Skip to content

Shell:Basic

쉘 기초.

shell

shell이란 운영 체제 상에서 다양한 운영 체제 기능과 서비스를 구현하는 인터페이스를 제공하는 프로그램이다. 셸(껍데기의 영어 단어)은 사용자와 운영 체제의 내부(커널) 사이의 인터페이스를 감싸는 층이기 때문에 그러한 이름이 붙었다.

셸은 일반적으로 명령 줄과 그래픽 형의 두 종류로 분류된다.

  • 명령 줄 셸은 운영 체제 상에서 명령 줄 인터페이스(CLI)를 제공하는 반면에,
  • 그래픽 셸은 그래픽 사용자 인터페이스(GUI)를 제공한다.

쉘 프로그램

터미널 에뮬레이터

기본 쉘 명령어

  • pwd command - print name of current/working directory
  • cd command - Change the shell working directory
  • echo command - display a line of text
  • ls command - list directory contents
  • mkdir command - make directories
  • rm command - remove files or directories
  • cp command - copy files and directories
  • mv command - move (rename) files
  • cat command - concatenate files and print on the standard output
  • touch command - change file timestamps
  • man pages
  • env command

특수한 명령

  • Shortcuts
    • ~: Home Directory
    • .: Current Directory
    • ..: Parent Directory
  • Redirecting the command output: >, >>
  • Pipe |
  • history command
    • !n - n 숫자 라인에 해당하는 히스토리 실행. 음수도 가능하며, !-1!!와 동일.
    • !! - 번호가 가장 큰 히스토리. 즉, 방금 실행한 명령어
  • Shebang (셔뱅): 첫 줄에 있는 #!
  • Here document - << EOF와 같은 형식으로 stdin 문자열 전달.
  • export environment variable
  • source command

개발자 필수

Advanced

ETC

  • cal command
  • whoami command
  • id command
  • tree command

Filesystem

다른 것을 배우기 전에 Linux 시스템 내에서 파일과 디렉토리가 어떻게 구성되어 있는지 살펴봐야 합니다:

$ ls /
bin boot dev etc home lib lib64 lost+found mc media mnt opt output proc root run sbin srv sys tmp usr var

유용한 명령어들

  • ln
    • Creating soft link to a file - ln -s [소스] [링크위치]
    • Creating hard links
  • tar
    • Extracting a tar file
    • Creating a tar file
  • vim editor
    • :q to exit vim
    • Open a new file or edit an existing file
    • Different modes of vim - vimdiff
    • :w to save a file
    • :q! to quit without saving
  • Becoming root user
    • Using sudo command
  • !! trick
  • Environment variables
    • Setting up environment variable values
  • locate command
  • Finding date/time in different timezones
  • Bash history
  • Sort files by size
  • uniq/sort command

Curl 활용하기

  • Viewing a file
  • Downloading the file
  • Download with the same name
  • Doing POST request using curl
  • Following redirection
  • Example: to view github’s pull request patch
  • Viewing more details about the transfer
  • Doing multiple requests at once
  • Inspecting HTTP headers
  • Adding new HTTP headers
  • Curl book

사용자와 그룹

  • Finding the owner of file
  • /etc/passwd file
  • Details about groups
  • wheel group
  • Becoming superuser
  • Adding a new user
  • Changing user passwords
  • Modifying existing user details
  • Deleting a user
  • Adding a new group
  • Adding new group to an user

파일 권한

  • chmod, chown command
  • PATH variable
  • ~/.bash_profile file
  • .bashrc file
  • /etc/profile file
  • which command
  • Use which command to see how $PATH variable works
  • she-bang or sha-bang in executable files

리눅스의 프로세스

  • How to view all running processes?
  • How to find a particular process?
  • How to kill/stop a particular process?
  • Finding out list of open files
  • Signals
  • top command
  • Load average
  • htop tool
  • More about Linux processes
  • /proc directory
  • /proc/cpuinfo
  • /proc/cmdline
  • /proc/meminfo
  • /proc/uptime
  • /proc/sys/ & sysctl command
  • Enabling IP forward with sysctl

리눅스 서비스들

  • What is a service?
  • What is a daemon?
  • What is the init system?
  • Units in systemd
  • .service units in systemd
  • How to find all the systemd units in the system?
  • Working with a particular service
  • Enabling or disabling a service
  • Shutdown or reboot the system using systemctl
  • journalctl
  • Finding the logs of a service
  • To view only the last N entries
  • Continuous stream of logs
  • Listing of previous boots
  • Time-based log viewing
  • Total size of the journal logs
  • Writing your own service file

systemd를 이용한 서비스 보안

  • Installing verybad service
  • Vulnerabilities in the application
  • Directory traversal vulnerability/ LFI
  • Arbitary file write vulnerability
  • Remote code execution (RCE) vulnerability
  • Remove access to system’s tmp directory
  • Protecting home dirctories
  • Fixing directory paths
  • DynamicUser
  • Allowed Executables
  • What is next?

패키지 관리

  • dnf command
  • Searching for a package
  • Finding more information about a package
  • Installing a package
  • To list the available updates
  • To list all security updates
  • Update the packages via dnf
  • Find out the services & applications need restart after update in Fedora/CentOS/RHEL
  • Automatic updates in dnf systems
  • apt command
  • apt update
  • Installing a package via apt
  • apt-cache search
  • Listing upgrades
  • Upgrading packages
  • Figuring out which services/processes need restart after package upgrade in Debian
  • Listing available security updates in Debian systems
  • Unattended upgrades in Debian systems

SELinux

  • SELinux Modes
  • getenforce
  • setenforce
  • Labels/Contexts
  • Checking contexts of files/directories or processes
  • SELinux booleans

파일 시스템 마운팅

  • Connecting USB drives to your system
  • Mounting a device
  • Unmounting
  • Encrypting drives with LUKS (for only Linux)
  • Encrypting drives for any OS using Veracrypt

네트워킹 명령어

  • Finding the IP address
  • Finding ARP table
  • ping command
  • Short note about DNS
  • /etc/hosts
  • /etc/resolv.conf
  • systemd-resolved controlled name resolution
  • resolvectl command
  • host command
  • dig command
  • ss command
  • traceroute command
  • tracepath command
  • Remote login to a computer using ssh tool
  • ssh key generation
  • ssh-copy-id
  • Stop and disable the sshd service
  • Disable password based login for ssh
  • How to find active (open) network connections from your computer?
  • To know about ports

리눅스 방화벽

  • Installation
  • Tables, chains and rules
  • filter table
  • nat table
  • iptables command
  • View the existing rules
  • Appending rules to INPUT chain
  • Flushing all rules
  • Example of a series of rules
  • Delete a rule based on rule number
  • Delete a rule directly
  • Saving the rules
  • A blog post from Major Hayden
  • Debugging firewall rules

그 밖의 것들

  • w command
  • How long is the system running?
  • Finding CPU time of a command
  • dmesg command
  • Setting up cron jobs
  • Finding out details about previous logins or system reboots

실습

vbox 또는 vagrant 등으로 격리 공간을 만들면 좋다.

  • copy paste
  • Find your user id
  • Creating softlinks
  • Basic vim usage
  • Adding a new user
  • Deleting an existing user
  • Finding the IP address of dgplug.org
  • Change the local timezone of the system
  • Add sudo access to an user

See also

Favorite site

References


  1. 44bits_-_linux-and-mac-command-line-survival-guide-for-beginner.pdf