Category Archives: Linux

Tcpdump Command in Linux

tcpdump is a command-line utility that you can manage to capture and examine network traffic going to and from your system. It is the most regularly used tool amongst network administrators for troubleshooting network issues and security testing.

Notwithstanding its name, with tcpdump, you can also catch non-TCP traffic such as UDP, ARP, or ICMP. The captured packets can be written to a file or standard output. One of the most critical features of the tcpdump command is its capacity to use filters and charge only the data you wish to analyze.

In this article, you will learn the basics of how to use the tcpdump command in Linux.

Installing tcpdump

tcpdump is installed by default on most Linux distributions and macOS. To check if the tcpdump command is available on your system type:

$ tcpdump --version

The output should look something like this:

Output:

tcpdump version 4.9.2

libpcap version 1.8.1

OpenSSL 1.1.1b 26 Feb 2019

If tcpdump is not present on your system, the command above will print “tcpdump: command not found.” You can easily install tcpdump using the package manager of your distro.

Installing tcpdump on Ubuntu and Debian

$ sudo apt update && sudo apt install tcpdump

Installing tcpdump on CentOS and Fedora

$ sudo yum install tcpdump

Installing tcpdump on Arch Linux

$ sudo pacman -S tcpdump

Capturing Packets with tcpdump

The general syntax for the tcpdump command is as follows:

tcpdump [options] [expression]

  • The command options allow you to control the behavior of the command.
  • The filter expression defines which packets will be captured.

Only root or user with sudo privileges can run tcpdump. If you try to run the command as an unprivileged user, you’ll get an error saying: “You don’t have permission to capture on that device.”

The most simple use case is to invoke tcpdump without any options and filters:

$ sudo tcpdump
Output:

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on ens3, link-type EN10MB (Ethernet), capture size 262144 bytes

15:47:24.248737 IP linuxize-host.ssh > desktop-machine.39196: Flags [P.], seq 201747193:201747301, ack 1226568763, win 402, options [nop,nop,TS val 1051794587 ecr 2679218230], length 108

15:47:24.248785 IP linuxize-host.ssh > desktop-machine.39196: Flags [P.], seq 108:144, ack 1, win 402, options [nop,nop,TS val 1051794587 ecr 2679218230], length 36

15:47:24.248828 IP linuxize-host.ssh > desktop-machine.39196: Flags [P.], seq 144:252, ack 1, win 402, options [nop,nop,TS val 1051794587 ecr 2679218230], length 108

... Long output suppressed

23116 packets captured

23300 packets received by filter

184 packets dropped by kernel

tcpdump will continue to capture packets and write to the standard output until it receives an interrupt signal. Use the Ctrl+C key combination to send an interrupt signal and stop the command.

For more verbose output, pass the -v option, or -vv for even more verbose output:

$ sudo tcpdump -vv

You can specify the number of packets to be captured using the -c option. For example, to capture only ten packets, you would type:

$ sudo tcpdump -c 10

After capturing the packets, tcpdump will stop.

When no interface is specified, tcpdump uses the first interface it finds and dumps all packets going through that interface.

Use the -D option to print a list of all available network interfaces that tcpdump can collect packets from:

$ sudo tcpdump -D

For each interface, the command prints the interface name, a short description, and an associated index (number):

 Output:

1.ens3 [Up, Running]

2.any (Pseudo-device that captures on all interfaces) [Up, Running]

3.lo [Up, Running, Loopback]

The output above shows that ens3 is the first interface found by tcpdump and used when no interface is provided to the command. The second interface any is a special device that allows you to capture all active interfaces.

To specify the interface you want to capture traffic, invoke the command with the -i option followed by the interface name or the associated index. For example, to capture all packets from all interfaces, you would specify any interface:

$ sudo tcpdump -i any

By default, tcpdump performs reverse DNS resolution on IP addresses and translates port numbers into names. Use the -n option to disable the translation:

$ sudo tcpdump -n

Skipping the DNS lookup avoids generating DNS traffic and makes the output more readable. It is recommended to use this option whenever you invoke tcpdump.

Instead of displaying the output on the screen, you can redirect it to a file using the redirection operators > and >>:

 $ sudo tcpdump -n -i any > file.out

You can also watch the data while saving it to a file using the tee command:

$ sudo tcpdump -n -l | tee file.out

The -l option in the command above tells tcpdump to make the output line buffered. When this option is not used, the output will not be written on the screen when a new line is generated.

Understanding the tcpdump Output

tcpdump outputs information for each captured packet on a new line. Each line includes a timestamp and information about that packet, depending on the protocol.

The typical format of a TCP protocol line is as follows:

[Timestamp] [Protocol] [Src IP].[Src Port] > [Dst IP].[Dst Port]: [Flags], [Seq], [Ack], [Win Size], [Options], [Data Length]

Let’s go field by field and explain the following line:

15:47:24.248737 IP 192.168.1.185.22 > 192.168.1.150.37445: Flags [P.], seq 201747193:201747301, ack 1226568763, win 402, options [nop,nop,TS val 1051794587 ecr 2679218230], length 108

  • 15:47:24.248737 – The timestamp of the captured packet is local and uses the following format: hours:minutes: seconds. Frac, where frac is fractions of a second since midnight.
  • IP – The packet protocol. In this case, IP means the Internet protocol version 4 (IPv4).
  • 192.168.1.185.22 – The source IP address and port, separated by a dot (.).
  • 192.168.1.150.37445 – The destination IP address and port, separated by a dot (.).
  • Flags [P.] – TCP Flags field. In this example, [P.] means Push Acknowledgment packet, which acknowledges the previous packet and sends data. Other typical flag field values are as follows:
    • [.] – ACK (Acknowledgment)
    • [S] – SYN (Start Connection)
    • [P] – PSH (Push Data)
    • [F] – FIN (Finish Connection)
    • [R] – RST (Reset Connection)
    • [S.] – SYN-ACK (SynAcK Packet)
  • seq 201747193:201747301 – The sequence number is in the first: last notation. It shows the number of data contained in the packet. Except for the first packet in the data stream where these numbers are absolute, all subsequent packets use as relative byte positions. In this example, the number is 201747193:201747301, meaning that this packet contains bytes 201747193 to 201747301 of the data stream. Use the -S option to print absolute sequence numbers.
  • Ack 1226568763 The acknowledgment number is the sequence number of the next data expected by the other end of this connection.
  • Win 402 – The window number is the number of available bytes in the receiving buffer.
  • options [nop,nop,TS val 1051794587 ecr 2679218230] – TCP options. or “no operation,” is padding used to make the TCP header multiple of 4 bytes. TS val is a TCP timestamp, and ecr stands for an echo reply. Visit the IANA documentation for more information about TCP options.
  • length 108 – The length of payload data

tcpdump Filters

When tcpdump is invoked with no filters, it captures all traffic and produces a tremendous output, making it very difficult to find and analyze the packets of interest.

Filters are one of the most powerful features of the tcpdump command. They since they allow you to capture only those packets matching the expression. For example, when troubleshooting issues related to a web server, you can use filters to obtain only the HTTP traffic.

tcpdump uses the Berkeley Packet Filter (BPF) syntax to filter the captured packets using various machining parameters such as protocols, source and destination IP addresses and ports, etc.

In this article, we’ll take a look at some of the most common filters. For a list of all available filters, check the pcap-filter manpage.

Filtering by Protocol

To restrict the capture to a particular protocol, specify the protocol as a filter. For example, to capture only the UDP traffic, you would run:

sudo tcpdump -n udp

Another way to define the protocol is to use the proto qualifier, followed by the protocol number. The following command will filter the protocol number 17 and produce the same result as the one above:

sudo tcpdump -n proto 17

For more information about the numbers, check the IP protocol numbers list.

Filtering by Host

To capture only packets related to a specific host, use the host qualifier:

$ sudo tcpdump -n host 192.168.1.185

The host can be either an IP address or a name.

You can also filter the output to a given IP range using the net qualifier. For example, to dump only packets related to 10.10.0.0/16, you would use:

$ sudo tcpdump -n net 10.10

Filtering by Port

To limit capture only to packets from or to a specific port, use the port qualifier. The command below captures packets related to the SSH (port 22) service by using this command:

$ sudo tcpdump -n port 23

The port range qualifier allows you to capture traffic in a range of ports:

sudo tcpdump -n port range 110-150

Filtering by Source and Destination

You can also filter packets based on the origin or target port or host using src, dst, src and dst, and src or dst qualifiers.

The following command captures coming packets from a host with IP 192.168.1.185:

sudo tcpdump -n src host 192.168.1.185

To find the traffic coming from any source to port 80, you would use:

sudo tcpdump -n dst port 80

Complex Filters

Filters can be mixed using the and (&&), or (||), and not (!) operators.

For example, to catch all HTTP traffic coming from a source IP address 192.168.1.185, you would use this command:

sudo tcpdump -n src 192.168.1.185 and tcp port 80

You can also use parentheses to group and create more complex filters:

$ sudo tcpdump -n 'host 192.168.1.185 and (tcp port 80 or tcp port 443)'

To avoid parsing errors when using special characters, enclose the filters inside single quotes.

Here is another example command to capture all traffic except SSH from a source IP address 192.168.1.185:

$ sudo tcpdump -n src 192.168.1.185 and not dst port 22

Packet Inspection

By default tcpdump, catches only the packet headers. However, sometimes you may need to examine the content of the packets.

tcpdump enables you to print the content of the packets in ASCII and HEX.

The -A option tells tcpdump to print each packet in ASCII and -x in HEX:

$ sudo tcpdump -n -A

To show the packet’s contents in both HEX and ASCII, use the -X option:

$ sudo tcpdump -n -X

Reading and Writing Captures to a File

Another useful feature of tcpdump is to write the packets to a file.

This is handy when you are taking a large number of packages or carrying packets for later analysis.

To start writing to a file, use the -w option followed by the output capture file:

$ sudo tcpdump -n -w data.pcap

This command up will save the capture to a file named data. pcap. You can name the file as you want, but it is a standard protocol to use the .pcap extension (packet capture).

When the -w option is used, the output is not represented on the screen. tcpdump writes raw packets and generates a binary file that cannot be read with a regular text editor.

To inspect the contents of the file, request tcpdump with the -r option:

$ sudo tcpdump -r data.pcap

If you need to run tcpdump in the background, add the ampersand symbol (&) at the command end.

The capture file can also be examined with other packet analyzer tools such as Wireshark.

When obtaining packets over a long period, you can allow file rotation. tcpdump enables you to generate new files and rotate the dump file on a defined time interval or fixed size. The following command will create up to ten 200MB files, named file.pcap0, file.pcap1, and so on: before overwriting older files.

$ sudo tcpdump -n -W 10 -C 200 -w /tmp/file.pcap

Once ten files are created, the older files will be overwritten.

Please take care that you should only run tcpdump only during troubleshooting issues.

If you need to start tcpdump at a particular time, you can use a cronjob. tcpdump does not have an alternative to exit after a given time. You can use the timeout command to stop tcpdump after any time. For example, to exit after 5 minutes, you would use:

$ sudo timeout 300 tcpdump -n -w data.pcap

Conclusion: 

To analyze and troubleshoot network related issues, the tcpdump command-line tool is used.

This article presented you with the basics of tcpdump usage and syntax. If you have any queries related to tcpdump, feel free to contact us.

Pwd Command in Linux (Current Working Directory)

Among those who work with Linux, the command’ pwd’ is very helpful that tells the directory you are in, starting from the root directory (/). For Linux newbies, who may get lost amid the wide variety of directories found on the command line, ‘pwd’ (Print Working Directory) comes to the rescue. ‘pwd ‘stands for ‘print working directory’ As you can tell, the command ‘pwd ‘prints where the user is currently at. It prints the current directory name, combined with the complete path, with the root folder listed first. This manual command is built into the shell and is available on most of the shells.

If both ‘-L ‘and ‘-P’ options are used, option ‘L ‘is taken into priority. If a choice isn’t specified at the prompt, pwd will only traverse symbolic links, i.e., take option -P into consideration. Using the pwd command, we will demonstrate how to identify your current working directory.

What is the working directory?

The working directory is that in which the user is currently working. When you are working in the command prompt each time, you are in a directory. The default directory in which a Linux system opens when it is first booted is a user’s home directory. Change directories by using the cd command to delete any file from the current working directory (root directory), you would type:

$ cd /tmp

If you have a customized shell prompt, the path to your current working directory may be displayed.

user@host:/tmp#

Copy

pwd Command

The pwd command is “print working directory.” It is one of the essential and most commonly used Linux commands. When this command is invoked, the complete path to the current working directory will be displayed. The /pwd command is a command introduced in most modern shells such as bash and zsh. The standalone/bin/pwd is not the same as the /bin/pwd executable. The type command lets you display all files containing the “pwd” string.

$ type -a pwd

pwd refers to the shell builtin.

pwd is /bin/pwd

From the output, you can see the built-in Bash function ‘pwd’ has priority over the Bash standalone program and is used whenever you enter ‘pwd.’ If you wish to use the /bin/pwd standalone executable, enter the full path you saved the binary file how to change your current directory.

To find out the current directory, type pwd in your terminal and press return.

$ pwd

The resulting outputs will look similar to this.

/home/linuxcent

The pwd command determines the path of the PWD environment variable. The final output will be the same if you write:

$ echo $PWD

/home/linuxcent

The pwd command accepts only two arguments:

  • -L (—logical) – Do not resolve symlinks.
  • -P (—physical) – Display the physical directory without any symbolic links.

If no passphrase is specified, pwd behaves as if the -L option is specified.

To illustrate the operation of the -P option, I will create a directory and symlink.

$ mkdir /tmp/directoryln

$ -s /tmp/directory /tmp/symlink

Now, if you want navigate to the /tmp/symlink directory and you type pwd in your terminal:

$ pwd

The output shows your current working directory: /tmp/symlink

If you run the same command using -P option: $ pwd -P

The command will print the directory to which the symlink points to: /tmp/directory

Conclusion

The working directory is the current directory that your terminal is in. The pwd command lets you know where you are right now. If you have any kind of issues or comments, we would be delighted to hear them.

Linux Tee Command with Examples

The tee command records from the regular input and writes both standard output and one or more files simultaneously. Tee is frequently used in sequence with other commands through piping.

In this article, we will cover the basics of working the tee command.

tee Command Syntax

The syntax for the tee command is as below:

tee [OPTIONS] [FILE]

Where OPTIONS can be:

    • -a (–append) – Do not overwrite the files; instead, affix to the given files.
    • -i (–ignore-interrupts) – Ignore interrupt signals.
    • Use tee –help to view all available options.
  • FILE_NAMES – One or more files. Each of which the output data is written to

 How to Use the tee Command

The tee command’s most basic method represents the standard output (stdout) of a program and writing it in a file.

In the below example, we use the df command to get information about the available disk space on the file system. The output is piped to the tee command, expressing the result to the terminal, and writes the same information to the file disk_usage.txt.

$ df -h | tee disk_usage.txt

Output:

Filesystem      Size  Used Avail Use% Mounted on

dev             7.8G     0  7.8G   0% /dev

run             7.9G  1.8M  7.9G   1% /run

/dev/nvme0n1p3  212G  159G   43G  79% /

tmpfs           7.9G  357M  7.5G   5% /dev/shm

tmpfs           7.9G     0  7.9G   0% /sys/fs/cgroup

tmpfs           7.9G   15M  7.9G   1% /tmp

/dev/nvme0n1p1  511M  107M  405M  21% /boot

/dev/sda1       459G  165G  271G  38% /data

tmpfs           1.6G   16K  1.6G   1% /run/user/120

Write to Multiple File

By using the tee command, you can write to multiple files also. To do so, define a list of files separated by space as arguments:

$ command | tee file1.out file2.out file3.out

Append to File

By default, the tee command will overwrite the specified file. Use the -a (–append) option to append the output to the file :

$ command | tee -a file.out

Ignore Interrupt

To ignore interrupts use the -i (–ignore-interrupts) option. This is useful when stopping the command during execution with CTRL+C and want the tee to exit gracefully.

$ command | tee -i file.out

Hide the Output

If you don’t want the tee to write to the standard output, you can redirect it to /dev/null:

$ command | tee file.out >/dev/null

Using tee in Conjunction with sudo

Let us say you need to write to a file owned by root as a sudo user. The following command will fail because the redirection of the output is not operated by sudo. The redirection is executed as the unprivileged user.

$ sudo echo "newline" > /etc/file.conf

The output will look something like this:

Output:

bash: /etc/file.conf: Permission denied

Prepend sudo before the tee command as shown below:

$ echo "newline" | sudo tee -a /etc/file.conf

the tee will receive the echo command output, upgrade to sudo permissions and then write to the file.

Using tee in combination with sudo enables you to write to files owned by other users.

Conclusion:

If you want to read from standard input and writes it to standard output and one or more files, then the tee command is used.

How to Rename Files and Directories in Linux

Renaming documents is one of the most common tasks you regularly want to carry out on a Linux system. You can rename documents by use of a GUI document manager or through the command-line terminal.

Renaming a single document is not hard however renaming more than one document at once may be a challenge, especially for customers who’re new to Linux.

In this tutorial, we will display you the way to use the mv and rename instructions to rename documents and directories.

Renaming Files with the mv Command

The mv command (short of circulate) is used to rename or circulate documents from one region to another.

Syntax used for the mv command is as follows:

mv [OPTIONS] source destination

Copy

The source may be one or more documents, or directories and destination may be a single document or directory.

If you specify more than one document as source, the destination should be a directory. In such cases, the source documents are transferred to the targeted directory.

If you specify a single document as source, and the destination target is a current directory, then the document is moved to the required directory.

To rename a document, you want to specify a single document as a source and a single document as a destination target.

For instance, to rename the document file1.txt as file2.txt you’ll run:

mv file1.txt file2.txt

Renaming more than one documents with the mv Command

The mv command can rename only one command at a time effectively  , however it may be used together with different commands which include find or inside bash for or while loops to rename more than one document.

The following instance indicates the way to use the Bash for loop to rename all .html documents in the present directory by converting the .html extension to .php.

for f in *.html; do

    mv -- "$f" "$f%.html">.php"

done

Copy

Let’s examine the code line by line:

The first line creates a for loop and iterates through a listing of all documents edging with .html.

The 2d line applies to every object of the listing and moves the document to a new one replacing .html with .php.

The element ${document%.html} is by use of the shell parameter expansion to get rid of the .html element from the filename.

done suggests the end of the loop segment.

Here is an example by use of mv in combination with find to gain similar above:

find . -depth -name "*.html" -exec sh -c 'f=""; mv -- "$f" "$.php"' ;

" xss="removed">Copy

The find command is passing all documents ending with .html in the present directory to mv one at a time using the -exec option. The string is the name of the document presently being processed.

As you could see from the examples above, renaming more than one document using the mv command isn’t an easy project because it requires a great amount of Bash scripting.

Renaming Files with the rename Command

The rename command is used to rename more than one document. This command is extra advanced than mv because it requires a few fundamental understanding of regular expressions. There are  variations of the rename command with unique syntax.

Here in this tutorial, we are going to use  the Perl version of the rename command. If you don’t have this version set up on your system, you could effortlessly install it by using the package manager of your distribution.

Install rename on Ubuntu and Debian

sudo apt install rename

Install rename on CentOS and Fedora

sudo yum install prename

Install rename on Arch Linux

yay perl-rename ## or yaourt -S perl-rename

The syntax for the rename command is as follows:

rename [OPTIONS] perlexpr documents

Copy

The rename command will rename the documents in step with the required perlexpr regular expression. You can study more about perl regular expressions here .

The following instance will change all documents with the extension .html to .php:

rename 's/.html/.php/' *.html

You can use the -n choice to print names of documents to be renamed, without renaming them.

rename -n 's/.html/.php/' *.html

The output will look something like this:

rename(file-90.html, file-90.php)

rename(file-91.html, file-91.php)

rename(file-92.html, file-92.php)

rename(file-93.html, file-93.php)

rename(file-94.html, file-94.php)

By default, the rename command doesn’t overwrite present documents. Pass the -f choice to permit present documents to be overwritten:

rename -f 's/.html/.php/' *.html

Below are some more common examples of how to use the rename command:

Replace areas in filenames with underscores

rename 'y/ /_/' *

Convert filenames to lowercase

rename 'y/A-Z/a-z/' *

Convert filenames to uppercase

rename 'y/a-z/A-Z/' *

Conclusion

Here we have shown you the way to use the mv and rename instructions to rename documents.

There also are different instructions to rename documents in Linux, which include mmv. New Linux customers who’re intimidated by the command line can use GUI batch rename equipment which include the Métamorphose .

If you’ve got any questions or feedback, Just feel free to leave a comment.

How to Rename Directories in Linux

Renaming directories is one of the most primary operations you frequently want to perform on a Linux system. You can rename directories from the GUI document manager with more than one click or the use of the command-line terminal.

This article explains a way to rename directories by the use of the command-line.

Renaming Directories

In Linux and Unix-like running systems, you may use the mv (short of move) command to rename or circulate documents and directories from one place to any other.

The syntax of the mv command for shifting directories is as follows:

mv [OPTIONS] source destination

For instance, to rename the listing dir1as dir2 you will run:

mv dir1 dir2

When renaming directories, you need to specify precisely arguments to the mv command. The first argument is the present name of the directory, and the second argument is the new name.

It is essential to notice that if dir2 already exists, dir1 is moved to the dir2 directory.

To rename a listing that isn’t in the present  running directory, you want to specify both absolutely the or relative path:

mv /home/user/dir1 /home/user/dir2

Renaming Multiple Directories

It is easy  to rename a single directory challenge, however renaming more than one directories straight away may be a challenge, specifically for new Linux users.

Renaming more than one directories straight away is not often needed.

Renaming Multiple Directories with mv

The mv command can rename the handiest one report at a time. However, it may be used along with different instructions such as find or interior loops to rename more than one document straight away.

Here is an example displaying a way to use the Bash for loop to append the present date to the names of all directories in the present operating directory:

for d in *; do

  if [ -d "$d" ]; then

    mv -- "$d" "$d">_$(date +%Y%m%d)"

  fi

done

Let’s examine the code line through line:

  • The first line creates a loop and iterates by a listing of all documents.
  • The 2nd line examines if the document is a directory.
  • The 3rd line appends the present date to every directory.

Here is an answer to the same challenge the usage of mv in aggregate with find:

find . -mindepth 1 -prune -type d -exec sh -c 'd=""; mv -- "$d" "$_$(date +%Y%m%d)"' ;

The find command is passing all directories to mv one after the other the use of the -exec alternative. The string  is the name of the listing presently being processed.

As you may see from the examples, renaming more than one directories with mv isn’t an easy challenge because it requires a very good understanding of Bash scripting.

Renaming more than one directories with rename

The rename command is used to rename more than one document and directories. This command is superior to mv because it calls for a fundamental understanding of regular expressions.

There are  variations of the rename command with unique syntax. We use the Perl version of the rename command. The documents are renamed in step with the given perl ordinary expression .

The following instance suggests a way to update areas in the names of all directories in the present  operating listing with underscores:

find . -mindepth 1 -prune -type d | rename 'y/ /_/'

To be on the safe side, pass the -n alternative to rename to print names of the directories to be renamed without renaming them.

Here is any other instance displaying a way to convert listing names to lowercase:

find . -mindepth 1 -prune -type d | rename 'y/A-Z/a-z/'

Conclusion

We’ve proven you a way to use the mv instructions to rename directories.

If you’ve got  any questions or feedback, just  leave a comment.

How to Change user password in Linux

This write-up is being provided to guide you through the procedure of changing your own user password in the application named Linux.

One interesting thing is that you can even forcefully make users change the password used for a login in Linux and that will be discussed here.

The procedural steps that are being provided here in this guide can also be used in other applications like Ubuntu, Debian, and CentOS.

Putting in the required changes in your already existing Password

If you wish to change the login details specifically the user password for your user login you will have to provide the command mentioned below with no other tit- bits following,

 $ passwd

Changing password for linuxize.

(Current) UNIX password:

Enter new UNIX password:

Retype new UNIX password:

passwd: password updated successfully

Once you put in the command $ password, a screen with the text mentioned above will pop up asking you the below-mentioned questions,

  • What is your current password?
  • What is the new password? Entering new password
  • Mention the new password again

Following the procedure above you will be easily able to bring the required changes in your user password.

Always remember that while filling the answers to the above questions you will not find them being showcased on the screen and front and that is totally normal.

Finally, when you try logging in to your system you will find that your new password has been generated and you can login using the freshly brewed user password.

How to facilitate change in password of another user?

It is not a factor to be surprised with as it has been already acquainted with you that access is granted to only the user who is rooted to the account or a user who has a sudo connection to the account will be provided the required privilege for making changes in the refreshed password for the account. The process that will be mentioned below is being mentioned keeping in mind that you are someone with the privilege of being connected to the account being handled as a sudo user.

When you are designing a change in a password for a different account you will have to type in the password command and entailing it should be the username of the account needing password changes. If we consider a password change in the account named lineux then the command followed will be,

$ sudo password lineux

Next step will be you coaxed into filling in a new password and confirming it:

Output

Enter new UNIX password:

Retype new UNIX password:

Once you are at the end of the procedure you will be faced with a command exactly like below,

Output

$ Password: password updated successfully

How can a user be pressured to change password at next login?

It has been set by default in many applications that the password set by a user for login details does not ever expire. Now a user can be pressurized to change the password when logging in for another time by undergoing a few commands while on the portal for Linux. The command that is provided for expiration of the old password is entailed by the name of the user:

$ sudo password --expire linuxize

Once you squeeze in the command mentioned above you will find the already existing password turning out to be immediately expired.

This procedure of immediate expiration of user’s earlier or old password will put pressure on the user to finally have the user password changed because of a message that will pop up when they log in again:

$ ssh linuxize@192.168.121.209
OUTPUT

WARNING: Your password has expired.

You must change your password now and login again!

Changing password for linuxize.

(Current) UNIX password:

Enter new UNIX password:

Retype new UNIX password:

password: password updated successfully

Connection to 192.168.121.209 closed.

You will see the connection being closed once the newly made and refreshed password is set by the user.

Conclusion

The write-up that was provided above was to help people with being able to bring out the required changes in their user password in a specific application named Linux.

The guidance that you got in the above right upper was how can you bring out the specific changes in the password and how can someone set an expiry limit to their password.

How to Move Files and Directories in Linux with mv Command

Mv is one of the Linux commands that must be learned. Mv stands for transferring files or directories from one place to another and is primarily used for moving them.

The syntax is similar to the cp command in Linux, but there is a fundamental distinction between these two commands.

The cp command can be called a copy-paste method. The mv instruction, while the cut-paste process can be equivalent.

This means the file or directory is transferred to a different location using the mv command on a file or directory. The source file/directory is no longer there.

mv Command How can you use it?

The mv(transfer) command will move files and directories from place to place. It is also ideal for renaming files and folders.

mv [OPTIONS] source destination
  • The source may be a single file or directory in the above command. The destination is always a single file or directory.
  • When we have several files or folders, it is always a directory destination. Both source files and folders, in this case, are transferred to the directory of the destination. When we have a single source file and a destination directory, the file is transferred to the target folder.
  • One crucial point is that when we transfer files and folders, we will obtain permission refused if we don’t have written permissions both for the source and destination.

mv mv image.png PNG

The current working directory transfers the image.png file to the PNG folder in the current work directory.

The original filename is renamed as the destination file if the destination directory isn’t present.

The image.png file is called PNG if it is not present in the existing working directory.

Transfer several folders and files

Specify the files you want to transfer as the source to move several files and folders. For instance, you would type to transfer file1 and file2 to the directory dir1:

mv File1 File2 dir1

You can also use pattern matching with the mv button. For, e.g., you would like to transfer all pdf files to the ~/Documents directory from the existing directory:

mv *.pdf ~/Documents

Drag a folder inside a separate folder with the mv command
We may use the following command to transfer a directory within another directory:

mv mv abcd abcd_New

It passes the abcd directory to another abcd New directory in our existing working directory.
The source directory is reset to the destination directory if the destination directory is not present.

How to transfer several files to another directory:
All source files and the path to the target directory are defined to transfer several files within a different directory.

mv <source(source)file path 3>

Our current working directory transfers the files 1.jpg, 2.jpg, and 2.png into a separate image directory in the current working directory.

Within a directory, we can transfer multiple files using regular expressions that match the filenames to be transferred.

Mv *jpg JPG

All files with mv backup:
We use the -b option to back up current files. It is intended to create a backup of the overwritten ~ character file with the attached backup file name.

mv -b a.jpg 1.jpg

ls

File rename

The mv command is essential for file renaming. The source file shall be renamed to the target file if you are using an mv command and specify a file name in your destination.
mv source_file target directory/target file

Suppose the target file does not exist in the target directory. In that case, the target file will be generated in the above case.

However, it overwrites without asking if the target file already exists. This means that with the source file’s content, the content of the current target file will be modified.

OverRight file when moving:

The existing file contents would be automatically overridden if a file is transferred and there is already a file with the same name.

In all cases, this might not be optimal. The overwriting scenario is available in a variety of ways.
You may use the -n option to avoid overwriting existing files. So mv will not overwrite the current file.

mv -n source_file target_directory

Forced movement of the file:

If you are shielded from writing the target file, you will be required to check until the target file is overwritten.

mv file1.txt target
Mv: substitute 'target/file1.txt' for 0444 overriding (r—r—r—) mode?

You may use the force option -f to bypass this prompt and overwrite the file immediately.

mv -f File1.txt target

Fdisk Command in Linux (Create Disk Partitions)

Whenever you install a new SSD or hard disk, the first thing you have to do is to partition it. A drive requires to have at least one partition before you can format it and store files on it.

In Linux, there are many tools that you can use to generate partitions, with fdisk being the most usually used one.

In this article, let us see about the fdisk command.

fdisk is a menu-driven command-line utility that enables you to design and manipulate partition tables on a hard disk.

Be aware that fdisk is a severe tool and should be used with absolute caution. Only root or users with sudo privileges can manage the partition tables.

List Partitions

To list the partition table of a project, invoke the fdisk command with the -l option, followed by the device name. For example, to list the /dev/sda partition table and partitions, you would run:

$ fdisk -l /dev/sda

When no device is given as an argument, fdisk will print partition tables of all devices listed in the /proc/partitions file:

$ fdisk -l
Output:

Disk /dev/nvme0n1: 232.91 GiB, 250059350016 bytes, 488397168 sectors

Disk model: Samsung SSD 960 EVO 250GB

Units: sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

Disklabel type: gpt

Disk identifier: 6907D1B3-B3AB-7E43-AD20-0707A656A1B5

Device            Start       End   Sectors   Size Type

/dev/nvme0n1p1     2048   1050623   1048576   512M EFI System

/dev/nvme0n1p2  1050624  34605055  33554432    16G Linux swap

/dev/nvme0n1p3 34605056 488397134 453792079 216.4G Linux filesystem

Disk /dev/sda: 465.78 GiB, 500107862016 bytes, 976773168 sectors

Disk model: WDC WD5000AAKS-0

Units: sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 512 bytes

I/O size (minimum/optimal): 512 bytes / 512 bytes

Disklabel type: dos

Disk identifier: 0x0001cca3

Device     Boot Start       End   Sectors   Size Id Type

/dev/sda1        2048 976771071 976769024 465.8G 83 Linux

The output over shows the current partition tables of all devices that are connected to your system. Generally, SATA device signs follow the pattern /dev/sd[a-z], while NVMe device signs have the following pattern /dev/nvme[1-9]n[1-9].

Creating Partition Table

To start partitioning the drive, run fdisk with the device name. In this example, we will work on /dev/sdb:

fdisk /dev/sdb

The command prompt will vary, and the fdisk dialogue where you can type in commands will open:

Welcome to fdisk (util-linux 2.34).

Corrections will remain in memory only until you decide to write them.

Be careful before using the write command.

Command (m for help):
Corrections you make to the partition table won't affect you until you write them with the w command. You can exit the fdisk dialogue without saving the changes using the q command.

To get a list of all available commands, enter m

(command m for help) m

Fdisk Command in Linux

If you are partitioning a new drive, you need to create a partition table before starting to create partitions. Skip this step if the device already has a partition table and you want to keep it.

fdisk supports several partitioning schemes. MBR and GPT are the two most popular partition scheme standards that store the partitioning information on a drive differently. GPT is a newer standard allowing and has many advantages over MBR. The main points to consider when choosing what partitioning standard to use:

  • Use MBR to boot the disk in legacy BIOS mode.
  • Use GPT to boot the disk in UEFI mode.
  • The MBR standard supports creating a disk partition up to 2 TiB. If you have a disk of 2 TiB or larger, use GPT.
  • MBR has a limit of 4 primary partitions. If you need more sections, one of the preceding sections can be set as an extended partition and hold additional logical partitions. With GPT, you can have up to 128 sections. GPT doesn’t support extended or logical partitions.

In this example, we will use a GPT partition table.

Enter g to create a new empty GPT partition table:

command (m for help) g

Output:

Created a new GPT disklabel (GUID: 4649EE36-3013-214E-961C-51A9187A7503).

The next step is to create the new partitions.

We will create two partitions. The first one with a size of 100 GiB, and the second one will take the rest of the disk space.

Run the n command to create a new partition:

command (m for help) n

You’ll be prompted to enter the partition number. Hit “Enter” to use the default value (1):

Partition number (1-128, default 1):

Next, the command will ask you to specify the first sector. Generally, it is always recommended to use the default values for the first value. Hit “Enter” to use the default value (2048):

First sector (2048-500118158, default 2048):

On the next prompt, you’ll need to enter the last sector. You can use an absolute value for the previous sector or relative importance to the start sector, using the + symbol following the partition size. The size can be specified in kibibytes (K), mebibytes (M), gibibytes (G), tebibytes (T), or pebibytes (P).

Enter +100G to set the partition size to 100 GiB:

Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-500118158, default 500118158): +100G
Output:

Created a new partition 1 of type' Linux filesystem' and size 100 GiB.

By default, the new partition type is set to “Linux filesystem,” which should be sufficient for most cases if you want to change the type, press l to get a list of partition types and then press t to change the style.

Let’s create the second partition that will take the rest of the disk space:

command (m for help) n
Partition number (2-128, default 2):

First sector (209717248-625142414, default 209717248):

Last sector, +/-sectors or +/-size{K,M,G,T,P} (209717248-625142414, default 625142414):

Once done creating partitions, use the p command to display the new partition table:

command (m for help) p

Disk /dev/sdb: 298.9 GiB, 320072933376 bytes, 625142448 sectors

Disk model: nal USB 3.0

Units: sectors of 1 * 512 = 512 bytes

Sector size (logical/physical): 512 bytes / 4096 bytes

I/O size (minimum/optimal): 4096 bytes / 4096 bytes

Disklabel type: gpt

Disk identifier: F8365250-AF58-F74E-B592-D56E3A5DEED1

Device Start End Sectors Size Type

/dev/sdb1 2048 209717247 209715200 100G Linux filesystem

/dev/sdb2 209717248 625142414 415425167 198.1G Linux filesystem
If you want to delete a partition, use the d command.

Save the changes by running the w command:

command (m for help) p

The command will write the table to disk and exit the fdisk menu.

Output:

The partition table has been altered.

Calling ioctl() to re-read partition table.

Syncing disks.

The kernel will read the device partition table without the need to reboot the system.

Activating the Partitions

Now that the partitions have been created, the next step is to format the partitions and mount them to the system’s directory tree.

We’ll format both partitions to ext4:

sudo mkfs.ext4 -F /dev/sdb1sudo mkfs.ext4 -F /dev/sdb2

mke2fs 1.45.5 (07-Jan-2020)

Creating filesystem with 51928145 4k blocks and 12984320 inodes

Filesystem UUID: 63a3457e-c3a1-43f4-a0e6-01a7dbe7dfed

Superblock backups stored on blocks:

32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632, 2654208,

4096000, 7962624, 11239424, 20480000, 23887872

Allocating group tables: done

Writing inode tables: done

Creating journal (262144 blocks): done

Writing superblocks and filesystem accounting information: done

We will mount the partitions to /mnt/audio and /mnt/video directories in this example.

Create the mount points with mkdir :

sudo mkdir -p /mnt/audio /mnt/video

Mount the new partition:

sudo mount /dev/sdb1 /mnt/audio
sudo mount /dev/sdb2 /mnt/video

Partitions will stay mounted until you unmount it or shut down the machine. To automatically mount a partition when your Linux system starts up, define the mount in the /etc/fstab file.

That’s it! You can now use the new partitions to store your files.
Conclusion
fdisk is a command-line tool for creating partition schemes. For more information about the fdisk command, type man fdisk in your terminal.

Chown Command in Linux (File Ownership)

If you want to change the user and/or group ownership of a given file, directory, or symbolic link, the chown command is used. So in this article, we will show you how to use the chown command through practical examples.

Let us see How to Use chown.

Before moving into how to use the chown command, let’s begin by examining the basic syntax.

The chown command expressions take the subsequent form:

chown [OPTIONS] USER[:GROUP] FILE(s)

USER is nothing but the user name or the user ID (UID) of the new owner. The name of the group ID (GID) or the new group is GROUP. The name of one or more directories, files, or links is FILE(s). Remember, always numeric IDs should be prefixed with the + symbol.

  • USER – If only the user is defined, the defined user will grow the given file owner, the group ownership is not changed.
  • USER: – When the username is succeeded by a colon: and the group name is not given, the user will become the owner of the files, and the files group ownership is transferred to the user’s login group.
  • USER: GROUP – If both the group and the user are defined (with no space between them), the user ownership of the files is transferred to the given user, and the group ownership is transferred to the given group.
  • GROUP – If the User is canceled and the group is prefixed with a colon, only the files’ group ownership is transferred to the given group.
  • : If only a colon: is given, without defining the user and the group, no change is made in it.

By default, on success, chown doesn’t give any output and returns zero.

To find out who holds a file or what group the file refers to, use the ls -l command:

$ ls -l filename.txt
Output:

-rw-r--r-- 12 linuxize users 12.0K Apr 8 20:51 filename.txt

Regular users can replace the filegroup only if they own the file and only to a group they are a member of. Administrative users can replace the group ownership of all files.

How to Replace the Owner of a File

If you want to replace the owner of a file, then use the chown command succeeded by the user name of the new owner and the target file as an argument:

chown USER FILE

For example, the subsequent command will transfer the ownership of a file named file1 to a new owner named linuxize:

$ chown linuxize file1

To transfer the ownership of multiple files or directories, define them as a space-separated list. The command below turns the ownership of a file named file1 and directory dir1 to a new owner named linuxize:

$ chown linuxize file1 dir1

For example, the subsequent command will transfer the ownership of a file named file1 to a new owner named linuxize:

$ chown linuxize file1

To transfer the ownership of multiple files or directories, specify them as a space-separated list. The command following transfers the ownership of a directory with name dir1 and a file with name file1 to a new owner named linuxize:

$ chown linuxize file1 dir1

The alternatively used for the username is the numeric user ID (UID). The following example will transfer the ownership of a file named file2 to a new owner with a UID of 1000:

$ chown 1000 file2

If a numeric owner survives as a user name, then the ownership will be transferred to the user name. To bypass this, prefix the ID with +:

$ chown 1000 file2

How to Replace the Owner and Group of a File

If you want to replace both the owner and the group of a file, use the chown command supported by the new owner and group separated by a colon (:) with no intermediary spaces and the target file.

$ chown USER: GROUP FILE

The subsequent command will transfer the ownership of a file named file1 to a new owner named linuxize and group users:

$ chown linuxize: users file1

If you cancel the group name after the colon (:) the group of the file is replaced to the specified user’s login group:chown linuxize: file1

How to Replace the Group of a File

To replace only the group of a file, use the chown command followed by a colon (:) and the new group name (with no space between them) and the target file as an argument:

$ chown: GROUP FILE

The subsequent command will replace the owning group of a file named file1 to www-data:

$ chown :www-data file1

Another command that you can use to replace the group ownership of files is chgrp.

How to Replace Symbolic Links Ownership

When the recursive alternative is not used, the chown command replaces the group ownership of the files to which the symlinks point, not the symbolic links themselves.

For example, if you try to replace the owner and the group of the symbolic link symlink1 that points to /var/www/file1, chown will change the ownership of the file or directory the symlink points to:

$ chown www-data: symlink1

The possibilities are that instead of changing the target ownership, you will get an error “cannot dereference ‘symlink1’: Permission denied”.

The error happens because, by default on most Linux distributions, symlinks are protected, and you cannot work on target files. This option is defined in /proc/sys/fs/protected_symlinks. One means enabled, and zero means disabled. We suggest not to disable the symlink protection.

To replace the group ownership of the symlink itself, use the -h option:

$ chown -h www-data symlink1

How to Recursively Replace the File Ownership

To recursively run on all files and directories under the given directory, use the -R (–recursive) alternative:

$ chown -R USER: GROUP DIRECTORY

The following example will transfer the ownership of all files and subdirectories under the /var/www directory to a new owner and group named www-data:

$ chown -R www-data: /var/www

If the directory contains symbolic links, pass the -h option:

$ chown -hR www-data: /var/www

Other alternatives that can be used when recursively replacing the directory ownership are -H and -L.

If the argument passed to the chown command is a symbolic link pointing to a directory, the -H option will create the command to cross it. -L tells chown to cross each symbolic link to a guide that is found. Usually, it would be best to use these choices because you might mess up your system or perform a security risk.

Using a Reference File

The -- reference = ref_file option enables you to change the user and group ownership of given files to be the same as those of the detailed reference file (ref_file). Chown will use the target file user and group; if the reference file is a symbolic link.

$ chown --reference=REF_FILE FILE

For instance, the subsequent command will allow the user and group ownership of the file1 to file2

$ chown --reference=file1 file2

Conclusion

The chown is a Linux/UNIX command-line service for developing the file’s user and/or group ownership.

To discover more about the chown command, visit the chown man page or type man chown in your terminal. If you have any questions or feedback, please leave a comment below or contact us directly.