The Bourne Again SHell, or BASH for short, is a powerful language that can be used for low-level linux system administration operations. While modern systems engineers have a strong liking to more robust solutions like Redhat’s Ansible, for consumer facing projects I find that readability is key. Now, sure ansible is readable, but it’s unapproachable. Which is why this guide is going to get you up to speed with everything you need to know about the unix shell.
File Structure
Directories & Navigation
Introduction
When you login to a machine via ssh, you’re essentially telling it “Hi I’m bpetch and I want to access my shell.” When doing this, you’ll get into the machine and if you’re not familiar with Linux, you’ll wonder “what did I just get myself into.” Once you’re logged in, you’ll likely see nothing but a disclaimer and bpetch@host ~ $. This means that you’re in the shell and in your HOME directory. The HOME directory is where your files should live on the drive.
Essentially, if you were to login and run pwd it will likely return something like /home/username — this is the absolute path of where you are currently, the shell is shortening this to ~, and you can also reference it as $HOME.
Navigation
To navigate through directories, there is a command called cd. Essentially, if your user has permission to go to the location, it will put your current shell session into that location. An example might look like cd /home/bpetch which would take me to my home directory. You could also do cd $HOME and it would do the same thing if the environment variable is set.
Writing Files
In addition to cd, there is an application called touch and another called echo. Each of these has a purpose. If you touch a file, it will create a new file on the disk. So lets say I’m at $HOME and wrote touch newfile, it will create a new file called new file. This will be empty. Lets say that you wanted to add to the file, you can use echo to send text directly into the file. echo "hello world" >> newfile will put the text “hello world” into the file.
Editing Files
There are also a number of editors. For someone new to the shell, I’d almost always recommend learning nano. It’s a very simple text editor with some pretty good features. nano allows you to use arrow keys, type normally, and quickly match words by doing ctl-w. In addition, the save feature, accessed by doing ctl-x, pressing y, then entering the filename will allow for easy modification of files. You can also create new directories by typing mkdir foldername and it will create a new folder called foldername. If you are needing to create a list of directories, you can do mkdir -p folders/i/need and it will create folders/i/need on the filesystem.
Removing Files
Removing files is quite similar to touch, essentially if you’ve created a directory, you’ll need to use rm -r foldername this will remove the folder and anything under it. If you’re removing a single file, you can run rm filename and it will delete the file. Note that there is no recycling bin like you might expect on a macOS or Windows system. If you delete it, it’s gone.
In addition, there is the -f flag, which means that it will forcefully remove files. Never run this on / or any other high-level directory. It can and will blow up your files.
Installing Applications
Lets say that you require a few applications to get your software stack up and running– maybe it’s something like curl, or wget, tools to download files from the internet– Or maybe it’s a webserver like nginx… If you’re using Debian or Ubuntu, the apt package manager is going to be your best friend. (Please, do not use snap).
The APT package manager is extremely robust. It pulls from repositories to install applications that are supported by the distribution that you are using. Do note that adding repositories can create unintended damage to systems if you don’t fully understand what’s going on. We’re only going to use things included in the default repositories for today.
So lets install curl— First we’re going to need to update the package cache, do do this, we’re going to run the following command, followed by the second one to actually complete the installation.
sudo apt-get update
sudo apt-get install curl -yCongratulations! You’ve installed your first package. You can now download files off the internet using curl!
An example of a curl command would look like this:
curl -L "https://google.com" -o "$HOME/google.html"You should now have a file called google.html located at $HOME.
Permissions & File Ownership
Introduction
These are really something that you don’t want to mess up — trust me, I’ve been there. For the most part, filesystem permissions are not something that need to be fiddled with, although if you do, chmod 777 is not the solution.
Ownership
Lets first understand what a user and a group is. Essentially your username, take bpetch for example, is created. This user, as the first user on the system will take on what is called a user id, which in my case is 1000, along with a group that belongs to that user, which also has the same id 1000. User and Group IDs can differ, and a user can be a member of multiple groups.
So lets say that a file is owned by root, for nginx (a common webserver) as an example. The root user is essentially a superuser on the system. It can access the entire filesystem and make modifications to almost any part of it — ok but why does this matter? The root user can also grant other users access to specific resources via file ownership. File ownership means that the user and group ids we talked about earlier “own” the file, meaning that it gets full access.
So inside a folder owned by bpetch, you’d expect that if root was to write a file to that location it would be owned by bpetch right? If you thought so, you’re mistaken. The user will be owned by root, and will not be writable by the bpetch user (although with the default 644 permissions on the file, it will be readable).
Octal Permissions
Octal permissions work on a range of numbers from 0-7. There are often 3 digits to this value. The first being user permissions, the second being group permissions, and the last being other permissions (someone in neither the user or group). You can gain a bit of an understanding about how the permissions are allocated here: https://chmod-calculator.com/ — Essentially, a value of 4 allows the digit to read a file, a digit of 2 allows for writing of a file, and a digit of 1 allows for execution of a file.
Putting it all together
The chmod unix command allows the permissions to be set on a file using both octal and +rwx -rwx notations.
So lets say that both bpetch and jerry want to access the same file. You can’t give both ownership (with the exemption of using a more fancy acl). What we do instead is create a group for both users. The -R flag recursively owns files and recursively modifies permissions.
groupadd storage
mkdir -p /mnt/storage
chown bpetch:storage /mnt/storage
chmod 770 /mnt/storage
# adds the user bpetch and jerry to the storage group
usermod -a -G storage bpetch
usermod -a -G storage jerryNow, both users can read and write to storage.
Testing & Tuning Network Throughput
Introduction
So… you’ve been given a machine and want to see how the speeds are, just head to speedtest.net right? Nope. Think again. While speedtest-cli does exist and is free, the better, less proprietary solution that actually allows you to measure speed from one host to another is called iperf3. iperf3 allows both a server and a client to be run using the command and will report back the true speeds during the test. You can find some public iperf3 servers here. If you’re running a Debian based OS like Ubuntu, or Debian itself, you can run sudo apt-get update && sudo apt-get install iperf3 to get the application installed.
TEsting
So what are the usages? The following command will try to connect you to that server and will run the test. You can also supply -P and a number (lets say 4, -P4) and it will spin up that many threads (simultaneous connections) to the test server.
iperf3 -c someserver.com -P4Tuning Network Throughput
If you aren’t finding satisfactory results, but your line speed is guaranteed, you could try what is called “host tuning” where you modify the networking stack at the kernel level. While everyone kind-of reaches their own conclusions on the best parameters, I’d be sure to checkout https://fasterdata.es.net/host-tuning/linux/ — they’ve got a number of amazing resources that will help you get the most out of your connection. For just about anything I’d recommend looking at their config for
“For a host with a 10G NIC optimized for network paths up to 200ms RTT, and for friendliness to single and parallel stream tools, or a 40G NIC up on paths up to 50ms RTT:”
https://fasterdata.es.net/host-tuning/linux/
# allow testing with buffers up to 128MB net.core.rmem_max = 134217728 net.core.wmem_max = 134217728 # increase Linux autotuning TCP buffer limit to 64MB net.ipv4.tcp_rmem = 4096 87380 67108864 net.ipv4.tcp_wmem = 4096 65536 67108864 # recommended default congestion control is bbr net.ipv4.tcp_congestion_control = bbr # recommended for hosts with jumbo frames enabled net.ipv4.tcp_mtu_probing = 1 # recommended to enable 'fair queueing' net.core.default_qdisc = fq
These settings usually do more than enough to get you up and moving, although if you’re still not satisfied, maybe checkout the following config: https://klaver.it/linux/sysctl.conf. And also do some reading at https://wiki.archlinux.org/title/improving_performance and https://wiki.archlinux.org/title/Sysctl#Improving_performance
Stay tuned for a Docker Tutorial.