I have tried these three DEs#

Gnome

KDE

XFCE

First time trying Gnome with Ubuntu (downloaded ISO from website and install~), it’s so pretty and most compatible with my devices, smoothing experience aka Memory waster
I had decided to move to Debian KDE Plasma (after watching the comparison video of some guys on Youtube), which was overwhelming with the ability to customize KDE features, and it’s more lightweight than Gnome xD
XFCE seems to fit with my X220 (4GB, 128GB 2.5inch SSD, i5 2th) but it lacks the functions that I need

[Update: 20 June 24]: Seem i have fall in love with the ricing process, i’m using bspwm and i3 now :) should i move to Arch with Hyperland xD

[Update: 24 June 24]: Back to using Gnome Debian (there some issue with my KDE + bspwm), but another session still bspwm xD

https://github.com/lcaohoanq/dotfiles

[Update 30 June 24]: I have moved to Arch with Hyprland, my first time using Arch, and it’s so fun to rice my system xD

https://github.com/lcaohoanq/hypr-arch-dotfiles/

Life seem more tough when learning, using Linux but after a long time, 2 years using, fail, break, reinstall many time…every moments worth it, i really love Linux and it became my daily driver now.

OSS (Open Source Software)#

OSS is software with source code that anyone can inspect, modify, and enhance
Many famous internet backbones tools:

Many many many tools are open source now :)

Alt text

Linux History#

Alt text

1984: The GNU Project and the Free Software Foundation
- Create open source version of UNIX utilities
- Create the General Public License (GPL): Software license enforcing open source principles
1991: Linus Tovarlds
- Creates open source, UNIX-like kernel, released under the GPL
- Ports some GNU utilities, solicits assistance online
Today:
- Linux kernel + GNU utilities = complete, open source, UNIX like operating system
  - Packaged for targeted audiences as distributions
Linux Kernel Repository: https://github.com/torvalds/linux, i really want to have a chance to contribute to this repo

Linux Principles#

Everything is a file (Include Hardware)
Small Single purpose Programs
Ability to chain programs together for complex operations
Avoid Captive User Interface
Configuration data stored in a text file

Alt text

Why Linux?#

Open source
Community Support
Support Wide Variaty of Hardware
Customization
Most Servers runs on Linux
Automation
Security (debatable topic, depend on you)

Architecture of Linux#

Linux Kernel read, understand the hardware CPU, RAM, pass signal to Shell (Bash, Zsh, Fish,…)

Popular Linux Distributions (distros)#

List of Linux Distributions: https://en.wikipedia.org/wiki/List_of_Linux_distributions

Alt text

Desktop
- Ubuntu
- Mint
- Arch
- Fedora
- Debian
- OpenSUSE
Server
- RHEL (Red Hat Enterprise Linux): most stable, secured, not open source
- Ubuntu Server
- CentOS
- SUSE Enterprise Linux
Most used Linux distros currently in IT industry
- RPM based or .rpm: RHEL, Centos, Oracle Linux
  - Example: Google chrome software
  - Package name: google-chrome-stable-57.0.2987.133-1.x86_64.rpm
  - Installation: rpm -ivh google-chrome-stable_current_amd64.rpm
- Debian base or .deb: Ubuntu server, Kali Linux
  - Example: Google chrome software
  - Package name: google-chrome-stable_current_amd64.deb
  - Installation: dpkg -i google-chrome-stable_current_amd64.deb

So sánh các distro phổ biến, Release model#

Distro

Comparison table of popular Linux distributions#

Distro	Base / libc	Release model	Điểm mạnh	Đánh đổi	Hợp dùng cho	Đánh giá nhanh
Debian 12 (Bookworm)	glibc	Fixed	Ổn định, ít drama, LXC mượt, doc mạnh	Tool không quá mới	Infra lâu dài, DB, Jenkins, SonarQube. Service “chạy là chạy mãi”	Default số 1
Ubuntu 22.04 (Jammy)	glibc	LTS	Tool mới hơn Debian, guide nhiều, Canonical support tốt	Hơi “nặng tay”	App layer, CI/CD, dev	Rất an toàn
Ubuntu 24.04 (Noble)	glibc	LTS (mới)	Kernel & tool rất mới	Chưa đủ thời gian kiểm chứng độ lì	Lab, non-critical	Dùng thận trọng
Debian 13 (Trixie)	glibc	Testing branch	Cân bằng mới & ổn	Package mới hơn Debian 12, behavior có thể đổi	Test upgrade, lab	Không prod lâu dài
Alpine 3.22	musl	Rolling nhẹ, siêu minimal (~4mb)	Siêu nhẹ, RAM thấp, boot nhanh	Debug khó, binary compatibility thấp, không hợp với các app phức tạp	Proxy, sidecar, agent	Nhẹ, gắt, cực đoan
Rocky Linux 9/10	glibc	Clone RHEL, fixed lâu, update chậm nhưng chắc	Chuẩn enterprise, rất lì	Tool cũ, dev chậm	DB, middleware, prod kiểu corp	Enterprise vibe
AlmaLinux 9/10	glibc	Fixed lâu	Như Rocky nhưng mềm hơn	Gần như giống Rocky	Enterprise / prod	Gu cá nhân
CentOS Stream 9	glibc	Ở giữa trời đất (Fedora - RHEL), Rolling nhẹ	Thấy trước tương lai RHEL	Không hợp hệ thống cần predictability	Lab, học enterprise	Không prod
Fedora 42	glibc	Rolling nhanh	Công nghệ mới nhất	Lifecycle ngắn, dễ gãy	Test infra, học tech mới	Không lâu dài
openSUSE Leap 15.6	glibc	Fixed	Rất kỷ luật, sạch	Ít guide, ít cộng đồng	Người thích hệ chuẩn	Kén người
Gentoo (OpenRC)	glibc	Rolling (source)	Compile từ source, Control tuyệt đối	Tốn thời gian, mệt	Hiểu Linux rất sâu, tối ưu theo CPU	Hành xác, mất thời gian, vận hành server khổ
Devuan 5	glibc	Fixed	Debian Không systemd, sysvinit / openrc	Ít lý do dùng	Anti-systemd, nhẹ hơn chút	Có lý do rõ
Arch Linux	glibc	Rolling (fast)	Mới nhất, AUR	Dễ gãy, tốn công	Học Linux sâu, power user	Không ổn định

Some questions worth thinking about before deciding on a distribution include#

What is the main function of the system (server or desktop)?
What types of packages are important to the organization? For example, web server, word processing, etc.
How much storage space is required, and how much is available? For example, when installing Linux on an embedded device, space is usually constrained.
How often are packages updated?
How long is the support cycle for each release? For example, LTS releases have long-term support.
Do you need kernel customization from the vendor or a third party?
What hardware are you running on? For example, it might be X86, RISC-V, ARM, PPC, etc.
Do you need long-term stability? Or can you accept (or need) a more volatile cutting-edge system running the latest software versions?

Release model: Rolling releases và Fixed release#

Khi chọn distro Linux, một trong những khác biệt quan trọng nhất là mô hình phát hành (release model).
Nó quyết định việc update có “sướng” hay “đau”, và hệ thống ổn định đến mức nào.

Release Model

Rolling release là gì?#

Rolling release cập nhật liên tục.
Không có “phiên bản lớn” theo năm — chỉ có update đều đều, không ngừng nghỉ.

Ưu điểm

Luôn có phiên bản mới nhất của kernel, tool, library
Trải nghiệm công nghệ mới rất nhanh

Đánh đổi

Update có thể làm gãy hệ thống
Dễ gặp lỗi incompatible, đổi config, đổi ABI

Ví dụ điển hình: Arch Linux, một ngày đẹp trời bạn chạy:

1
pacman -Syu

Ngày hôm sau có thể gặp:

nginx báo config deprecated
openssl bump version
Service fail vì lib đổi ABI (Application Binary Interface)

Arch không hứa hẹn stability dài hạn. Arch buộc user phải hiểu hệ thống và tự sửa khi gãy. Update mà không đọc Arch Linux News → xác định ăn hành.

Fixed release là gì?#

Fixed release phát hành theo chu kỳ rõ ràng (ví dụ 2 năm / 5 năm). Trong suốt vòng đời đó, hệ thống ưu tiên ổn định hơn là mới.

Ưu điểm

Ít gãy, ít drama
Rất phù hợp cho server & production

Đánh đổi

Package không mới bằng rolling

Ví dụ tiêu biểu: Ubuntu LTS

Không có chuyện hôm nay update, ngày mai service chết
Canonical test kỹ trước khi release
Update chủ yếu là security & bugfix

Vì vậy Ubuntu LTS rất hợp cho production server, còn Arch Linux hợp cho người dùng cá nhân hoặc lab thích công nghệ mới.

Góc nhìn cá nhân: chia Rolling release thành 3 mức#

Theo trải nghiệm thực tế, mình chia rolling release thành 3 nhóm:

Rolling nhanh#

Package cập nhật liên tục
Rất dễ gãy nếu không theo dõi changelog

Ví dụ: Arch Linux, Fedora

Rolling vừa#

Có update thường xuyên nhưng đã qua một lớp kiểm soát
Phù hợp để test trước khi lên prod

Ví dụ: Debian Testing

Rolling chậm / Fixed lâu#

Update rất chậm
Ưu tiên ổn định và predictability

Ví dụ: Rocky Linux, AlmaLinux

Package manager#

A package manager in Linux is a tool that automates the entire process of installing, updating, configuring, and removing software. You can think of it as an “app store” or a personal assistant for your operating system’s software.

Operating System	Default Package Manager	Additional Package Managers
Debian	`apt`	`snapd`
Arch	`pacman`	`yay`, `snapd`
Fedora	`dnf`
OpenSUSE	`zypper`
Solus	`eopkg`
Gentoo	`emerge`
Void	`xbps`
Alpine	`apk`
NixOS	`nix`
Slackware	`slackpkg`
FreeBSD	`pkg`
OpenBSD	`pkg_add`
NetBSD	`pkgin`
DragonFly BSD	`pkg`
Haiku	`pkgman`
macOS	`brew`
Windows	`choco`
Android	`f-droid`
iOS	`cydia`
Termux	`pkg`
Chrome OS	`crostini`
Ubuntu	`apt`
CentOS	`yum`
RHEL	`yum`
Manjaro	`pacman`

1
sudo apt-get install ROSÉ
2
# when this package release guys?

Package Management Systems on Linux#

There are two broad families of package managers widely deployed: those based on Debian and those which use RPM as their low-level package manager. The two systems are incompatible but, broadly speaking, provide the same essential features and satisfy the same needs. In addition, there are some other systems used by more specialized Linux distributions.

Both package management systems operate on two distinct levels: a low-level tool (such as dpkg or rpm) takes care of the details of unpacking individual packages, running scripts, getting the software installed correctly, while a high-level tool (such as apt, dnf, or zypper) works with groups of packages, downloads packages from the vendor, and figures out dependencies.

Most of the time users need to work only with the high-level tool, which will take care of calling the low-level tool as needed. Dependency resolution is a particularly important feature of the high-level tool, as it handles the details of finding and installing each dependency for you. Be careful, however, as installing a single package could result in many dozens or even hundreds of dependent packages being installed.

Package Managers System

Cre: The Linux Foundation - Linux Foundation X LFS101: Introduction to Linux

Working With Different Package Management Systems#

The Advanced Packaging Tool (apt) is the underlying package management system that manages software on Debian-based systems. While it forms the backend for graphical package managers, such as the Ubuntu Software Center and synaptic, its native user interface is at the command line, with programs that include apt (or apt-get) and apt-cache.

dnf is the open source command-line package-management utility for the RPM-compatible Linux systems that belong to the Red Hat family.

Working with Different Package Management Systems

zypper is the package management system for the SUSE/openSUSE family and is also based on RPM. zypper also allows you to manage repositories from the command line. zypper is fairly straightforward to use and closely resembles dnf.

Table: Basic Packaging Commands

Operation	rpm	deb
Install package	`rpm -i foo.rpm`	`dpkg --install foo.deb`
Install package, dependencies	`dnf install foo`	`apt install foo`
Remove package	`rpm -e foo.rpm`	`dpkg --remove foo.deb`
Remove package, dependencies	`dnf remove foo`	`apt autoremove foo`
Update package	`rpm -U foo.rpm`	`dpkg --install foo.deb`
Update package, dependencies	`dnf update foo`	`apt install foo`
Update entire system	`dnf update`	`apt dist-upgrade`
Show all installed packages	`rpm -qa` or `dnf list installed`	`dpkg --list`
Get information on package	`rpm -qil foo`	`dpkg --listfiles foo`
Show packages named foo	`dnf list "foo"`	`apt-cache search foo`
Show all available packages	`dnf list`	`apt-cache dumpavail foo`
What package is file part of?	`rpm -qf file`	`dpkg --search file`

Cre: The Linux Foundation - Linux Foundation X LFS101: Introduction to Linux

Commands#

This command :(){ :|:& };: is called “shell fork bomb”, very dangerous when hacker can access then execute this command on our servers. Read more about fork bomb here

Navigating the File System#

Relative path vs Absolute path

Relative path: path from current directory
- ./file.txt : current directory
- ../file.txt : parent directory
Absolute path: full path from root directory
- /home/user/file.txt
- //var/log/syslog: even with double slash at the beginning, it’s still absolute path

cd: Change directory

cd /home/user
cd ~
cd ..

im using zoxide: better cd

ls: List files and directories

ls
ls -l | ls -al
ls -a
ls -lt : sort time descending
ls -ltr: sort time ascending (r = reverse)

im using exa: better ls

pw : print current working directory

Viewing Files#

Command	Usage
cat	Used for viewing files that are not very long; it does not provide any scroll-back functionality.
less	A pager program that allows you to view (but not change) the contents of a file one screen at a time. It provides scroll-back functionality.
tail	Used to print the last 10 lines of a file by default. You can change the number of lines by doing -n 15 or just -15 if you wanted to look at the last 15 lines instead of the default.
head	The opposite of tail; by default, it prints the first 10 lines of a file.
tac	Similar to cat, but it displays the contents of a file in reverse order, starting from the last line.

Examples#

cat

cat is short for concatenate and is one of the most frequently used Linux command line utilities. It is often used to read and print files, as well as for simply viewing file contents. To view a file, use the following command:

1
cat <filename>

cat file.txt: view file content

Commonly used options with cat:

cat file1 file2: concatenate files and display, file2 content follow file1
cat -n file.txt : view line number
cat file1.txt file2.txt : concatenate files and display
cat file.txt | less : view long file with less
cat file1 file2 > newfile: concatenate file1 and file2 into newfile
cat file >> existingfile: append file content to existingfile
cat > file: create file and input content from terminal, press Ctrl + D to save and exit
cat >> file: append content to existing file from terminal, press Ctrl + D to save and exit

im using bat, notice that after install bat, it use the batcat (not bat) so need to remember or assign alias to .zshrc

Another way using cat with redirection to create multiple lines file:

1
$ cat << EOF > myfile
2
> line one
3
> line two
4
> line three
5
> EOF
6
$

less : View file content page by page

less file.txt
less +F file.txt : follow the file (like tail -f)
Press q to quit less
Use arrow keys or j/k to navigate up/down
Use Space to go to next page, b to go back one page
/search_term to search forward, ?search_term to search backward
n to go to next search result, N to go to previous search result

head: Display the first 10 lines (default)

head filename.txt
head -5 filename.txt (first 5 lines)
head -c 45 filename.txt (first 45 bytes)
head -f filename.txt (follow the file)
cat -n filename.txt | head -20 (first 20 lines with line numbers)

tail: Display the last 10 lines (default)

tail filename.txt
tail -20 filename.txt (last 20 lines)
tail -c 45 filename.txt (last 45 bytes)
tail -f filename.txt (follow the file

tac : View file content in reverse order

tac file.txt

touch#

$ touch <filename> This is normally done to create an empty file as a placeholder for a later purpose.

touch provides several useful options. For example, the -t option allows you to set the date and timestamp of the file to a specific value, as in:

$ touch -t 202201011200.00 newfile.txt

This command creates a new file named newfile.txt with a timestamp of January 1, 2022, at 12:00 PM.

Moving, Copying, Deleting Files and Directories#

mkdir : Create a directories

mkdir hihi: create directory hihi in current directory
mkdir /usr/share/hihi: create directory hihi in /usr/share
mkdir /hihi/hehe/huhu => No such file or directory => mkdir -p /hihi/hehe/huhu ok

Because normal mkdir only support one directory, if pass parent/child/… it cause error -> using -p (parent) to fix

rmdir

Removing a directory is done with rmdir. The directory must be empty or the command will fail. To remove a directory and all of its contents you have to do rm -rf.

rm : Remove files and directories

rm file.txt
rm -r dir1: Remove directory recursively
rm -rf dir1: Remove directory with force and recursively

cp : Copy files and directories

cp file.txt file2.txt
cp -r dir1 dir2
cp * /usr/share/.fonts

mv : Move files and directories

mv file.txt /usr/share/.fonts
mv file.txt file2.txt
mv * /usr/share/.fonts
we can perform the rename file or directory by mv command: if i want to rename the file demo.txt to test.txt
Terminal window
```
1
mv demo.txt test.txt
2
# same as directory
```

echo : Write text to file

echo "Hello World" > file.txt
echo “alias ‘yt=ytfzf -t’” >> ~/.bashrc
echo “alias ‘ll=ls -al’” >> ~/.bashrc
echo “alias ‘showdisk=cd /media/lcaohoanq/ ; ls -al’” >> ~/.bashrc

nano : Text editor

nano file.txt

unzip : Unzip files

unzip file.zip

tree : Show the current directory with the tree visualization

1
# show everything
2
tree
3

4
# show directories only
5
tree -D
6

7
# show directories except the pattern
8
tree -I "node_modules"
9

10
# show except the pattern, directories only
11
tree -I "node_modules" -D

history: Show all previously executed command

!!: execute the last command again (bang bang)
!n: execute the nth command in history
!string: execute the last command that starts with string
Ctrl + r: reverse search in history

im currently using atuin: better history, with built in sql lite, can search, navigate to the previous command

Process:
- ps: shows only processes associated with your current terminal session and use
- ps aux: display a detailed snapshot of all running processes on the system
  Terminal window
```
1
# show detailed all running processes and find obs
2
ps aux | grep "obs"
```

Terminal Shortcuts#

Shortcut	Description
CTRL + L	Clears the screen
CTRL + S	Temporarily halt output to the terminal
CTRL + Q	Resume output to the terminal
CTRL + D	Exit the current shell
CTRL + Z	Suspend the current process and return to prompt
CTRL + C	Kill the current process
CTRL + H	Same as Backspace
CTRL + A	Move cursor to the beginning of the line
CTRL + W	Delete the word before the cursor
CTRL + U	Delete from start of line to cursor
CTRL + E	Move cursor to the end of the line
Tab	Auto-complete files, directories, and commands

find : Search for files and directories#

find is an extremely useful and often-used utility program in the daily life of a Linux system administrator. It recurses down the filesystem tree from any particular directory (or set of directories) and locates files that match specified conditions. The default pathname is always the present working directory.

-name: list files with certain pattern in their name -iname: case insensitive version of -name -type: search by file type (f: regular file, d: directory, l: symbolic link, c: character device, b: block device) -size: search by file size (+: greater than, -: less than, no sign: exactly) -ctime: search by change time (in days, +: more than, -: less than, no sign: exactly) -atime: search by access time (in days, +: more than, -: less than, no sign: exactly) -mtime: search by modification time (in days, +: more than, -: less than, no sign: exactly)

Examples#

Searching for files and directories

$ find /path/to/search -name "filename"

Find all txt files in current directory and subdirectories

$ find . -name "*.txt"

Find directory named dirname from root

$ find / -type d -name "dirname"

Search only for regular file named gcc

$ find /usr -type f -name gcc

Find files larger than 10MB in /path

$ find /path -type f -size +10M

Find files modified in last 7 days in /path

$ find /path -type f -mtime -7

Advanced Usage:

Limit search depth to 3 levels and show first 40 results

$ find . -maxdepth 3 -type f -o -type d | head -40

Find and run command on the files that match (Delete all swap files in current directory and subdirectories)

$ find -name "*.swp" -exec rm {} ';'

System Information#

Check CPU:
- nproc
- lscpu
Check RAM
- free -h
- cat /proc/meminfo

Check Disk:

df -h: disk free

1
❯ df -h
2
Filesystem      Size  Used Avail Use% Mounted on
3
udev             16G     0   16G   0% /dev
4
tmpfs           3.2G  2.1M  3.2G   1% /run
5
/dev/sdb1       208G   88G  111G  45% /
6
tmpfs            16G   91M   16G   1% /dev/shm
7
tmpfs           5.0M  8.0K  5.0M   1% /run/lock
8
tmpfs           1.0M     0  1.0M   0% /run/credentials/systemd-journald.service
9
tmpfs            16G   15M   16G   1% /tmp
10
/dev/nvme0n1p1  234G  155G   68G  70% /media/data
11
tmpfs           3.2G  148K  3.2G   1% /run/user/1000

lsblk: list block devices

1
❯ lsblk
2
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
3
sda           8:0    0 931.5G  0 disk
4
├─sda1        8:1    0 496.7G  0 part
5
└─sda2        8:2    0 434.9G  0 part
6
sdb           8:16   0 223.6G  0 disk
7
├─sdb1        8:17   0 212.2G  0 part /
8
├─sdb2        8:18   0     1K  0 part
9
└─sdb5        8:21   0  11.4G  0 part [SWAP]
10
nvme0n1     259:0    0 238.5G  0 disk
11
└─nvme0n1p1 259:1    0 238.5G  0 part /media/data

-a: all devices

1
❯ lsblk -a
2
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINTS
3
sda           8:0    0 931.5G  0 disk
4
├─sda1        8:1    0 496.7G  0 part
5
└─sda2        8:2    0 434.9G  0 part
6
sdb           8:16   0 223.6G  0 disk
7
├─sdb1        8:17   0 212.2G  0 part /
8
├─sdb2        8:18   0     1K  0 part
9
└─sdb5        8:21   0  11.4G  0 part [SWAP]
10
nvme0n1     259:0    0 238.5G  0 disk
11
└─nvme0n1p1 259:1    0 238.5G  0 part /media/data

-o: specify output columns (check all column lsblk --list-columns)

1
❯ lsblk -a -o NAME,SIZE,FSTYPE,UUID,MOUNTPOINT
2
NAME          SIZE FSTYPE UUID                                 MOUNTPOINT
3
sda         931.5G
4
├─sda1      496.7G ntfs   01D819C87037D350
5
└─sda2      434.9G ntfs   01D819C871BA0680
6
sdb         223.6G
7
├─sdb1      212.2G ext4   2c9bf3d9-8c80-4d4d-8632-4b10e65726d3 /
8
├─sdb2          1K
9
└─sdb5       11.4G swap   9eacdd7d-3177-4e92-a812-63e0abaade65 [SWAP]
10
nvme0n1     238.5G
11
└─nvme0n1p1 238.5G ext4   26a0de97-0abd-45e1-b610-129d3045f430 /media/data

fdisk: older systems or simple MBR tasks

1
❯ sudo fdisk -l
2
Disk /dev/nvme0n1: 238.47 GiB, 256060514304 bytes, 500118192 sectors
3
Disk model: INTEL SSDPEKKF256G8L
4
Units: sectors of 1 * 512 = 512 bytes
5
Sector size (logical/physical): 512 bytes / 512 bytes
6
I/O size (minimum/optimal): 512 bytes / 512 bytes
7
Disklabel type: gpt
8
Disk identifier: 677D2B55-C4FB-4DB8-BEC3-AAADCE78C24A
9

10
Device         Start       End   Sectors   Size Type
11
/dev/nvme0n1p1  2048 500117503 500115456 238.5G Linux filesystem
12

13

14
Disk /dev/sdb: 223.57 GiB, 240057409536 bytes, 468862128 sectors
15
Disk model: KINGSTON SA400S3
16
Units: sectors of 1 * 512 = 512 bytes
17
Sector size (logical/physical): 512 bytes / 512 bytes
18
I/O size (minimum/optimal): 512 bytes / 512 bytes
19
Disklabel type: dos
20
Disk identifier: 0xf6b8904f
21

22
Device     Boot     Start       End   Sectors   Size Id Type
23
/dev/sdb1  *         2048 445042687 445040640 212.2G 83 Linux
24
/dev/sdb2       445044734 468860927  23816194  11.4G  f W95 Ext'd (LBA)
25
/dev/sdb5       445044736 468860927  23816192  11.4G 82 Linux swap / Solaris
26

27

28
Disk /dev/sda: 931.51 GiB, 1000204886016 bytes, 1953525168 sectors
29
Disk model: TOSHIBA MQ04ABF1
30
Units: sectors of 1 * 512 = 512 bytes
31
Sector size (logical/physical): 512 bytes / 4096 bytes
32
I/O size (minimum/optimal): 4096 bytes / 4096 bytes
33
Disklabel type: gpt
34
Disk identifier: FEDF6762-A8BC-4D15-9D71-AFB6E5CDEA90
35

36
Device          Start        End    Sectors   Size Type
37
/dev/sda1        2048 1041569791 1041567744 496.7G Microsoft basic data
38
/dev/sda2  1041569792 1953523119  911953328 434.9G Microsoft basic data

parted: newer systems or GPT tasks (or gdisk)

1
❯ sudo parted -l
2
Model: ATA TOSHIBA MQ04ABF1 (scsi)
3
Disk /dev/sda: 1000GB
4
Sector size (logical/physical): 512B/4096B
5
Partition Table: gpt
6
Disk Flags:
7

8
Number  Start   End     Size   File system  Name                  Flags
9
1      1049kB  533GB   533GB  ntfs         Basic data partition  msftdata
10
2      533GB   1000GB  467GB  ntfs         Basic data partition  msftdata
11

12

13
Model: ATA KINGSTON SA400S3 (scsi)
14
Disk /dev/sdb: 240GB
15
Sector size (logical/physical): 512B/512B
16
Partition Table: msdos
17
Disk Flags:
18

19
Number  Start   End    Size    Type      File system     Flags
20
1      1049kB  228GB  228GB   primary   ext4            boot
21
2      228GB   240GB  12.2GB  extended                  lba
22
5      228GB   240GB  12.2GB  logical   linux-swap(v1)  swap
23

24

25
Model: INTEL SSDPEKKF256G8L (nvme)
26
Disk /dev/nvme0n1: 256GB
27
Sector size (logical/physical): 512B/512B
28
Partition Table: gpt
29
Disk Flags:
30

31
Number  Start   End    Size   File system  Name                  Flags
32
1      1049kB  256GB  256GB  ext4         Basic data partition

Disk usage:
- du -h —max-depth=1: check current directory disk usage
- du -sh /: check root directory disk usage summary
- dust: better way to check disk usage than du, extremely fast
  Terminal window
```
1
# check root directory
2
dust /
```
- ncdu: TUI using ncurses, find exactly what’s taking space and want to clean up interactively
  Terminal window
```
1
ncdu /
```
Process management
- top: mandatory tool

im using htop, btop, better UI, more efficient to do process management

Power Management
- sudo reboot: reboot system immediately
- sudo shutdown -h: shutdown after 1 min
- sudo shutdown -h now: shutdown immediately
- sudo shutdown -P +10: schedule shutdown after 10 mins

Not mandatory command, but im using too many time

Copy all content of file into clipboard
- xclip way, make sure you installed xclip with sudo apt install xclip
Terminal window
```
1
cat <filename> | xclip -selection clipboard
```

Documentation and Manual Pages#

The man pages are the most often-used source of Linux documentation. They provide in-depth documentation about many programs and utilities, as well as other topics, including configuration files and programming APIs for system calls, library routines, and the kernel. They are present on all Linux distributions and are always at your fingertips.

$ man <command>
Open the official manual page for a command, including its description, options, and usage examples.
$ man -f <command>
Display a short list of manual pages related to the keyword (same as whatis), with brief descriptions.
$ man -a <command>
Show all available manual pages matching the command name, going through every section instead of just the first one.

File System#

Description of the standard Linux file system structure:

1
/               # Root directory – gốc của mọi thứ
2
├── /boot       # File khởi động: kernel, initramfs, grub
3
├── /dev        # Device files (ổ cứng, USB, tty, null, random…)
4
├── /etc        # Config hệ thống (nghĩ: "editable text configs")
5
├── /home       # Thư mục người dùng (home của user)
6
│   └── hoang   # Ví dụ home của user hoang
7
│   └── duyen   # Ví dụ home của user duyen
8
├── /lib        # Thư viện cần cho /bin và /sbin
9
├── /lib64      # Thư viện 64-bit
10
├── /media      # Nơi auto-mount USB, ổ cứng rời
11
├── /mnt        # Mount tạm (mount thủ công)
12
├── /opt        # Optional software (app cài ngoài hệ thống)
13
├── /proc       # Virtual FS – info kernel & process (runtime)
14
├── /root       # Home của user root
15
├── /run        # Runtime data (PID, socket, lock file)
16
├── /sbin       # System binaries (lệnh cho admin/root)
17
├── /srv        # Data cho service (web, ftp…)
18
├── /sys        # Virtual FS – kernel, hardware
19
├── /tmp        # File tạm (có thể bị xoá khi reboot)
20
├── /usr        # Userland programs & libs
21
│   ├── /bin    # Binary cho user
22
│   ├── /sbin   # Binary cho admin
23
│   ├── /lib    # Thư viện
24
│   └── /share  # Data dùng chung (icons, fonts, docs)
25
└── /var        # Variable data
26
    ├── /log    # Log system
27
    ├── /cache  # Cache
28
    ├── /lib    # State data (db, package info)
29
    └── /www    # Web root (Apache/Nginx – tuỳ distro)

Tips to remember#

/etc → config
/var → always change (log, cache)
/proc & /sys → not a real file
/usr → app + lib
/bin vs /sbin → user vs admin
/dev → everything is file 😎 (i want fine also)

FD (File Descriptor) in Linux#

When commands are executed, by default there are three standard file streams (or descriptors) always open for use: standard input (standard in or stdin), standard output (standard out or stdout) and standard error (or stderr).

Also can called as pipe in Linux.

Name	Symbolic Name	Value	Example
Standard Input	stdin	0	keyboard
Standard Output	stdout	1	terminal
Standard Error	stderr	2	error log file

Usually, stdin is your keyboard, and stdout and stderr are printed on your terminal. stderr is often redirected to an error logging file, while stdin is supplied by directing input to come from a file or from the output of a previous command through a pipe. stdout is also often redirected into a file. Since stderr is where error messages (and warning) are written, usually nothing will go there.

In Linux, all open files are represented internally by what are called file descriptors. Simply put, these are represented by numbers starting at zero. stdin is file descriptor 0, stdout is file descriptor 1, and stderr is file descriptor 2. Typically, if other files are opened in addition to these three, which are opened by default, they will start at file descriptor 3 and increase from there.

Cre: The Linux Foundation - Linux Foundation X LFS101: Introduction to Linux

I/O Redirection#

Through the command shell, we can redirect the three standard file streams so that we can get input from either a file or another command, instead of from our keyboard, and we can write output and errors to files or use them to provide input for subsequent commands.

For example, if we have a program called do_something that reads from stdin and writes to stdout and stderr, we can change its input source by using the less-than sign (<) followed by the name of the file to be consumed for input data:

$ do_something < input-file Funny that bash not require the same order

$ < input-file do_something It’s work too

$ do_something 0< input-file This is the fully specified version, using the file descriptor number for stdin (0).

If you want to send the output to a file, use the greater-than sign (>) as in:

$ do_something > output-file

Also can be written as:

$ do_something 1> output-file

In fact, you can do both at the same time as in:

$ do_something < input-file > output-file

Error will be seen in terminal, because this is stdout, if you want to redirect stderr to a separate file, use 2> output-file instead like

$ do_something 2> output-file

How about i want to both file descriptor 2 (FD-2) and FD-1 to the same place as FD-1

$ do_something > all-output-file 2>&1

Bash permits an easier syntax

$ do_something >& all-output-file

Summary:

0<: where to read input from (default: keyboard)
> or 1>: where to write output to (default: terminal)
2>: where to write error output to (default: terminal)
2>&1: redirect stderr (FD 2) to where stdout (FD 1) is going

Play with /dev/null: about /dev/null

1
# Old
2
command > /dev/null 2>&1

1
# New
2
command &> /dev/null

Redirect both stdout and stderr to /dev/null, explanation:

> /dev/null: redirect stdout to /dev/null
2>&1: redirect FD-2 to where FD-1 is going (which is /dev/null)

Result:

Comamnd run normal, no output shown
Success or fail, preserved by exit code $?

Pipes#

The UNIX/Linux philosophy is to have many simple and short programs (or commands) cooperate together to produce quite complex results, rather than have one complex program with many possible options and modes of operation. In order to accomplish this, extensive use of pipes is made. You can pipe the output of one command or program into another as its input.

pipe

In order to do this, we use the vertical-bar, pipe symbol (|), between commands as in:

$ command1 | command2 | command3

pipeline

Example: Kill process interactively with fzf

1
ps aux | fzf | awk '{print $2}' | xargs kill -9

This command sequence does the following:

ps aux lists all running processes.
The output is piped (|) to fzf, an interactive command-line fuzzy finder, allowing you to select a specific process from the list.
The selected line is then piped to awk '{print $2}', which extracts the second field from the selected line, typically the process ID (PID).
Finally, the PID is piped to xargs kill -9, which forcefully terminates the process with the specified PID.

File Permissions#

File Ownership#

In Linux and other UNIX-based operating systems, every file is associated with a user who is the owner. Every file is also associated with a group (a subset of all users) which has an interest in the file and certain rights, or permissions: read, write, and execute.

Command	Usage
chown	Used to change user ownership of a file or directory
chgrp	Used to change group ownership
chmod	Used to change the permissions on the file, which can be done separately for owner, group and the rest of the world (often named as other)

File Permission Mods and chmod#

Every file have permission for owner and group (I tell file here but same for directory, link, socket,…)

Owner is who created the file or directory
Groups is the set of users who share the same permission

Files have three kinds of permissions: read (r), write (w), execute (x). These are generally represented as in rwx. These permissions affect three groups of owners: user/owner (u), group (g), and others (o)

1
rwx: rwx: rwx
2
 u:   g:   o

Example:

-rw-r--r--:

owner user: can read, write, not execute (for each file the owner is root, oracle9, user3)
group user: can read only
other user: can read only

change file permissions

1
chmod [u/g/o][+/-/=][r/w/x][file]

Syntax:

u/g/o: user/group/other
+/-/=: add, remove, set
r/w/x: read, write, execute

Examples:

Change file data.txt add groups permission writable

1
chmod g+w data.txt

Give the owner and others execute permission and remove the group write permission

1
$ ls -l somefile
2
-rw-rw-r-- 1 student student 1601 Mar 9 15:04 somefile
3
$ chmod uo+x,g-w somefile
4
$ ls -l somefile
5
-rwxr--r-x 1 student student 1601 Mar 9 15:04 somefile

Using octal notation#

This kind of syntax can be difficult to type and remember, so one often uses a shorthand which lets you set all the permissions in one step. This is done with a simple algorithm, and a single digit suffices to specify all three permission bits for each entity

Easy to figure out what number: https://chmod-calculator.com/
4 if read permission is desired
2 if write permission is desired
1 if execute permission is desired Thus
7 means read/write/execute
6 means read/write
5 means read/execute
0 means no permission
400 : read only Example:

1
chmod 664 foo.txt
2
# user/owner: read, group: read/write, other: read
3
# =>>>>>> rw-rw-r--
4
chmod 755 script.sh
5
# user/owner: read/write/execute, group: read/execute, other: read/execute
6
# =>>>>>> rwxr-xr-x

Be careful with chmod 777, grant full access, convenience but it violate the principle of privilege

Chown command#

chown can change owner, group or both of a file or directory.

chown

Touch 2 file file1 and file2 as owner is coop, group is coop, Change file2 owner to root remain group coop, after that change both owner and group of file? mean both to root
Finally, only the superuser can remove the files.

Syntax:

1
chown x:y file.txt

x: user (owner)
y: group

Some cases:

1
chown hoang:dev file.txt

Change owner to hoang, group to dev

1
chown hoang file.txt

Change owner to hoang, remain group

1
chown :dev file.txt

Change group to dev, remain owner

1
chown -R hoang:dev /var/www

Change owner to hoang, group to dev recursively for all files and directories in /var/www

Why change recursively? Because /var/www usually contain many files and directories, if we don’t use -R option, only /var/www change owner and group, all files and directories inside remain the same. Linux do this because it protect us from making mistakes. Ensure we really want to apply changes to all files and directories inside.

So always be careful:

1
chown -R user:group /

=> Disaster, because it change all files and directories in the system to user:group, system break down, need to reinstall

Chgrp command#

chgrp is used to change the group ownership of a file or directory.

1
chgrp dev file.txt

Change group of file.txt to dev, remain owner
Only the superuser or the owner of the file can change the group ownership.

su vs sudo#

su (substitute user) and sudo (superuser do) are both commands that allow a user to execute commands with elevated privileges, but they work in different ways and have different use cases.

Aspect	su	sudo
Functionality	Switches the current user to another user (default is root) and starts a new shell session.	Allows a permitted user to execute a specific command as the superuser or another user without switching users.
Authentication	Requires the password of the target user (e.g., root) to switch users.	Requires the password of the current user to execute a command with elevated privileges.
Session	Starts a new shell session as the target user.	Executes a single command with elevated privileges and returns to the original user session.
Use Case	Useful for performing multiple administrative tasks in a single session.	Ideal for executing individual commands that require elevated privileges without switching users.
Security	Less secure as it requires sharing the root password and can lead to prolonged elevated privileges.	More secure as it allows for granular control over which users can execute specific commands with elevated privileges.

/etc/sudoers file is used to configure sudo permissions, allowing administrators to specify which users can execute which commands as root or other users.

In short:

using su default switch to root user. But i want to login as another user, use su - username.
While sudo execute a single command with elevated privileges without switching users. And the privileges will granted only for that command.

1
❯ su
2
Password:
3
root@hoang:/home/lcaohoanq# nano /etc/host
4
bash: nano: command not found
5
root@hoang:/home/lcaohoanq# vim /etc/host
6
root@hoang:/home/lcaohoanq# vim /etc/hosts
7
root@hoang:/home/lcaohoanq# exit^C
8
root@hoang:/home/lcaohoanq# ls -l /etc/hosts
9
-rw-r--r-- 1 root root 350 Jan 21 23:58 /etc/hosts

Account, Users and Groups#

Identifying the Current User#

As you know, Linux is a multi-user operating system, meaning more than one user can log on at the same time.

To identify the current user, type whoami.
To list the currently logged-on users, type who.

Giving who the -a option will give more detailed information.

1
hoang@fptu-thitkho-cbbz:~$ whoami
2
hoang
3
hoang@fptu-thitkho-cbbz:~$ who
4
hoang    pts/0        2026-01-22 21:49 (14.187.108.34)
5
hoang    pts/1        2026-01-21 15:52 (tmux(36912).%0)
6
minh     pts/2        2026-01-22 21:49 (14.187.108.34)
7
hoang@fptu-thitkho-cbbz:~$ who -a
8
           system boot  2026-01-21 11:09
9
           run-level 5  2026-01-21 11:09
10
LOGIN      ttyS0        2026-01-21 11:09               653 id=tyS0
11
LOGIN      tty1         2026-01-21 11:09               652 id=tty1
12
hoang    + pts/0        2026-01-22 21:49   .         37921 (14.187.108.34)
13
hoang    + pts/1        2026-01-21 15:52  old        36912 (tmux(36912).%0)
14
minh     + pts/2        2026-01-22 21:49 00:07       37993 (14.187.108.34)
15
hoang@fptu-thitkho-cbbz:~$

Users and Groups#

All Linux users are assigned a unique user ID (uid), which is just an integer; normal users start with a uid of 1000 or greater. System users (like root, daemon, bin, etc.) have uids below 1000.

1
hoang@fptu-thitkho-cbbz:~$ id
2
uid=1000(hoang) gid=1000(hoang) groups=1000(hoang),27(sudo)
3
minh@fptu-thitkho-cbbz:~$ id minh
4
uid=1001(minh) gid=1001(minh) groups=1001(minh),27(sudo),100(users)
5
minh@fptu-thitkho-cbbz:~$ id root
6
uid=0(root) gid=0(root) groups=0(root)

hoang: normal user with uid 1000
minh: normal user with uid 1001
root: superuser with uid 0

Linux uses groups for organizing users. Groups are collections of accounts with certain shared permissions; they are used to establish a set of users who have common interests for the purposes of access rights, privileges, and security considerations. Access rights to files (and devices) are granted on the basis of the user and the group they belong to.

One user can belong to multiple groups. Each user has a primary group (usually the same name as the user) and can be a member of additional groups.

1
hoang@fptu-thitkho-cbbz:~$ groups
2
hoang sudo
3
minh@fptu-thitkho-cbbz:~$ groups minh
4
minh sudo users

hoang belongs to groups: hoang, sudo
minh belongs to groups: minh, sudo, users

Check all groups in the system:

/etc/group: Contains all groups, their GIDs, and the users who belong to them as secondary members.
/etc/passwd: Contains all users, their UIDs, primary GIDs, home directories, and login shells.

1
/etc/passwd
2
hoang:x:1000:1000::/home/hoang:/bin/bash
3

4
/etc/group
5
hoang:x:1000:
6
docker:x:999:hoang
7
sudo:x:27:hoang

User hoang have:

Primary group: hoang (GID 1000)
Additional groups: docker, sudo

User → /etc/passwd (UID + primary GID) Group → /etc/group (GID + secondary members)

Adding and Removing Users#

Only the superuser (root) or a user with sudo privileges can add or remove users.

Adding -> useradd or adduser (more user-friendly)

1
sudo adduser mnhw0612

which, by default, sets the home directory to /home/mnhw0612, populates it with some basic files (copied from /etc/skel) and adds a line to /etc/passwd such as:

mnhw0612:x:1002:1002::/home/mnhw0612:/bin/bash

and sets the default shell to /bin/bash

Check with getent passwd mnhw0612

1
mnhw0612:x:1002:1002:,,,:/home/mnhw0612:/bin/bash

Removing -> userdel

1
sudo userdel mnhw0612

However, this command does not remove the user’s home directory and mail spool unless the -r option is used, remove user without -r option is useful when you want temporary inactivate an account but preserve the user’s files.

1
sudo userdel -r mnhw0612

Adding and Removing Groups#

Only the superuser (root) or a user with sudo privileges can add or remove groups.

Primary group vs Secondary group:

1
rjsquirrel : rjsquirrel

User rjsquirrel only have primary group rjsquirrel

1
minh@fptu-thitkho-cbbz:~$ groups minh
2
minh : minh sudo users

User minh have primary group minh and secondary groups sudo, users

Adding groups#

1
# sudo /usr/sbin/groupadd anewgroup
2
sudo groupadd developers

Adding user to already existing group: -a (append), -G (set secondary groups), please note that without -a option, it will remove user from other groups and only add to the specified group.

1
sudo usermod -aG groupname username

Add user hoang to group sudo

1
sudo usermod -aG sudo hoang

Remove groups#

1
sudo groupdel developers

For remove using from group

Group will be remove from /etc/group file
Not remove user
If group is primary group of user, not able to remove

Remove user from group#

Linux do not have direct command to do

1
remove-user-from-group

It can be done in two ways:

Using usermod -G to set new list of secondary groups (excluding the group to be removed) -> Not recommended

1
rjsquirrel : rjsquirrel anewgroup sudo docker

To remove anewgroup from user rjsquirrel

1
sudo usermod -G sudo,docker rjsquirrel

Result

1
rjsquirrel : rjsquirrel sudo docker

More safer using gpasswd -d command (recommended)

1
sudo gpasswd -d rjsquirrel anewgroup

Startup Files#

When a user logs in, several files are read and executed to configure the user’s environment. These files are known as startup files or shell initialization files. The specific files that are read depend on the shell being used (e.g., bash, zsh) and whether the session is a login shell or a non-login shell.

The startup files can do anything the user would like to do in every command shell, such as:

Customizing the prompt
Defining command line shortcuts and aliases
Setting the default text editor
Setting the path for where to find executable programs

Login shell: A shell session that starts when a user logs in to the system, either through a terminal or remotely via SSH. Non-login shell: A shell session that starts when a user opens a new terminal window or tab within an existing session.

Order of the Startup Files#

The order in which the startup files are read and executed depends on whether the shell is a login shell or a non-login shell.

/etc/profile: System-wide configuration file for login shells.
~/.bash_profile, ~/.bash_login, or ~/.profile: User-specific configuration files. The shell reads the first one it finds in this order.

/etc/bash.bashrc: System-wide configuration file for non-login shells.
~/.bashrc: User-specific configuration file for non-login shells.

Some distro may not have .bash_profile, in this case, .profile will be used instead. It do one thing is to source .bashrc file, so the settings in .bashrc are also applied to login shells.

1
source ~/.bashrc

Text Editor#

Basic editors:

nano
gedit

Advanced editors:

vi, vim, nvim
emacs

nano#

every linux have nano, if not install yet (very rare), usually in distroless docker image or lightweight linux distros

Install#

1
sudo apt-get install nano

Command#

Create new file without touch

1
nano hehe.txt

Create a file name hihi.txt with some text

1
echo "first line" > hihi.txt

Append a text to end of file

1
# Redirection operator
2
echo "first line" >> hihi.txt

Cut/Delete a line

1
Ctrl + K

Copy, paste selected line

1
Ctrl + 6 #Mark set
2
Alt  + 6  #Copy selected
3
Ctrl + U #Paste

Moving a line

1
Ctrl + K
2
Ctrl + U

vi, vim, nvim#

Alt text

More at here (https://viblo.asia/p/co-ban-ve-vim-cho-nguoi-moi-bat-dau-GrLZDavnlk0)
Vim has 3 mode
- Normal: default, navigate, simple edit
- Insert: as the name, using as insert character
- Command Line: saving, exiting,…

Command#

Copy 1 line (yanking)

1
yy

Copy 3 line

1
3yy

Copy all file content (rather than 32yy, no this suck)
- vim will popup that 32 lines yanked into "+

1
:%y+

Paste (as current cursor pointer)
- Below: p
- Above: P
Undo

1
u

Delete 1 line (yanking):

1
dd

Delete 3 line

1
3dd

Jump to specific line (Normal mode), type line number with capital G -> Enter

1
118796G

Search word (Command mode -> ESC), / then type the keyword want to search -> Enter

1
/Error

Home file (double g)

1
gg

Home line

1
0

End file (capital G)

1
G

End line

1
Shift + 0

Exit (Command mode -> ESC)
- q stand for quit
- w stand for write

1
:q! #force exit without saving
2
:wq #save and exit

Advanced
- Combine nvim with fzf
  - In terminal type nvim (space) then Ctrl + T => it will open file with nvim immediately
  - Search file with fzf, preview with batcat then open in nvim: i use alias fn for this very long command fn='/opt/nvim-linux-x86_64/bin $(fzf --preview="batcat --color=always {}")'
Ref the alias at my dotfile

LazyVim#

Currently im using LazyVim (https://www.lazyvim.org/), it really easy to setup, and support a lot of LUA plugins there, but before going to something comfortable, make sure you have a basic or good foundation of vim, take time to practice :)

Alt text

In the current directory, type nvim ., it will open with nvim treesitter (same as sidebar in other IDE)
Shortcut:
- Space + Space: find file, like Ctrl + P (VSCode), Ctrl + Shift + N/Shift + Shift (IntelliJ)
- Ctr + /: Terminal (enter the Terminal using i mode)
Linux with Nvim oh man, we nearly become arch user

Alt text

File Types#

In linux, everything is file, even hardware device also considered as file

The 7 standard Linux file types#

Regular file
- -: Normal files such as text, data, or executable files
Directory
- d: Files that are lists of others files
Symbolic Link
- l : A shortcut that points to the location of the actual file
Special file
- c: Mechanism using for input and output, such as file in /dev
Socket
- s: A special file that provides inter-process networking protected by the file system’s access control
Pipe
- p: A special file that allows processes to communicate with each other without using network socket semantics, FIFO (first in, first out)
Block Device
- b: A special file that provides buffered access to hardware devices, such as hard drives
Example of ls -l output:

1
❯ ls -l
2
Permissions Size User      Date Modified Name
3
drwxrwxr-x     - lcaohoanq 27 Dec  2025   Debian-Hyprland
4
lrwxrwxrwx     - lcaohoanq 16 Dec  2025   hoidanit-java-springboot -> /media/data/courses/hoidanit-java-springboot
5
drwxr-xr-x     - lcaohoanq 26 Dec  2025   logs_53046524065
6
drwxrwxr-x     - lcaohoanq  2 Jan 16:55   meme
7
drwxrwxr-x     - lcaohoanq 19 Dec  2025   vagrant-vms
8
.rw-r--r--    50 lcaohoanq 14 Dec  2025   .directory
9
.rw-rw-r--  1.8k lcaohoanq 24 Dec  2025   .env
10
lrwxrwxrwx     - lcaohoanq 16 Dec  2025   '002 #2. Tài liệu khóa học (Project Y).pdf' -> '/media/data/courses/hoidanit-java-springboot/9 - Y - Chapter 1 Bắt buộc xem'/'002 #2. Tài liệu khóa học (Project Y).pdf'
11
.rwxrwxr-x   166 lcaohoanq  2 Jan 15:49   4_args.sh
12
.rwxrwxr-x   535 lcaohoanq  2 Jan 16:40   6_command_subs.sh
13
.rwxrwxr-x   226 lcaohoanq  2 Jan 23:30   18_decision_making.sh
14
.rwxrwxr-x   511 lcaohoanq  3 Jan 14:34   21_script_monitoring.sh
15
.rw-rw-r--  335k lcaohoanq  2 Jan 21:08   377151058_780890013834619_992292982055176227_n.jpg
16
.rwxrwxr-x   390 lcaohoanq  1 Jan 08:36   firstscript.sh
17
.rw-rw-r--     5 lcaohoanq 29 Dec  2025   hoang.txt
18
.rw-rw-r--  2.1k lcaohoanq  1 Jan 23:46   ig.txt
19
.rw-rw-r--  852k lcaohoanq 26 Dec  2025   logs_53046524065.zip
20
.rw-rw-r--    81 lcaohoanq 17 Dec  2025   mail.txt
21
.rw-rw-r--   151 lcaohoanq 25 Dec  2025   server.txt
22
.rw-rw-r--    14 lcaohoanq 25 Dec  2025   test.txt
23
.rw-rw-r--  229k lcaohoanq  2 Jan 17:06   ThanhToan_SE181513_LuuCaoHoang_F-Trip2026.jpg
24
.rwxr-xr-x  2.1M lcaohoanq 18 Jun  2024   wallhaven-zyggly.jpg
25
.rw-rw-r--   885 lcaohoanq  1 Jan 08:49   websetup.sh

Check the permissions column, first character indicate the file type
- d: directory
- l: symbolic link
- -: regular file
- .: special file

Symbolic links#

Like desktop shortcut in windows

1
ln -s source destination
2

3
unlink destination

Example:

1
❯ ls -l
2
Permissions Size User      Date Modified Name
3
lrwxrwxrwx     - lcaohoanq 16 Dec  2025   hoidanit-java-springboot -> /media/data/courses/hoidanit-java-springboot
4
lrwxrwxrwx     - lcaohoanq 16 Dec  2025   '002 #2. Tài liệu khóa học (Project Y).pdf' -> '/media/data/courses/hoidanit-java-springboot/9 - Y - Chapter 1 Bắt buộc xem'/'002 #2. Tài liệu khóa học (Project Y).pdf'

Filter & IO redirection command#

Grep (Global Regular Expression Print)#

Find text patterns in files
Syntax: grep "search_term" [flags] [file_name]
- grep “mom” hello.txt
- grep “mom” -n hello.txt (-n: line number)
- grep “mom” -Rn . (-R: recursive, search multiple file all in current directory)
- grep “^app” hello.txt (RegEx, search line start with app)
- grep “error$” mvn_error.log (RegEx, search line end with error)
- grep -c NullPointerException SomeErrorLogs.txt (count how many time NullPointerException appear in SomeErrorLogs.txt)

Alt text

Grep help

1
❯ grep --help
2
Usage: grep [OPTION]... PATTERNS [FILE]...
3
Search for PATTERNS in each FILE.
4
Example: grep -i 'hello world' menu.h main.c
5
PATTERNS can contain multiple patterns separated by newlines.
6

7
Pattern selection and interpretation:
8
  -E, --extended-regexp     PATTERNS are extended regular expressions
9
  -F, --fixed-strings       PATTERNS are strings
10
  -G, --basic-regexp        PATTERNS are basic regular expressions
11
  -P, --perl-regexp         PATTERNS are Perl regular expressions
12
  -e, --regexp=PATTERNS     use PATTERNS for matching
13
  -f, --file=FILE           take PATTERNS from FILE
14
  -i, --ignore-case         ignore case distinctions in patterns and data
15
      --no-ignore-case      do not ignore case distinctions (default)
16
  -w, --word-regexp         match only whole words
17
  -x, --line-regexp         match only whole lines
18
  -z, --null-data           a data line ends in 0 byte, not newline
19

20
Miscellaneous:
21
  -s, --no-messages         suppress error messages
22
  -v, --invert-match        select non-matching lines
23
  -V, --version             display version information and exit
24
      --help                display this help text and exit
25

26
Output control:
27
  -m, --max-count=NUM       stop after NUM selected lines
28
  -b, --byte-offset         print the byte offset with output lines
29
  -n, --line-number         print line number with output lines
30
      --line-buffered       flush output on every line
31
  -H, --with-filename       print file name with output lines
32
  -h, --no-filename         suppress the file name prefix on output
33
      --label=LABEL         use LABEL as the standard input file name prefix
34
  -o, --only-matching       show only nonempty parts of lines that match
35
  -q, --quiet, --silent     suppress all normal output
36
      --binary-files=TYPE   assume that binary files are TYPE;
37
                            TYPE is 'binary', 'text', or 'without-match'
38
  -a, --text                equivalent to --binary-files=text
39
  -I                        equivalent to --binary-files=without-match
40
  -d, --directories=ACTION  how to handle directories;
41
                            ACTION is 'read', 'recurse', or 'skip'
42
  -D, --devices=ACTION      how to handle devices, FIFOs and sockets;
43
                            ACTION is 'read' or 'skip'
44
  -r, --recursive           like --directories=recurse
45
  -R, --dereference-recursive  likewise, but follow all symlinks
46
      --include=GLOB        search only files that match GLOB (a file pattern)
47
      --exclude=GLOB        skip files that match GLOB
48
      --exclude-from=FILE   skip files that match any file pattern from FILE
49
      --exclude-dir=GLOB    skip directories that match GLOB
50
  -L, --files-without-match  print only names of FILEs with no selected lines
51
  -l, --files-with-matches  print only names of FILEs with selected lines
52
  -c, --count               print only a count of selected lines per FILE
53
  -T, --initial-tab         make tabs line up (if needed)
54
  -Z, --null                print 0 byte after FILE name
55

56
Context control:
57
  -B, --before-context=NUM  print NUM lines of leading context
58
  -A, --after-context=NUM   print NUM lines of trailing context
59
  -C, --context=NUM         print NUM lines of output context
60
  -NUM                      same as --context=NUM
61
      --group-separator=SEP  print SEP on line between matches with context
62
      --no-group-separator  do not print separator for matches with context
63
      --color[=WHEN],
64
      --colour[=WHEN]       use markers to highlight the matching strings;
65
                            WHEN is 'always', 'never', or 'auto'
66
  -U, --binary              do not strip CR characters at EOL (MSDOS/Windows)
67

68
When FILE is '-', read standard input.  With no FILE, read '.' if
69
recursive, '-' otherwise.  With fewer than two FILEs, assume -h.
70
Exit status is 0 if any line is selected, 1 otherwise;
71
if any error occurs and -q is not given, the exit status is 2.
72

73
Report bugs to: bug-grep@gnu.org
74
GNU grep home page: <https://www.gnu.org/software/grep/>
75
General help using GNU software: <https://www.gnu.org/gethelp/>

Usecase 1: We have sample file 0_Run predefined test cases.txt contain the log from Github Action CI pipeline. Search error logs find the error. Problem is the file are too long (10k ~ line), and we are in server, we not have any IDE to use.
Find text contain “Exception”

1
grep "Exception" 0_Run predefined test cases.txt

Syntax:
- grep “key_word” -param file_name
Param
- R: search recursively
- n: show line number
Usecase 2: Find the export port of docker container name pgadmin. We can easily use docker ps then use eyes to look for the pgadmin container. But when the number of container become 50, 100 or even more. Using docker ps and search manually make you look silly :).
Search with grep + pipe operator |

1
❯ docker ps | grep pgadmin
2
7ed17a84f912   dpage/pgadmin4   "/entrypoint.sh"         12 days ago   Up 39 minutes             443/tcp, 0.0.0.0:5050->80/tcp, [::]:5050->80/tcp   pgadmin

Sed (non-interactive text editor)#

Mainly use RegEx, play with RegEx here: https://regex101.com/

s: subtitution

1
❯ sed 's/mom/dad' main.js

Above command just print the file with replaced part, not a real change
We use redirection operator to take the output of command then input for sed

1
❯ sed 's/mom/dad' main.js > hihi.js

Using sed at 2nd half pipe, this mean replace all q with vl, g for global search

1
❯ echo "lcaohoanqqqq" | sed "s/q/vl/g"
2
lcaohoanvlvlvlvl

Bash Scripting#

Instead of doing manually command in Linux enviroment, we use text file to automate day to day regular tasks, that text file tell system run each command we defined.
We have many cool tools outside: Ansible, Puppet, Chef, SaltStack, Terraform why to learn Bash script

Many concept derived from bash script concepts

Create new firstscript.sh:

1
#!/bin/bash
2

3
### This script prints system info ###
4

5
echo "Welcome to bash script"
6
echo
7

8
# Checking system uptime
9
echo "###############################"
10
echo "The uptime of the system is:"
11
uptime
12
echo
13

14
# Memory utilization
15
echo "###############################"
16
echo "Memory utilization"
17
free -m
18
echo
19

20
# Disk utilization
21
echo "###############################"
22
echo "Disk utilization"
23
df -h

#! called SHEBANG, tell the script to interpreter the reset of file using /bin/bash interpreter, so if we change to /usr/bin/python it will use python interpreter to run the script

Now we execute firstscript.sh

1
❯ nvim firstscript.sh
2
❯ ./firstscript.sh
3
zsh: permission denied: ./firstscript.sh
4
❯ chmod +x ./firstscript.sh
5
❯ ./firstscript.sh
6
Welcome to bash script
7

8
###############################
9
The uptime of the system is:
10
 08:37:01 up 30 min,  1 user,  load average: 0.33, 0.44, 0.42
11

12
###############################
13
Memory utilization
14
               total        used        free      shared  buff/cache   available
15
Mem:           31963        5103       23971         837        4170       26859
16
Swap:          11628           0       11628
17

18
###############################
19
Disk utilization
20
Filesystem      Size  Used Avail Use% Mounted on
21
udev             16G     0   16G   0% /dev
22
tmpfs           3.2G  2.0M  3.2G   1% /run
23
/dev/sdb1       208G   82G  116G  42% /
24
tmpfs            16G   80M   16G   1% /dev/shm
25
tmpfs           5.0M  8.0K  5.0M   1% /run/lock
26
tmpfs           1.0M     0  1.0M   0% /run/credentials/systemd-journald.service
27
tmpfs            16G   20M   16G   1% /tmp
28
/dev/nvme0n1p1  234G  144G   79G  65% /media/data
29
tmpfs           3.2G  140K  3.2G   1% /run/user/1000

websetup.sh: script for host a website

1
#!/bin/bash
2

3
# Install on CentOS
4
# sudo yum install wget unzip httpd -y
5
# -y continue to install the relate pakage if not install
6

7
# I don't want to see that much infomation about installing package
8
sudo yum install wget unzip httpd -y >/dev/null
9
# Redirection: error, generate some output, if not error put to /dev/null
10

11
sudo systemctl start httpd
12
sudo systemctl enable httpd
13

14
# Why use -p tag
15
# -p: mean parent, without -p, will throw error
16
# without -p will create only one level directory
17
mkdir -p /tmp/webfiles
18

19
cd /tmp/webfiles
20

21
# Download this zip using wget, can use curl,...
22
wget https://www.tooplate.com/zip-templates/2098_health.zip
23
unzip 2098_health.zip
24

25
# cp - r: recursive, copy all file, subfiles, folder
26
# source: all unzip file inside 2098_health to /var/www/html/
27
cp -r 2098_health/* /var/www/html/
28

29
systemctl restart httpd
30

31
# Clean up resources
32
rm -rf /tmp/webfiles

More optimized, unzip to destination directory

1
unzip 2098_health.zip -d /var/www/html/

There are too many shell nowadays: bash, zsh, fish,.. you can check your current shell using echo $SHELL command:

1
❯ echo $SHELL
2
/usr/bin/zsh

My favorite shell is zsh (sound with z-shell, zsh is default shell on MacOS, in Linux need to install manually), im using with oh-my-zsh, it’s powerful with lot of plugin and really pretty

Variables#

websetup.sh: refactored version

1
#!/bin/bash
2
set -e
3

4
### ====== VARIABLES ======
5
PKG_MANAGER="yum"
6
PACKAGES=("wget" "unzip" "httpd")
7

8
SERVICE_NAME="httpd"
9

10
TMP_DIR="/tmp/webfiles"
11
ZIP_URL="https://www.tooplate.com/zip-templates/2098_health.zip"
12
ZIP_FILE="2098_health.zip"
13
UNZIP_DIR="2098_health"
14

15
WEB_ROOT="/var/www/html"
16
### =======================
17

18
echo "▶ Installing packages..."
19
sudo $PKG_MANAGER install -y "${PACKAGES[@]}" >/dev/null
20

21
echo "▶ Starting & enabling service: $SERVICE_NAME"
22
sudo systemctl start $SERVICE_NAME
23
sudo systemctl enable $SERVICE_NAME
24

25
echo "▶ Preparing temp directory: $TMP_DIR"
26
mkdir -p "$TMP_DIR"
27
cd "$TMP_DIR"
28

29
echo "▶ Downloading template..."
30
wget "$ZIP_URL"
31

32
echo "▶ Extracting..."
33
unzip "$ZIP_FILE"
34

35
echo "▶ Deploying to web root: $WEB_ROOT"
36
sudo cp -r "$UNZIP_DIR"/* "$WEB_ROOT"
37

38
echo "▶ Restarting service..."
39
sudo systemctl restart $SERVICE_NAME
40

41
echo "▶ Cleaning up..."
42
rm -rf "$TMP_DIR"
43

44
echo "✅ Done!"

Advantages:
- set -e: fail fast, any command error (exitcode != 0) script stop immediately.
- Pass arguement : ZIP_URL=$1 UNZIP_DIR=$2, run: bash ./websetup.sh https://example.com/site.zip mysite
- Array of needed packages: can extend when runtime PACKAGES+=("curl")
More enhance version

1
#!/bin/bash
2
set -euo pipefail
3

4
### ========= CONFIG =========
5
LOG_FILE="/var/log/web_deploy.log"
6

7
TMP_DIR="/tmp/webfiles"
8
ZIP_URL="https://www.tooplate.com/zip-templates/2098_health.zip"
9
ZIP_FILE="2098_health.zip"
10
UNZIP_DIR="2098_health"
11
WEB_ROOT="/var/www/html"
12
SERVICE_NAME="httpd"
13
### ==========================
14

15
### ========= LOGGING =========
16
exec > >(tee -a "$LOG_FILE") 2>&1
17
echo "===== START DEPLOY: $(date) ====="
18
### ===============================
19

20
### ========= CHECK OS =========
21
if [ -f /etc/os-release ]; then
22
    . /etc/os-release
23
    OS=$ID
24
else
25
    echo "❌ Cannot detect OS"
26
    exit 1
27
fi
28

29
echo "▶ Detected OS: $OS"
30

31
### ========= DETECT PACKAGE MANAGER =========
32
if command -v dnf >/dev/null; then
33
    PKG_MANAGER="dnf"
34
elif command -v yum >/dev/null; then
35
    PKG_MANAGER="yum"
36
elif command -v apt >/dev/null; then
37
    PKG_MANAGER="apt"
38
else
39
    echo "❌ No supported package manager found"
40
    exit 1
41
fi
42

43
echo "▶ Using package manager: $PKG_MANAGER"
44

45
### ========= INSTALL PACKAGES =========
46
if [[ "$PKG_MANAGER" == "apt" ]]; then
47
    sudo apt update -y
48
    sudo apt install -y wget unzip apache2
49
    SERVICE_NAME="apache2"
50
else
51
    sudo $PKG_MANAGER install -y wget unzip httpd
52
fi
53

54
### ========= SERVICE =========
55
sudo systemctl enable "$SERVICE_NAME"
56
sudo systemctl start "$SERVICE_NAME"
57

58
### ========= DEPLOY =========
59
echo "▶ Preparing temp dir"
60
rm -rf "$TMP_DIR"
61
mkdir -p "$TMP_DIR"
62
cd "$TMP_DIR"
63

64
echo "▶ Downloading template"
65
wget "$ZIP_URL"
66

67
echo "▶ Extracting"
68
unzip "$ZIP_FILE"
69

70
echo "▶ Copying files to web root"
71
sudo rm -rf "$WEB_ROOT"/*
72
sudo cp -r "$UNZIP_DIR"/* "$WEB_ROOT"
73

74
sudo systemctl restart "$SERVICE_NAME"
75

76
### ========= CLEAN =========
77
rm -rf "$TMP_DIR"
78

79
echo "✅ DEPLOY SUCCESS"
80
echo "===== END DEPLOY: $(date) ====="

Advantages:

Check OS (CentOS / Rocky / Alma / Ubuntu / Debian)

1
❯ cat /etc/os-release
2
PRETTY_NAME="Debian GNU/Linux 13 (trixie)"
3
NAME="Debian GNU/Linux"
4
VERSION_ID="13"
5
VERSION="13 (trixie)"
6
VERSION_CODENAME=trixie
7
DEBIAN_VERSION_FULL=13.2
8
ID=debian
9
HOME_URL="https://www.debian.org/"
10
SUPPORT_URL="https://www.debian.org/support"
11
BUG_REPORT_URL="https://bugs.debian.org/"

Auto detect package manager (yum | dnf | apt)

1
command -v dnf
2
command -v yum
3
command -v apt

Log to file -> /var/log/web_deploy.log
- exec > >(tee -a "$LOG_FILE") 2>&1
  - stdout
  - stderr
  - console
Fail fast pro vip
- set -euo pipefail:
  - -e: if error stop
  - -u: any variable not set -> fail
  - pipefail: pipe fail -> fail

CLI Arguments#

Prepare 4_args.sh, with content

1
#!/bin/bash
2

3
echo "Demo CLI arugments"
4
echo "Value of 0 is: "
5
echo $0
6

7
echo "Value of 1 is: "
8
echo $1
9

10
echo "Value of 2 is: "
11
echo $2
12

13
echo "Value of 3 is: "
14
echo $3

Let’s test

1
❯ ./4_args.sh
2
Demo CLI arugments
3
Value of 0 is:
4
./4_args.sh
5
Value of 1 is:
6

7
Value of 2 is:
8

9
Value of 3 is:
10

11
❯ ./4_args.sh linux hoang hello
12
Demo CLI arugments
13
Value of 0 is:
14
./4_args.sh
15
Value of 1 is:
16
linux
17
Value of 2 is:
18
hoang
19
Value of 3 is:
20
hello

When the variable are not declare, it will be empty, but with 0 is the name of the scripts, 1, 2, 3 are nothing
Let’s give a look to web_setup.sh
- I will comment out this line ZIP_URL="https://www.tooplate.com/zip-templates/2098_health.zip" and ZIP_FILE="2098_health.zip", then pass any web size resources i want:

1
#!/bin/bash
2
set -euo pipefail
3

4
### ========= CONFIG =========
5
LOG_FILE="/var/log/web_deploy.log"
6

7
TMP_DIR="/tmp/webfiles"
8
# ZIP_URL="https://www.tooplate.com/zip-templates/2098_health.zip"
9
# ZIP_FILE="2098_health.zip"
10
UNZIP_DIR="2098_health"
11
WEB_ROOT="/var/www/html"
12
SERVICE_NAME="httpd"
13
### ==========================
14

15
### ========= LOGGING =========
16
exec > >(tee -a "$LOG_FILE") 2>&1
17
echo "===== START DEPLOY: $(date) ====="
18
### ===============================
19

20
### ========= CHECK OS =========
21
if [ -f /etc/os-release ]; then
22
    . /etc/os-release
23
    OS=$ID
24
else
25
    echo "❌ Cannot detect OS"
26
    exit 1
27
fi
28

29
echo "▶ Detected OS: $OS"
30

31
### ========= DETECT PACKAGE MANAGER =========
32
if command -v dnf >/dev/null; then
33
    PKG_MANAGER="dnf"
34
elif command -v yum >/dev/null; then
35
    PKG_MANAGER="yum"
36
elif command -v apt >/dev/null; then
37
    PKG_MANAGER="apt"
38
else
39
    echo "❌ No supported package manager found"
40
    exit 1
41
fi
42

43
echo "▶ Using package manager: $PKG_MANAGER"
44

45
### ========= INSTALL PACKAGES =========
46
if [[ "$PKG_MANAGER" == "apt" ]]; then
47
    sudo apt update -y
48
    sudo apt install -y wget unzip apache2
49
    SERVICE_NAME="apache2"
50
else
51
    sudo $PKG_MANAGER install -y wget unzip httpd
52
fi
53

54
### ========= SERVICE =========
55
sudo systemctl enable "$SERVICE_NAME"
56
sudo systemctl start "$SERVICE_NAME"
57

58
### ========= DEPLOY =========
59
echo "▶ Preparing temp dir"
60
rm -rf "$TMP_DIR"
61
mkdir -p "$TMP_DIR"
62
cd "$TMP_DIR"
63

64
echo "▶ Downloading template"
65
wget $1 #################This line###################
66

67
echo "▶ Extracting"
68
unzip $2 #################This line###################
69

70
echo "▶ Copying files to web root"
71
sudo rm -rf "$WEB_ROOT"/*
72
sudo cp -r "$UNZIP_DIR"/* "$WEB_ROOT"
73

74
sudo systemctl restart "$SERVICE_NAME"
75

76
### ========= CLEAN =========
77
rm -rf "$TMP_DIR"
78

79
echo "✅ DEPLOY SUCCESS"
80
echo "===== END DEPLOY: $(date) ====="

Then using like

1
./web_setup.sh https://www.tooplate.com/zip-templates/2150_living_parallax.zip 2150_living_parallax

System Variables#

Some System Variables, there are a few other variables that the system sets for you to use as well.

$0 - The name of the Bash script.
$1-$ 9-The first 9 arguments to the Bash script. (As mentioned above.)
$# - How many arguments were passed to the Bash script.
$@ - All the arguments supplied to the Bash script.
$? - The exit status of the most recently run process.
$USER - The username of the user running the script.
$HOSTNAME - The hostname of the machine the script is running on.
$SECONDS - The number of seconds since the script was started.
$RANDOM - Returns a different random number each time is it referred to.
$LINENO - Returns the current line number in the Bash script.
$SHELL - Return current using shell location (/bin/bash, /usr/bin/zsh,…)

$?: Exit code = 0, the last command work

1
❯ free -m
2
               total        used        free      shared  buff/cache   available
3
Mem:           31963        5661       20414         840        7182       26302
4
Swap:          11628           0       11628
5
❯ echo $?
6
0
7
❯ freeeeeee -m
8
zsh: command not found: freeeeeee
9
❯ echo $?
10
127
11
❯ fre -m12312312
12
zsh: command not found: fre
13
❯ echo $?
14
127
15
❯ cdd
16
zsh: command not found: cdd
17
❯ echo $?
18
127
19
❯ free -masdfasdfas
20
free: invalid option -- 'a'
21

22
Usage:
23
 free [options]
24

25
Options:
26
 -b, --bytes         show output in bytes
27
     --kilo          show output in kilobytes
28
     --mega          show output in megabytes
29
     --giga          show output in gigabytes
30
     --tera          show output in terabytes
31
     --peta          show output in petabytes
32
 -k, --kibi          show output in kibibytes
33
 -m, --mebi          show output in mebibytes
34
 -g, --gibi          show output in gibibytes
35
     --tebi          show output in tebibytes
36
     --pebi          show output in pebibytes
37
 -h, --human         show human-readable output
38
     --si            use powers of 1000 not 1024
39
 -l, --lohi          show detailed low and high memory statistics
40
 -L, --line          show output on a single line
41
 -t, --total         show total for RAM + swap
42
 -v, --committed     show committed memory and commit limit
43
 -s N, --seconds N   repeat printing every N seconds
44
 -c N, --count N     repeat printing N times, then exit
45
 -w, --wide          wide output
46

47
     --help     display this help and exit
48
 -V, --version  output version information and exit
49

50
For more details see free(1).
51
❯ echo $?
52
1

Quotes#

Double quotes v.s Single quotes#

Double quotes same as string in other programming language
Using exclude special character backward slash (\) for $9 to print it directly without let the shell think it is 9th argument

1
❯ SKILL="DevOps"
2

3
❯ echo $SKILL
4
DevOps
5

6
❯ SKILL='Devops'
7

8
❯ echo $SKILL
9
Devops
10

11
❯ echo "I have got $SKILL skill"
12
I have got Devops skill
13

14
❯ echo 'I have got $SKILL skill'
15
I have got $SKILL skill
16

17
❯ FOOD="kfc"
18

19
❯ echo "I want to eat some $FOOD, i go to the mall with $9 invoice"
20

21
I want to eat some kfc, i go to the mall with  invoice
22

23
❯ echo 'I want to eat some $FOOD, i go to the mall with $9 invoice'
24

25
I want to eat some $FOOD, i go to the mall with $9 invoice
26

27
❯ echo "I want to eat some $FOOD, i go to the mall with \$9 invoice"
28

29
I want to eat some kfc, i go to the mall with $9 invoice

Command Substitution#

Example with free -m command to get free memory then store to variable
Idea: store the output of command to a variable then using pipe chain
- free -m: show current memory using
- grep -i mem: find ignore case word “mem”
- awk '{print $4}': 4th column, value is 19692 MB

Connect them using pipe |, let’s see step by step

1
❯ free -m
2
               total        used        free      shared  buff/cache   available
3
Mem:           31963        6347       19646         995        7417       25615
4
Swap:          11628           0       11628
5

6
❯ free -m | grep -i mem
7
Mem:           31963        6301       19692         972        7395       25661
8

9
❯ free -m | grep -i mem | awk `{print $4}`
10
Usage: mawk [Options] [Program] [file ...]
11

12
Program:
13
    The -f option value is the name of a file containing program text.
14
    If no -f option is given, a "--" ends option processing; the following
15
    parameters are the program text.
16

17
Options:
18
    -f program-file  Program  text is read from file instead of from the
19
                     command-line.  Multiple -f options are accepted.
20
    -F value         sets the field separator, FS, to value.
21
    -v var=value     assigns value to program variable var.
22
    --               unambiguous end of options.
23

24
    Implementation-specific options are prefixed with "-W".  They can be
25
    abbreviated:
26

27
    -W version       show version information and exit.
28
    -W dump          show assembler-like listing of program and exit.
29
    -W help          show this message and exit.
30
    -W interactive   set unbuffered output, line-buffered input.
31
    -W exec file     use file as program as well as last option.
32
    -W posix         stricter POSIX checking.
33
    -W random=number set initial random seed.
34
    -W sprintf=number adjust size of sprintf buffer.
35
    -W traditional   pre-POSIX 2001.
36
    -W usage         show this message and exit.
37

38
# Be careful with backtick, or single quotes
39

40
❯ free -m | grep -i mem | awk '{print $4}'
41
19438
42

43
❯ FREE_RAM=`free -m | grep -i mem | awk '{print $4}'`
44

45
❯ echo "Free RAM is $FREE_RAM mb"
46
Free RAM is 19498 mb

Create new 6_command_subs.sh:

1
#!/bin/bash
2

3
echo "Welcome $USER on $HOSTNAME."
4

5
echo "################################################"
6

7
FREERAM=$(free -m | grep Mem | awk '{print $4}')
8
LOAD=$(uptime | awk '{print $9}')
9
ROOTFREE=$(df -h | grep '/dev/sdal' | awk '{print $4}')
10

11
echo "################################################"
12
echo "Available free RAM is $FREERAM MB"
13
echo "################################################"
14
echo "Current Load Average $LOAD"
15
echo "################################################"
16
echo "Free ROOT partiotion size is $ROOTFREE"

Output

1
❯ ./6_command_subs.sh
2
Welcome lcaohoanq on hoang.
3
################################################
4
################################################
5
Available free RAM is 19528 MB
6
################################################
7
Current Load Average 0.35,
8
################################################
9
Free ROOT partiotion size is

Export Variables (Environment Variables)#

Too much env variables make you dizzy

1. Shell variables vs environment variables#

When you define a variable like this:

1
MY_NAME="hoang"

This variable exists only in the current shell
It is not inherited by new shells or programs

Example:

1
❯ MY_NAME="hoang"
2
❯ echo $MY_NAME
3
hoang
4

5
❯ bash
6
❯ echo $MY_NAME
7
# no output
8
❯ exit

The new bash shell does not know about MY_NAME.

2. What does `export` do?#

Theexport command turns a shell variable into an environment variable.

Environment variables are passed from a parent process to its child processes

Example:

1
❯ export MY_NAME="hoang"
2

3
❯ bash
4
❯ echo $MY_NAME
5
hoang
6
❯ exit

Now MY_NAME is available in the child shell.

3. Parent process vs child process#

Parent process: the current shell
Child process: a process started by the parent

Example:

1
bash

Current shell → parent process
New bash shell → child process

Only exported variables are inherited by child processes.

Export variables permanently#

4. Make a variable permanent for the current user#

To make a variable available every time you open a terminal, add it to your shell config file:

Bash: ~/.bashrc
Zsh: ~/.zshrc

Example (Zsh):

1
❯ nvim ~/.zshrc
2

3
# add at the end
4
export MY_NAME="hoang"

Reload the file:

1
❯ source ~/.zshrc

Verify:

1
❯ echo $MY_NAME
2
hoang

5. System-wide environment variables#

To make a variable available for all users, add it to /etc/profile:

1
sudo vim /etc/profile
2

3
# add at the end
4
export MY_SYSTEM_VAR="system_var_value"

Reload (or open a new terminal):

1
❯ source /etc/profile

Check:

1
❯ echo $MY_SYSTEM_VAR
2
system_var_value

6. Why variables are missing after sudo -i#

1
❯ sudo -i
2
root@hoang:~# echo $MY_SYSTEM_VAR

Explanation:

sudo -i starts a new login shell for the root user
sudo resets most environment variables for security
The root shell loads root’s own config files, not yours

This behavior is expected and intentional.

User Input#

Read user input using read command

1
#!/bin/bash
2
echo "Enter your name: "
3
read NAME
4
echo "Hello, $NAME!"

Run the script

1
❯ ./user_input.sh
2
Enter your name:
3
Hoang
4
Hello, Hoang!

vim user_input.sh:

1
#!/bin/bash
2

3
echo "Enter your skills: "
4
read SKILLS
5

6
echo "Your $SKILLS skill is in high Demand in the IT Industry!"
7

8
read -p 'Username: ' USR
9
read -sp 'Password: ' pass
10

11
echo
12

13
echo "Login successful: Welcome USER $USR,"

Run the script

1
❯ ./user_input.sh
2
Enter your skills:
3
DevOps
4
Your DevOps skill is in high Demand in the IT Industry!
5
Username: hoang
6
Password:
7
Login successful: Welcome USER hoang,

Explain:
- read -p 'Username: ' USR: prompt inline
- read -sp 'Password: ' pass: silent input (no echo)

Decision Making#

if statement#

Basic if statement

1
if [ condition ]; then
2
 # commands to execute if condition is true
3
fi

Example: Check if a number is positive

1
#!/bin/bash
2
echo "Enter a number: "
3
read NUM
4
if [ $NUM -gt 0 ]; then
5
 echo "$NUM is a positive number."
6
fi

Run the script

1
❯ ./if_example.sh
2
Enter a number:
3
5
4
5 is a positive number.

if-else statement#

1
#!/bin/bash
2

3
read -p "Enter a number: " NUM
4
echo
5

6
if [ $NUM -gt 100 ]; then
7
  echo "$NUM is happy"
8
else
9
  echo "Very sad momment"
10
fi

Run the script

1
❯ ./18_decision_making.sh
2
Enter a number: 103
3

4
103 is happy
5
❯ ./18_decision_making.sh
6
Enter a number: 5
7

8
Very sad momment

Update a little syntax with more command

1
#!/bin/bash
2

3
read -p "Enter a number: " NUM
4
echo
5

6
if [ $NUM -gt 100 ]; then
7
  echo "$NUM is happy"
8
  sleep 3
9
  echo "hihihihihi"
10
  echo
11
  date
12
  free -m
13

14
else
15
  echo "Very sad momment"
16

17
fi
18

19
echo "Command execute successfully"

Run the script

1
❯ ./18_decision_making.sh
2
Enter a number: 103
3

4
103 is happy
5
hihihihihi
6

7
Fri Jan  2 11:30:40 PM +07 2026
8
               total        used        free      shared  buff/cache   available
9
Mem:           31963       15978        6948        1519       11009       15985
10
Swap:          11628           0       11628
11
Command execute successfully
12
❯ cat 18_decision_making.sh | xclip -selection clipboard

Explanation of additional commands:
- sleep 3: pauses the script for 3 seconds
- date: displays the current date and time
- free -m: shows memory usage in megabytes

if-elif-else statement#

Update command with elif, we test this chain pipe

1
❯ ip a | wc -l
2
54
3

4
❯ ip a
5
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
6
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
7
    inet 127.0.0.1/8 scope host lo
8
       valid_lft forever preferred_lft forever
9
    inet6 ::1/128 scope host noprefixroute
10
       valid_lft forever preferred_lft forever
11
2: enp5s0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc fq_codel state DOWN group default qlen 1000
12
    link/ether 3c:7c:3f:16:8e:de brd ff:ff:ff:ff:ff:ff
13
    altname enx3c7c3f168ede
14
3: wlp1s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
15
    link/ether 00:bb:60:b8:96:3d brd ff:ff:ff:ff:ff:ff
16
    altname wlx00bb60b8963d
17
    inet 192.168.88.171/24 brd 192.168.88.255 scope global dynamic noprefixroute wlp1s0
18
       valid_lft 32372sec preferred_lft 32372sec
19
    inet6 fe80::2bb:60ff:feb8:963d/64 scope link noprefixroute
20
       valid_lft forever preferred_lft forever
21
4: tailscale0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1280 qdisc fq_codel state UNKNOWN group default qlen 500
22
    link/none
23
    inet 100.101.189.57/32 scope global tailscale0
24
       valid_lft forever preferred_lft forever
25
    inet6 fd7a:115c:a1e0::7537:bd39/128 scope global
26
       valid_lft forever preferred_lft forever
27
    inet6 fe80::ed55:eb39:cb1b:885c/64 scope link stable-privacy proto kernel_ll
28
       valid_lft forever preferred_lft forever
29
5: br-2778de006a7e: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
30
    link/ether ba:37:5b:81:6b:42 brd ff:ff:ff:ff:ff:ff
31
    inet 172.19.0.1/16 brd 172.19.255.255 scope global br-2778de006a7e
32
       valid_lft forever preferred_lft forever
33
6: br-9e3f99bdd6f8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
34
    link/ether de:bb:a7:b9:66:f8 brd ff:ff:ff:ff:ff:ff
35
    inet 172.18.0.1/16 brd 172.18.255.255 scope global br-9e3f99bdd6f8
36
       valid_lft forever preferred_lft forever
37
    inet6 fe80::dcbb:a7ff:feb9:66f8/64 scope link proto kernel_ll
38
       valid_lft forever preferred_lft forever
39
7: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default
40
    link/ether 0a:e9:2d:18:84:f4 brd ff:ff:ff:ff:ff:ff
41
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
42
       valid_lft forever preferred_lft forever
43
8: veth4f8b07e@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e3f99bdd6f8 state UP group default
44
    link/ether 4e:fb:2c:cb:67:de brd ff:ff:ff:ff:ff:ff link-netnsid 0
45
    inet6 fe80::4cfb:2cff:fecb:67de/64 scope link proto kernel_ll
46
       valid_lft forever preferred_lft forever
47
9: veth388b003@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e3f99bdd6f8 state UP group default
48
    link/ether f6:0f:25:03:f8:7b brd ff:ff:ff:ff:ff:ff link-netnsid 1
49
    inet6 fe80::f40f:25ff:fe03:f87b/64 scope link proto kernel_ll
50
       valid_lft forever preferred_lft forever
51
10: veth3470dee@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e3f99bdd6f8 state UP group default
52
    link/ether fe:8e:48:85:99:1d brd ff:ff:ff:ff:ff:ff link-netnsid 2
53
    inet6 fe80::fc8e:48ff:fe85:991d/64 scope link proto kernel_ll
54
       valid_lft forever preferred_lft forever
55
11: veth8a12733@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e3f99bdd6f8 state UP group default
56
    link/ether 52:f6:b2:7b:fa:75 brd ff:ff:ff:ff:ff:ff link-netnsid 3
57
    inet6 fe80::50f6:b2ff:fe7b:fa75/64 scope link proto kernel_ll
58
       valid_lft forever preferred_lft forever
59

60
❯ ip a | grep -v LOOPBACK | grep -ic mtu
61
10

ip a | wc -l: count all line of ip a output
ip a | grep -v LOOPBACK | grep -ic mtu: count all line without LOOPBACK line, case insensitive with word mtu

1
#!/bin/bash
2

3
value=$(ip a | grep -v LOOPBACK | grep -ic mtu)
4

5
if [ $value -eq 1 ]; then
6
  echo "1 Active network found"
7
elif [ $value -gt 1 ]; then
8
  echo "Found multiple active network"
9
else
10
  echo "Not found any active network"
11
fi

Run the script

1
❯ ./18_decision_making.sh
2
Found multiple active network

Explanation of operators:
- elif: else if
- else: default case
- fi: end of if statement
- []: test condition
- -gt: greater than
- -lt: less than
- -eq: equal to
- -ne: not equal to
- -ge: greater than or equal to
- -le: less than or equal to

Script for Monitoring#

We see that: if docker service running, the pid file /var/run/docker.pid exist, and the echo $? return 0, else the service httpd not running, the /var/run/httpd.pid file not exist, and the echo $? return value different 0 (4)

1
❯ sudo systemctl status docker
2
[sudo] password for lcaohoanq:
3
● docker.service - Docker Application Container Engine
4
     Loaded: loaded (/usr/lib/systemd/system/docker.service; enabled; preset: enabl>
5
     Active: active (running) since Sat 2026-01-03 14:17:58 +07; 5min ago
6
 Invocation: c51fe347fdc2465ca0a7736979bddd86
7
TriggeredBy: ● docker.socket
8
       Docs: https://docs.docker.com
9
   Main PID: 1441 (dockerd)
10
      Tasks: 114
11
     Memory: 170.9M (peak: 172.4M)
12
        CPU: 1.675s
13
     CGroup: /system.slice/docker.service
14
             ├─1441 /usr/bin/dockerd -H fd:// --containerd=/run/containerd/containe>
15
             ├─2030 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 90>
16
             ├─2039 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 9092 -c>
17
             ├─2053 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 90>
18
             ├─2060 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 9093 -c>
19
             ├─2075 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 96>
20
             ├─2082 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 9644 -c>
21
             ├─2104 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 63>
22
             ├─2111 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 6379 -c>
23
             ├─2126 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 54>
24
             ├─2134 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 5432 -c>
25
             ├─2156 /usr/bin/docker-proxy -proto tcp -host-ip 0.0.0.0 -host-port 50>
26
             └─2163 /usr/bin/docker-proxy -proto tcp -host-ip :: -host-port 5050 -c>
27

28
Jan 03 14:17:57 hoang dockerd[1441]: time="2026-01-03T14:17:57.161991074+07:00" lev>
29
Jan 03 14:17:57 hoang dockerd[1441]: time="2026-01-03T14:17:57.173795135+07:00" lev>
30
Jan 03 14:17:57 hoang dockerd[1441]: time="2026-01-03T14:17:57.175525565+07:00" lev>
31
Jan 03 14:17:57 hoang dockerd[1441]: time="2026-01-03T14:17:57.522669755+07:00" lev>
32
Jan 03 14:17:57 hoang dockerd[1441]: time="2026-01-03T14:17:57.557318565+07:00" lev>
33
Jan 03 14:17:57 hoang dockerd[1441]: time="2026-01-03T14:17:57.558896128+07:00" lev>
34
Jan 03 14:17:58 hoang dockerd[1441]: time="2026-01-03T14:17:58.109646948+07:00" lev>
35
Jan 03 14:17:58 hoang dockerd[1441]: time="2026-01-03T14:17:58.118689141+07:00" lev>
36
Jan 03 14:17:58 hoang dockerd[1441]: time="2026-01-03T14:17:58.118722878+07:00" lev>
37
Jan 03 14:17:58 hoang systemd[1]: Started docker.service - Docker Application Conta>
38
❯ cat /var/run/docker.pid
39
1441%                                                                               ❯ echo $?
40
0
41
❯ sudo systemctl status httpd
42
Unit httpd.service could not be found.
43
❯ echo $?
44
4

Create 21_script_monitoring.sh script

1
❯ nvim 21_script_monitoring.sh
2
#!/bin/bash
3

4
echo "######################################"
5
date
6

7
PROCESS_NAME=$1
8
PROCESS_DIR="$PROCESS_NAME.pid"
9

10
ls /var/run/$PROCESS_NAME/$PROCESS_DIR
11

12
if [ $? -eq 0 ]; then
13
  echo "$PROCESS_NAME is running"
14
else
15
  echo "$PROCESS_NAME is not running"
16
  echo "Starting the process"
17
  systemctl start $PROCESS_NAME
18
  if [ $? -eq 0 ]; then
19
    echo "$PROCESS_NAME started successfully"
20
  else
21
    echo "$PROCESS_NAME fail to start, contact the admin."
22
  fi
23
fi
24

25
echo "######################################"
26
echo
27
❯ ./21_script_monitoring.sh
28
######################################
29
Sat Jan  3 02:35:25 PM +07 2026
30
ls: cannot access '/var/run//.pid': No such file or directory
31
 is not running
32
Starting the process
33
Too few arguments.
34
 fail to start, contact the admin.
35
######################################
36

37
❯ ./21_script_monitoring.sh docker
38
######################################
39
Sat Jan  3 02:35:38 PM +07 2026
40
ls: cannot access '/var/run/docker/docker.pid': Permission denied
41
docker is not running
42
Starting the process
43
docker started successfully
44
######################################
45

46
❯ ./21_script_monitoring.sh httpd
47
######################################
48
Sat Jan  3 02:36:18 PM +07 2026
49
ls: cannot access '/var/run/httpd/httpd.pid': No such file or directory
50
httpd is not running
51
Starting the process
52
Failed to start httpd.service: Unit httpd.service not found.
53
httpd fail to start, contact the admin.
54
######################################

Explanation:
- $1: first argument to the script (process name)
- ls /var/run/$PROCESS_NAME/$PROCESS_DIR: check if pid file exists
- if [ $? -eq 0 ]; then: check exit status of last command
- systemctl start $PROCESS_NAME: start the process if not running
But above script come with a lot of problems:
- Depend on path of pid file, not all service have pid file in /var/run/ directory, so may lead to false negative
- Permission denied != not running, so may lead to false positive
- Some service may have different name between systemctl and pid file, e.g: httpd on CentOS/RHEL v.s apache2 on Debian/Ubuntu
- Input validation missing
  - Solution: check if $1 is empty, if empty exit with error
- If any error (exit code != 0), the script continue run, may lead to unwanted behavior
  - Solution: add set -euo pipefail at the top of the script to make it fail fast, or simpler with set -e

Unreliable script, just for demo purpose

Improve the script to be more reliable:

1
#!/bin/bash
2
set -e
3

4
if [ -z "$1" ]; then
5
  echo "Usage: $0 <process_name>"
6
  exit 1
7
fi
8

9
PROCESS_NAME="$1"
10

11
echo "######################################"
12
date
13

14
if systemctl is-active --quiet "$PROCESS_NAME"; then
15
  echo "$PROCESS_NAME is running"
16
else
17
  echo "$PROCESS_NAME is not running"
18
  echo "Starting the process..."
19

20
  if systemctl start "$PROCESS_NAME"; then
21
    echo "$PROCESS_NAME started successfully"
22
  else
23
    echo "$PROCESS_NAME failed to start, contact the admin."
24
    exit 1
25
  fi
26
fi
27

28
echo "######################################"
29
echo

set -e#

set -e: basic fail fast, if any command return exit code different 0, the script stop immediately But it cannot catch
Variables not set
- Solution: use set -u (Any variable not set -> fail)

Pipeline fail

Solution: use set -o pipefail (Pipe fail -> fail)

1
# No pipefail
2
set -e
3
false | true
4
echo "still running"
5
# Output: still running

1
# With pipefail
2
set -eo pipefail
3
false | true
4
echo "still running"
5
# No output, script stops

So the best practice is to use set -euo pipefail at the top of your bash scripts
If that using set -euo pipefail is good, when not need to use
- script interactive
- script small and simple, no complex logic

/dev/null#

The black hole 🕳 in Linux, anything sent to /dev/null will be discarded
Example: suppress output of a command

1
❯ ls non_existent_file
2
ls: cannot access 'non_existent_file': No such file or directory
3
❯ ls non_existent_file > /dev/null 2>&1
4
❯ echo $?
5
2

The script fully silent, no output shown, but the exit code still preserved

Cron Job#

How to write a cron schedule expression: https://crontab.guru/

Syntax

1
❯ crontab --help
2
crontab: invalid option -- '-'
3
crontab: usage error: unrecognized option
4
usage: crontab [-u user] [-n] file
5
 crontab [ -u user ] [ -i ] { -e | -l | -r }
6

7
 -h (displays this help message)
8

9
 file (default operation is replace, per 1003.2)
10
 -n (dry run: checks the syntax, then bails out)
11
 -u user (choose the user whose crontab is touched)
12

13
 -e (edit user's crontab)
14
 -l (list user's crontab)
15
 -r (delete user's crontab)
16

17
 -i (prompt before deleting user's crontab)

Example: automate the web deployment script with cron job

1
crontab -e

Add the following line to run the deployment script every day at 2 AM

1
0 2 * * * /path/to/web_setup.sh https://www.tooplate.com/zip-templates/2150_living_parallax.zip 2150_living_parallax >> /var/log/web_deploy.log 2>&1

Explanation:
- 0 2 * * *: schedule to run at 2:00 AM every day
- /path/to/web_setup.sh ...: command to run the deployment script with arguments
- >> /var/log/web_deploy.log 2>&1: append both stdout and stderr to a log file for monitoring, can use without 2>&1 in new bash version,

Loops#

For loop#

When to use for loop:

When the number of iterations is known in advance

When iterating over a list or array of items

Syntax:

1
for VAR in item1 item2 item3; do
2
  # commands to execute for each item
3
done

Example: Loop through a list of items

1
#!/bin/bash
2
for ITEM in "apple" "banana" "cherry"; do
3
  echo "I like $ITEM"
4
done

Run the script

1
❯ ./for_loop.sh
2
I like apple
3
I like banana
4
I like cherry

1
#!/bin/bash
2

3
for VAR1 in java .net python ruby golang javascript; do
4
  sleep 1
5
  echo "I love $VAR1 programming language"
6
  date
7
done

Run the script

1
❯ ./for_loop.sh
2
I love java programming language
3
Sat Jan  3 03:10:12 PM +07 2026
4
I love .net programming language
5
Sat Jan  3 03:10:13 PM +07 2026
6
I love python programming language
7
Sat Jan  3 03:10:14 PM +07 2026
8
I love ruby programming language
9
Sat Jan  3 03:10:15 PM +07 2026
10
I love golang programming language
11
Sat Jan  3 03:10:16 PM +07 2026
12
I love javascript programming language
13
Sat Jan  3 03:10:17 PM +07 2026

Bash do not need quote for conduct string, but better to use quote to avoid unexpected behavior with special character

While loop#

When to use while loop:

When the number of iterations is not known in advance

When you want to repeat a block of code until a specific condition is met

Syntax:

1
while [ condition ]; do
2

3
  # commands to execute while condition is true
4
done

Example: Loop while a condition is true

1
#!/bin/bash
2
COUNT=1
3
while [ $COUNT -le 5 ]; do
4
  echo "Count is $COUNT"
5
  COUNT=$((COUNT + 1))
6
done

Run the script

1
❯ ./while_loop.sh
2
Count is 1
3
Count is 2
4
Count is 3
5
Count is 4
6
Count is 5

(( )): arithmetic evaluation in bash,

outside of it, everything is treated as string, use $ to get value of variable
inside of it, treated as number, no need $

Remote Command Execution (RCE)#

Execute command on remote server using ssh (Secure Shell) protocol.

1
ssh user@remote_host 'command_to_execute'

Example: Check disk usage on a remote server

1
ssh lcaohoanq@123.456.78.102 'df -h'

Output:

1
Filesystem      Size  Used Avail Use% Mounted on
2
devtmpfs        15G     0   15G   0% /dev
3
tmpfs           15G  1.6M   15G   1% /dev/shm
4
tmpfs           15G  2.0G   13G  14% /run
5
tmpfs           15G     0   15G   0% /sys/fs/cgroup
6
/dev/sda1     100G   25G   71G  27% /
7
/dev/sda2     200G   50G  140G  27% /home
8
tmpfs          3.0G     0  3.0G   0% /run/user/1000

SSH with specific port, after setup our new server, we tend to change default ssh port from 22 to another port for security reason, e.g: 2222

1
ssh -p 2222 lcaohoanq@123.456.78.102

Tired to type long command every time

Create alias for it, inside ~/.zshrc or ~/.bashrc

1
echo "alias ssh_myserver='ssh -p 2222 lcaohoanq@123.456.78.102'" >> ~/.zshrc
2
# reload to take effect
3
source ~/.zshrc

Inside ~/.ssh/config file, create new config

1
Host myserver
2
    HostName 123.456.78.102
3
    User lcaohoanq
4
    Port 2222

Now you can connect to your server with simple command

1
ssh myserver

SSH without password#

We tired to type password every time we SSH to the remote server 🐧, we can setup ssh key based authentication to avoid typing password every time.

Technically way, use ssh-keygen to generate ssh key pair, then copy the public key to remote server with ssh-copy-id

1
# Generate ssh key pair
2
ssh-keygen
3
# Copy public key to remote server
4
ssh-copy-id -p 2222 lcaohoanq@123.456.78.102

Explain: the above command copy the content of ~/.ssh/id_rsa.pub to remote server’s ~/.ssh/authorized_keys file, this mechanism called public key authentication, server take the public key to verify the private key on client side. We can see that public key on server

1
ssh lcaohoanq@123.456.78.102 'cat ~/.ssh/authorized_keys'
2
# ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCy... user@hostname

If we have many key here, we can specify which key to use with -i option
- ~/.ssh/my_special_key: the private key file

1
ssh -i ~/.ssh/my_special_key -p 2222 lcaohoanq@123.456.78.102

OpenSSH Config File#

Locate at /etc/ssh/ssh_config

I have tried these three DEs#

OSS (Open Source Software)#

Linux History#

Linux Principles#

Why Linux?#

Architecture of Linux#

Popular Linux Distributions (distros)#

So sánh các distro phổ biến, Release model#

Comparison table of popular Linux distributions#

Some questions worth thinking about before deciding on a distribution include#

Release model: Rolling releases và Fixed release#

Rolling release là gì?#

Fixed release là gì?#

Góc nhìn cá nhân: chia Rolling release thành 3 mức#

Rolling nhanh#

Rolling vừa#

Rolling chậm / Fixed lâu#

Package manager#

Package Management Systems on Linux#

Working With Different Package Management Systems#

Commands#

Navigating the File System#

Viewing Files#

Examples#

touch#

Moving, Copying, Deleting Files and Directories#

Terminal Shortcuts#

find : Search for files and directories#

Examples#

System Information#

Documentation and Manual Pages#

File System#

Tips to remember#

FD (File Descriptor) in Linux#

I/O Redirection#

Pipes#

File Permissions#

File Ownership#

File Permission Mods and chmod#

Using octal notation#

Chown command#

Chgrp command#

su vs sudo#

Account, Users and Groups#

Identifying the Current User#

Users and Groups#

Adding and Removing Users#

Adding and Removing Groups#

Adding groups#

Remove groups#

Remove user from group#

Startup Files#

Order of the Startup Files#

For Login Shells#

For Non-Login Shells#

Text Editor#

nano#

Install#

Command#

vi, vim, nvim#

Command#

LazyVim#

File Types#

The 7 standard Linux file types#

Symbolic links#

Filter & IO redirection command#

Grep (Global Regular Expression Print)#

Sed (non-interactive text editor)#

Bash Scripting#

Variables#

CLI Arguments#

System Variables#

Quotes#

Double quotes v.s Single quotes#

Command Substitution#

Export Variables (Environment Variables)#

1. Shell variables vs environment variables#

2. What does export do?#

3. Parent process vs child process#

Export variables permanently#

2. What does `export` do?#