Directories

Ensure each user’s home is private:

4. Assign Sudo Access to Team Lead

Give sudo rights to the team lead only:

Leave mr.a and mrs.c as regular users.

5. Implement Security Policies

a. Password Complexity

Edit the PAM config:

Set the following:

minlen = 10
dcredit = -1
ucredit = -1
ocredit = -1
lcredit = -1

abc123 → Rejected
Password1! → Accepted

b. Password Expiry

c. Protect Sensitive Files

Restrict file access:

sudo chmod 600 /var/log/auth.log

Encrypt sensitive files:

gpg -c secret_file.txt

6. Shared Directory for Collaboration

sudo mkdir /project_data
sudo chown :tech_team /project_data
sudo chmod 770 /project_data

This lets team members collaborate while keeping outsiders out.

7. Basic Monitoring

User login logs:

last

Track sudo usage:

grep 'sudo' /var/log/auth.log

Monitor unauthorized privilege escalations early.

Best Practices Recap

Principle of Least Privilege (PoLP): Only give users access to what they need.
Access Audits: Periodically review group and user access.
Password Policies: Complexity, expiry, and rotation.
Monitoring & Alerts: Use logs and tools to spot anomalies early.

Conclusion: Secure by Design

Ignoring access control is costly.

Secure user onboarding, granular permissions, and proactive monitoring are non-negotiables in today’s landscape.

By applying these Linux-based practices, you reduce your organization’s attack surface and stay out of the headlines.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

System Performance Monitoring

Chielo Chiamaka — Sat, 03 May 2025 11:54:24 +0000

Why Monitoring Matters
What to Monitor (Key Performance Metrics)
- 1. CPU Usage
- 2. Memory Usage
- 3. Disk I/O and Storage
- 4. Network Usage
- 5. Processes and Services
- 6. System Logs
Tools to Automate Monitoring
Best Practices
Conclusion
Let's Connect on LinkedIn

Why Monitoring Matters

You’ve updated your systems. Applied patches. Everything seems fine.

But no system can be truly secure or efficient without ongoing monitoring.

Lack of Monitoring Leads to Vulnerability:

No logs = No alerts = delayed response to attacks or resource exhaustion
No visibility means attackers could go unnoticed (e.g., unauthorized SSH access)
Unpatched systems or performance spikes might indicate compromise but without monitoring, you'd never know.

Cybercriminals thrive in the dark. Monitoring shines a light.

In a production environment, a slow server is more dangerous than a down server.

Because it appears to be working until users start complaining.

That’s where system performance monitoring comes in.

Linux monitoring acts as your early warning system, ensuring the system is:

Available (users and applications can access it)
Responsive (no slowdowns or timeouts)
Efficient (resources are used properly)
Stable (no unexpected crashes or overloads)

What to Monitor (Key Performance Metrics)

1. CPU Usage

Tracks how much processor time is being used.

High usage may indicate heavy processes or a bottleneck.

Tools: top, htop, mpstat, sar

2. Memory Usage

Includes RAM and swap usage.

Consistently high memory could lead to thrashing.

Tools: free -m, vmstat, top, smem

3. Disk I/O and Storage

Monitors how fast and frequently the disk is being read/written to.

Disk bottlenecks can affect database performance, logging, backups, etc.

Tools: iostat, iotop, df -h, du, lsblk

4. Network Usage

Measures traffic in/out, bandwidth usage, and errors.

Helps detect congestion, packet loss, or DDoS attacks.

Tools: iftop, nethogs, netstat, ss, ping, traceroute

5. Processes and Services

Ensures critical services are running and performing as expected.

Tracks resource-hungry or zombie processes.

Tools: ps aux, systemctl status, top, journalctl

6. System Logs

Check logs for warnings, errors, failed authentications.

Location:

/var/log/, /var/log/messages, /var/log/syslog, /var/log/auth.log

Tools: tail -f, grep, journalctl

Tools to Automate Monitoring

Glances : real-time overview
Zabbix : graphs, alerts, dashboard
Netdata : intuitive web UI
Nagios : powerful alert system
Prometheus + Grafana : modern dashboards and metrics

While tools are essential, monitoring is not just about tools.

It’s about:

Setting performance thresholds
Understanding baselines
Creating alert systems
Interpreting logs and metrics to make informed decisions

Best Practices

Set alerts for CPU, memory, disk, and network
Establish baseline performance
Monitor trends to scale resources ahead
Combine command-line tools with automated platforms

Conclusion

Monitoring = Tools + Skills + Logs + Baselines + Action Plan

System monitoring is a preventive shield, a performance enhancer, and your early warning system.

You don’t need to wait until there's a problem.

Start watching now before someone else is watching for you.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

From Manual Patching to Automation: Introducing Red Hat Satellite

Chielo Chiamaka — Thu, 01 May 2025 09:12:05 +0000

Managing patches manually is fine until your infrastructure grows.

What is Red Hat Satellite?
Why Use Red Hat Satellite for Patch Management?
How It Works (At a Glance)
Conclusion
Let's Connect on LinkedIn

Yesterday, we explored how to perform system updates and manage patches manually on Linux systems.

But what if you’re managing dozens or even hundreds of RHEL servers?

Let’s say your organization runs 200 RHEL servers. Instead of logging in one by one to run dnf update, you could:

Approve updates in Satellite
Schedule a patch window
Monitor update success from a centralized dashboard

All automated. All centralized.

That’s where Red Hat Satellite comes in.

What is Red Hat Satellite?

Red Hat Satellite is a systems management platform that helps system administrators:

Provision and deploy Red Hat systems at scale
Automate patch management and system updates
Ensure compliance with security policies
Centrally manage software repositories and configurations

Why Use Red Hat Satellite for Patch Management?

Centralized Control: Manage all updates from a single interface
Scheduling: Automate patching to reduce manual workload and downtime
Custom Repos: Push only approved and tested packages
Compliance: Track and audit which systems need updates or fail security checks

How It Works (At a Glance)

Satellite Server pulls content from the Red Hat Customer Portal
Capsule Servers act as proxies to distribute content locally
Clients (managed systems) register with Satellite and receive updates based on policies

Conclusion

Manual patching can work for a while. But as your environment scales, so does the complexity and risk of missing critical updates.

Red Hat Satellite gives you the tools to automate patch management, ensure compliance, and streamline updates across all your RHEL systems from a single interface.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

System Upgrades and Patch Management in Linux

Chielo Chiamaka — Tue, 29 Apr 2025 09:48:43 +0000

Linux, being an open-source and multi-user system, requires regular updates to ensure optimal security, performance, and stability.

Without proper management, outdated packages and security vulnerabilities can make your system prone to attacks, performance degradation, and failures.

Keeping things updated means your system stays secure, stable, and fast.

What is a System Upgrade in Linux?
Types of Upgrades
Why Patch Management is Essential
How to Perform System Upgrades and Manage Patches on Linux
Debian/Ubuntu-based Systems
RedHat/CentOS/Fedora-based Systems
Automating System Upgrades and Patch Management
Best Practices
Conclusion
Let's Connect on LinkedIn

What is a System Upgrade in Linux?

A system upgrade in Linux involves updating the operating system or installed packages to the latest versions.

Types of Upgrades

Full System Upgrade: Jumping to a new major OS version (Ubuntu 20.04 - 22.04)
Package Upgrade: Updating specific software (like nginx, MySQL, etc.)

Why Patch Management is Essential

Security: Security patches address vulnerabilities that could be exploited by attackers to compromise your system.
Stability: Updates often fix software bugs or issues that can cause instability or crashes.
Performance: Some patches are designed to improve performance, reduce system resource consumption, and fix compatibility issues.

Regular patch management ensures that your Linux system remains secure and reliable.

How to Perform System Upgrades and Manage Patches on Linux

Managing system upgrades and patches is one of the most critical tasks for any Linux administrator. Fortunately, Linux provides robust package management systems to help manage updates efficiently.

Below are common ways to perform upgrades and manage patches across popular Linux distributions:

Debian/Ubuntu-based Systems

Debian-based distributions, like Ubuntu, use the apt package manager for handling upgrades and patch installations.

Update package list:

sudo apt update

Upgrade installed packages:

sudo apt upgrade

Full system upgrade:

sudo apt dist-upgrade

Security updates: Install security patches automatically using the unattended-upgrades tool:

sudo apt install unattended-upgrades

RedHat/CentOS/Fedora-based Systems

Red Hat-based distributions use the yum (for older versions) or dnf (for newer versions) package managers.

Update all packages:

sudo yum update

or for newer versions

sudo dnf update

Security updates only:

sudo yum update --security

or for newer versions

sudo dnf update --security

Schedule automatic updates: You can configure automatic updates by enabling yum-cron or dnf-automatic.

Automating System Upgrades and Patch Management

To prevent missing critical security patches, automation is key.

On Ubuntu: Use unattended-upgrades to automatically install security patches:

sudo apt install unattended-upgrades

On CentOS/RHEL: Use yum-cron or dnf-automatic to automatically apply updates:

sudo yum install yum-cron
sudo systemctl enable yum-cron
sudo systemctl start yum-cron

Best Practices

Update Regularly: Set a schedule (daily or weekly).
Test Before Pushing to Production: Use a staging server.
Automate Security Updates: Saves time and reduces risks.
Backup Before Major Upgrades: Always.
Stay Informed: Watch security advisories for your distro.
Avoid chmod 777: Only give the permissions needed, no more.
Audit Your System: Use tools like Lynis, chkrootkit, rkhunter regularly.
Plan Major Upgrades Carefully: Check app compatibility first.

Conclusion

System upgrades and patch management are not just routine tasks but essential practices to ensure the security and stability of your Linux systems.

By regularly applying updates and patches, automating the process, and following best practices, you can protect your system from vulnerabilities, improve its performance, and keep it running smoothly.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

RHEL 9 System Boot Stuck at GNOME Display Manager (GDM) : Troubleshooting Guide

Chielo Chiamaka — Sat, 26 Apr 2025 14:19:07 +0000

Recently, after updating and upgrading my RHEL 9 system using dnf, I encountered an issue where the system froze at "Starting GNOME Display Manager (GDM)."

This guide outlines the troubleshooting steps I followed to successfully resolve it.

What is GNOME Display Manager (GDM)?
Common Causes of GDM Hanging Issues
Troubleshooting Steps
1. Switch to a TTY Console
2. Restart GDM Service
3. Review GDM Logs for Errors
4. Reset GNOME Desktop Settings
5. Boot into Multi-User Mode for Deeper Troubleshooting
GNOME Session Shows "Unsupported Session Type"
Conclusion
Let's Connect on LinkedIn

What is GNOME Display Manager (GDM)?

The GNOME Display Manager (GDM) is a graphical login manager for Linux systems that use the GNOME desktop environment.
Its key functions include:

User Authentication: Provides a secure graphical interface for login.
Session Management: Starts and manages user sessions.
Customizable Interface: Offers a user-friendly login screen.
Display Server Support: Works with both X11 and Wayland display servers.

In simple terms, GDM acts as a bridge between the user and the GNOME desktop environment.

Common Causes of GDM Hanging Issues

The "Starting GNOME Display Manager" hang can occur due to:

Package conflicts or incomplete updates.
Graphics driver issues.
Misconfigured system services.

Troubleshooting Steps

1. Switch to a TTY Console

When the system is stuck:

Press Ctrl + Alt + F2 (or F3/F4, depending on the system) to access a text-based terminal.
Log in with your credentials.

2. Restart GDM Service

In the terminal, restart the GDM service:

sudo systemctl restart gdm

Sometimes, a simple restart can fix a stuck GDM.

3. Review GDM Logs for Errors

If restarting didn’t work, check the system logs:

journalctl -xeu gdm

Look for specific error messages that can guide your next steps.

4. Reset GNOME Desktop Settings

If there are misconfigurations in the GNOME settings, resetting them might help:

dconf reset -f /org/gnome/

Then, restart GDM:

sudo systemctl restart gdm

5. Boot into Multi-User Mode for Deeper Troubleshooting

If the problem persists:

Reboot and access the GRUB menu (press Esc or Shift during boot)

Edit the boot entry and add:

systemd.unit=multi-user.target

Press Ctrl + X to boot

This boots into a command-line environment (without GUI), allowing safer troubleshooting.

GNOME Session Shows "Unsupported Session Type"

Error:

Window Manager Warning: Unsupported session type

How to Fix:

Check the session type:

echo $XDG_SESSION_TYPE

If it shows tty instead of x11 or wayland, your graphical session isn't active.

Start GNOME manually:

startx

Set the system to boot into graphical mode by default:

Check the default target:

systemctl get-default

If it returns multi-user.target, change it:

sudo systemctl set-default graphical.target
reboot

Conclusion

If you ever encounter a GNOME Display Manager issue in RHEL 9, these steps should guide you to a solution.

Always check system logs, verify configuration settings, and ensure your graphics drivers are up-to-date.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

Special Permissions in Linux (SUID, SGID & Sticky Bit)

Chielo Chiamaka — Thu, 24 Apr 2025 10:58:55 +0000

In Linux environments, standard file permissions can fall short, especially when multiple users need to share files or run important commands. That’s where special permissions like SUID, SGID, and the Sticky Bit come in.

They offer advanced control over file execution and directory behavior, making them essential for secure, collaborative systems.

What Are Special Permissions?
1. SUID (Set User ID)
2. SGID (Set Group ID)
3. Sticky Bit
Special Permissions: Numeric Mode
Conclusion
Let's Connect on LinkedIn

What Are Special Permissions?

There are three types of special permissions in Linux:

SUID (Set User ID)
SGID (Set Group ID)
Sticky Bit

These are mainly applied to executable files and directories to control execution rights, inheritance, and deletion permissions in shared environments.

1. SUID (Set User ID)

When applied to an executable file, SUID allows any user to execute the file with the permissions of the file owner.

Use Case:
The passwd command is owned by root, but regular users must use it to change their passwords.

ls -l /usr/bin/passwd

You’ll see:

-rwsr-xr-x 1 root root 54256 Apr 23 09:32 /usr/bin/passwd

The s in the user/owner execute position represents the SUID bit.

To set SUID:

chmod u+s file_name

To remove:

chmod u-s file_name

2. SGID (Set Group ID)

SGID has two behaviors:

On files: Runs the file with the group owner's permissions.

On directories: Ensures all new files/subdirectories inherit the group of the parent directory—not the user’s default group.

Use Case:
In a shared group directory like /project, you want every file created to belong to the same group.

chmod g+s /project
ls -ld /project

Output:

drwxr-sr-x 2 devs devs 4096 Apr 23 09:32 /project

The s in the group execute position means SGID is active.

3. Sticky Bit

Used only on directories, the Sticky Bit prevents users from deleting files they don't own—even if they have write access to the directory.

Use Case:
On shared directories like /tmp, you don’t want users accidentally or maliciously deleting others’ files.

chmod o+t /tmp
ls -ld /tmp

Output:

drwxrwxrwt 10 root root 4096 Apr 23 09:32 /tmp

The t at the end? That’s the Sticky Bit.

Special Permissions: Numeric Mode

You can set SUID, SGID, and Sticky Bit using numeric values:

SUID = 4

SGID = 2

Sticky Bit = 1

Example:

chmod 6755 script.sh

6 (4 + 2) = SUID + SGID

755 = Regular permissions

Special permissions in Linux provide fine-grained control for shared environments and collaborative workflows. They're vital tools for sysadmins and DevOps engineers.

But—use with caution. Setting SUID or SGID on sensitive files can expose your system to security risks if misconfigured.

Keep your permissions smart, not sloppy.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

Linux #ACL #FilePermissions #CloudWhistler #30DaysLinux

A Simple Guide to ACLs in Linux

Chielo Chiamaka — Mon, 21 Apr 2025 09:08:59 +0000

In Linux, traditional file permissions (rwxrwxrwx) work fine for basic access control. But if you need to give specific users or groups access to a file without changing its ownership or group

That’s where ACL (Access Control List) comes in.

It gives you more granular permission control, beyond just owner, group, and others.

Why Use ACL?
1. Check ACL Permissions
2. Add User-Specific ACL Permission
3. Remove ACL Permission for a User
4. Remove All ACL Permissions
5. Set ACL for a Group
Understanding the Mask
How to Know If a File Has ACL
Conclusion
Let's Connect on LinkedIn

Why Use ACL?

Let's assume in your organisation,

A file is owned by user chielo and group devs.
You want to give sophy read-only access, but without changing the file's group or ownership.

Traditional permissions can’t do this. ACL can.

1. Check ACL Permissions

To view ACL entries:

getfacl

Output:

file: secteam

owner: root

group: root

user::rwx
group::r-x
other::r-x

2. Add User-Specific ACL Permission

To give a specific user access:
setfacl -m u:: directory

Explanation:
-m = modify
u:grape:rx = give user grape read & execute permission

ACL output:

file: secteam

owner: root

group: root

user::rwx ( The file owner)
user:grape:rx ( ACL permission for user 'grape')
group::r-x ( group has read and execute permission)
other::r-x ( Others have read and execute permission)

3. Remove ACL Permission for a User

To remove a specific user's ACL entry:
setfacl -x u: file.txt

Updated ACL output:

file: secteam

owner: root

group: root

user::rwx
group::r-x
other::r-x

4. Remove All ACL Permissions

To clear all ACL entries (except standard permissions):
setfacl -b file.txt

-b = remove all ACL entries

5. Set ACL for a Group

To give a group specific permissions:
setfacl -m g::

This gives read-only access to the entire systemadmin group.

Understanding the Mask

The mask defines the maximum permission that can be granted to users (except the owner) and groups via ACL.
Even if you set:
setfacl -m u:chielo:rw file.txt

If the mask is:
mask::r--

Then chielo will only have read access.
To update the mask:
setfacl -m mask:rw file.txt

How to Know If a File Has ACL

Run:
ls -l

If you see a + sign at the end of the permission string:
-rw-r--r--+ 1 chielo devs 1024 Apr 15 file.txt

It means the file has ACLs applied.

Conclusion

ACLs are incredibly useful when you're managing permissions for multiple users or groups without disrupting existing setups.

Try experimenting with setfacl and getfacl on your test files and see the difference for yourself.

Let’s connect on LinkedIn

(https://www.linkedin.com/in/chiamaka-chielo?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=android_app)

cloudwhistler #30daysLinuxchallenge

Linux #ACL #FilePermissions #CloudWhistler #30DaysLinux

DEV Community: Chielo Chiamaka

Another way to manage your Linux server, without the terminal

Implementing and Managing Security Protocols in Linux

Introduction

Table of Contents

1. Securing SSH Access

Why It Matters

Best Practices

2. Managing Firewalls with Firewalld

Why It Matters

Basic Firewall Commands

Zones in Firewalld

3. Enforcing Policies with SELinux

Why It Matters

Basic SELinux Commands

Troubleshooting SELinux

4. Controlling Access with Users, Groups, and Permissions

Key Tools for Access Control

5. Keeping the System Updated

Keeping Software Up to Date

6. Monitoring and Auditing Activity

Key Log Files

Using auditd to Monitor Activity

Conclusion

Let’s connect on LinkedIn

cloudwhistler #30daysLinuxchallenge

find command

Introduction to the find Command in Linux

Table of Contents

Basic Syntax of find

1. Find by Exact File Name

2. Case-Insensitive File Name Search

3. Find Files by Type

Examples:

4. Find Files by Extension

5. Find Empty Files or Directories

6. Find Files by Size

7. Find Files by Modification Time

8. Find Files Accessed Recently

9. Find Files with Specific Permissions

10. Find Files by Owner

11. Find and Copy Files Owned by a User

12. Find and Delete Files Owned by a User

13. Find and Delete Files

14. Find and List with Full Path

15. Combine Multiple Conditions

Conclusion

Let’s connect on LinkedIn

cloudwhistler #30daysLinuxchallenge

grep Command in Linux

Table of Contents

Common grep Options Overview

1. Search for a Keyword in a File

2. Search for a Keyword in Multiple Files

3. Show files that do NOT contain "server"

4. Show line numbers with the match

5. Search case-insensitively

6. Show Match Count (-c)

7. List Filenames with Matches (-l)

8. Show Inverse Results (-v)

9. Search for Lines Starting with a Keyword (^)

10. Search for Lines Ending with a Keyword ($)

11. Redirect Search Results into a File (>)

12. Append Results into a File (>>)

Conclusion

Let’s connect on LinkedIn

cloudwhistler #30daysLinuxchallenge

Linux Backup Strategies

Table of Contents

1. Single Point of Backup Failure

2. No Backup Testing

3. Infrequent Backup Schedules

4. No Remote or Cloud Backups

5. No Encryption or Access Control

6. No Documented Recovery Plan

7. No Compliance Awareness

Conclusion

Let’s connect on LinkedIn

cloudwhistler #30daysLinuxchallenge

Avoid the Mistakes That Led to the NTT Breach: Secure Linux User Onboarding and Access Control

Introduction to the `find` Command in Linux

Common `grep` Options Overview