RHEL 9 Admin

RHEL 9 Installation Process

• ISO: Download from Red Hat Customer Portal
• Boot Media: Create USB using dd or Rufus
• Boot: Boot the system from the ISO/USB
• Language: Select language and keyboard
• Installation Destination: Manual or Automatic Partitioning
• Network: Configure network and hostname
• Software Selection: Server with GUI or Minimal Install
• User Setup: Set root password and create a user
• Install: Begin installation
• Finish: Reboot and log in

Post Installation

• Update System: dnf update -y
• Register Subscription: subscription-manager register
• Attach Subscription: subscription-manager attach --auto

Terminals & Shells

• Terminal Types: GNOME Terminal, TTY (Ctrl + Alt + F1–F6)
• Common Shells: bash, zsh

Check Current User

• whoami → displays the current logged-in username
• id → shows user ID (UID), group ID (GID), and groups

Check Current Directory

• pwd → print working directory (current directory path)

User Types

• Normal User → standard user without root privileges
• Superuser / Root → has full administrative privileges; prompt often shows as #
• Normal user → prompt often shows as $

Switching Users

• su - → switch to root user (superuser) with full login environment
• su username → switch to another user
• exit → return to previous user session

Shortcuts

• Tab → Auto-complete command or file name
• Up / Down Arrow → Browse command history

User & Session Management

• id → show current user ID and groups
• su - → switch to root user with login environment
• exit → exit current shell or user session
• reboot → reboot the system
• hostname → show or set the system hostname

Navigation

• cd . → stay in current directory
• cd .. → move up one directory
• cd /absolute/path → move to absolute path
• cd relative/path → move to relative path
• pwd → print current directory

Listing Files

• ls -l → list files with details
• ll → shorthand alias for ls -l
• ls -a → list all files including hidden
• ls -lh → human-readable sizes
• ls -R → recursive listing
• ls -r → reverse order
• ls -li → inode number with listing
• ls -lahR → all options combined
• ln → create hard link
• ln -s → create symbolic link

File Operations

• cp source dest → copy file
• cp -r source dest → copy directory recursively
• mv old new → move or rename file/directory
• rm file → delete file
• mkdir dir → create directory
• rmdir dir → remove empty directory
• rm -r dir → remove directory recursively

Viewing Files

• cat file → display file contents
• less file → scrollable view
• more file → paginate content
• head file → first 10 lines by default
• head -n N file → first N lines
• tail file → last 10 lines by default
• tail -n N file → last N lines

Documentation & Logs

• man command → open the manual page for a command
• command --help → show brief help and options for a command
• man -k keyword → search manuals by keyword
• info command → detailed info pages, often more structured than man
• whatis command → one-line description of a command
• journalctl -xe → view system logs and recent errors (requires sudo for full access)

Creating Files

• touch file.txt → create empty file or update timestamp
• echo "text" > file.txt → create file with text (overwrite)
• echo "text" >> file.txt → append text to file
• cat > file.txt → create file and type content interactively
• printf "text\n" > file.txt → create file with formatted text

Editing Files

• nano file.txt → simple terminal editor
• vi file.txt → powerful terminal editor
• i → insert mode
• :w → save
• :q → quit
• :wq → save & quit
• :q! → quit without saving
• vim file.txt → improved version of vi
• gedit file.txt → graphical text editor (GUI)
• sed -i 's/old/new/g' file.txt → replace text inline
• awk '{print $1}' file.txt → extract fields from text

Viewing Files

• cat file.txt → display entire content
• less file.txt → scrollable view
• more file.txt → paginate content
• head file.txt → first 10 lines
• head -n N file.txt → first N lines
• tail file.txt → last 10 lines
• tail -n N file.txt → last N lines
• wc file.txt → count lines, words, and characters
• grep "pattern" file.txt → search for pattern in file
• diff file1.txt file2.txt → show differences between files
• cmp file1.txt file2.txt → compare files byte by byte

Grep

• grep "text" file → search for text inside a file
• grep -i "text" file → case‑insensitive search
• grep -r "text" /path → search recursively in directories
• grep -v "text" file → show lines that do NOT match
• grep -n "text" file → show line numbers
• grep -l "text" * → show only filenames with matches

User Management

• useradd username → create new user
• useradd -m username → create user with home directory
• useradd -u 1001 username → create user with specific UID
• useradd -g groupname username → set primary group
• useradd -G group1,group2 username → add to multiple groups
• useradd -s /bin/bash username → set default shell
• useradd -c "Full Name" username → add user description
• usermod -aG groupname username → add user to group
• usermod -u 2001 username → change user UID
• usermod -g groupname username → change primary group
• usermod -d /home/newdir username → change home directory
• usermod -s /bin/zsh username → change default shell
• usermod -L username → lock user account
• usermod -U username → unlock user account
• passwd username → set or change password
• passwd -l username → lock user password
• passwd -u username → unlock user password
• passwd -e username → force password change at next login
• userdel username → delete user
• userdel -r username → delete user and home directory
• who → show currently logged in users
• whoami → show current user
• id username → show user ID, group ID, and groups
• groups username → show groups of user
• getent passwd username → get user info from passwd database
• cat /etc/passwd → list all users

User Options Breakdown

• -u → user ID (UID)
• -g → primary group
• -G → supplementary groups
• -a → append (used with -G)
• -c → comment / description
• -d → home directory
• -m → create home directory
• -s → login shell
• -U → create group with same name
• -L → lock account

Group Management

• groupadd groupname → create new group
• groupadd -g 1001 groupname → create group with specific GID
• groupmod -n newname oldname → rename group
• groupmod -g 2001 groupname → change group GID
• groupdel groupname → delete group
• gpasswd -a username groupname → add user to group
• gpasswd -d username groupname → remove user from group
• groups username → list groups for a user
• id username → show user groups info
• getent group groupname → get group info from database
• cat /etc/group → list all groups

Basic Permissions

• ls -l → view file permissions
• chmod 755 file → set permissions (rwxr-xr-x)
• chmod u+x file → add execute for owner
• chmod g-w file → remove write for group
• chmod o=r file → set others to read-only
• chown user:group file → change owner and group
• chown user file → change owner only
• chgrp group file → change group only
• stat file → detailed file info including permissions

Special Permissions (SUID, SGID, Sticky Bit)

SUID (Set User ID)

• Symbol: s in the owner's execute position (rws)
• Effect: Executes the file with the file owner’s permissions, not the user running it
• Add SUID: chmod u+s <file>
• Remove SUID: chmod u-s <file>
• Example: chmod 4755 /usr/bin/passwd

SGID (Set Group ID)

• Symbol: s in the group's execute position (rws)
• Effect on files: Executes with the file's group permissions
• Effect on directories: New files inside inherit the directory's group
• Add SGID: chmod g+s <file_or_directory>
• Remove SGID: chmod g-s <file_or_directory>
• Example: chmod 2755 /shared/folder

Sticky Bit

• Symbol: t in the others’ execute position (rwt)
• Effect: Only the owner of the file or root can delete/rename files in the directory
• Add Sticky Bit: chmod +t <directory>
• Remove Sticky Bit: chmod -t <directory>
• Common use: /tmp directory
• Example: chmod 1777 /tmp

View Processes

• ps aux → show all running processes with details
• ps -ef → alternative full-format process listing
• top → interactive process viewer
• htop → enhanced interactive process viewer (colorful)
• pidof process_name → get PID(s) of a process
• pgrep process_name → search for process by name

Manage Processes

• kill PID → terminate process gracefully
• kill -9 PID → force kill process
• pkill process_name → kill process by name
• killall process_name → kill all instances of a process
• renice +10 PID → lower process priority
• renice -10 PID → increase process priority
• nice -n 10 command → start command with specific priority

Jobs & Background Processes

• jobs → list background jobs in current shell
• bg %job_number → resume job in background
• fg %job_number → bring job to foreground
• & → append to command to run in background (e.g., `sleep 100 &`)
• disown %job_number → remove job from shell job table

System-Wide Monitoring

• uptime → show system uptime and load averages
• vmstat → report virtual memory, CPU, and IO stats
• iostat → CPU and disk IO statistics
• free -h → show memory usage
• watch command → run a command periodically and display output

Systemd Service Management

• systemctl start service → start a service immediately
• systemctl stop service → stop a running service
• systemctl restart service → restart a service
• systemctl reload service → reload service configuration without restarting
• systemctl enable service → enable service to start at boot
• systemctl disable service → disable service from starting at boot
• systemctl status service → show current status and logs of service
• systemctl is-active service → check if service is running
• systemctl is-enabled service → check if service is enabled at boot
• systemctl mask service → prevent service from starting
• systemctl unmask service → remove mask to allow starting

Listing Services

• systemctl list-units --type=service → list active services
• systemctl list-unit-files --type=service → list all service unit files with enable/disable status
• systemctl list-dependencies service → show service dependencies
• systemctl cat service → show unit file configuration
• systemctl show service → detailed properties of service

Logs

• journalctl -u service → view logs for a specific service
• journalctl -xe → view system-wide logs with details
• journalctl -f → follow log output live

Starting & Enabling SSH Service

• systemctl start sshd → start SSH service immediately
• systemctl enable sshd → enable SSH to start at boot
• systemctl restart sshd → restart SSH service after config changes
• systemctl status sshd → check SSH service status

SSH Configuration

• Config file: /etc/ssh/sshd_config
• Port 2222 → change SSH port for security
• PermitRootLogin no → disable root login via SSH
• PasswordAuthentication no → disable password login for key-based auth
• AllowUsers user1 user2 → restrict which users can SSH

Connecting & secure Copying Files

• ssh user@host → connect to remote server
• scp file user@host:/path → copy file to remote server
• scp user@host:/path/file . → copy file from remote server
• rsync -avz file user@host:/path → efficient file transfer

Key-Based Authentication

• ssh-keygen → generate SSH key pair
• ssh-copy-id user@host → copy public key to remote server
• ssh -i ~/.ssh/id_rsa user@host → connect using specific private key
• ssh-agent bash → start SSH agent
• ssh-add ~/.ssh/id_rsa → add private key to agent

Monitoring & Security

• journalctl -u sshd → view SSH logs
• ss -tuln | grep 22 → check listening SSH port
• fail2ban-client status sshd → monitor failed login attempts (if fail2ban installed)

Viewing Logs

• journalctl → show all systemd logs
• journalctl -xe → show recent errors with details
• journalctl -u service → show logs for a specific service
• journalctl -b → show logs since last boot
• journalctl -f → follow logs live
• journalctl --since "YYYY-MM-DD HH:MM" → logs from specific time
• journalctl -p err → show only errors

Rotating Logs

• logrotate → automatic log rotation tool
• Config files: /etc/logrotate.conf and /etc/logrotate.d/
• logrotate -d /etc/logrotate.conf → debug log rotation without executing
• logrotate -f /etc/logrotate.conf → force rotate logs
• /var/log/*.log → commonly rotated log files

Monitoring Logs in Real-Time

• tail -f /var/log/messages → follow log file live
• tail -n 50 -f /var/log/messages → last 50 lines and follow
• less +F /var/log/syslog → follow log file interactively
• grep "error" /var/log/messages → filter log entries by keyword
• watch tail -n 20 /var/log/messages → update last 20 lines every 2 seconds

Show Network Information

• ip addr → display IP addresses and interfaces
• ip link → show network interfaces and status
• ip route → show routing table
• ip route add default via 192.168.1.1 → add default gateway
• ip route del default → delete default route
• ethtool eth0 → detailed info for a network interface

Configure Network Interface

• nmcli con add type ethernet con-name eth0 ifname eth0 → create Ethernet connection
• nmcli con up eth0 → bring up interface
• nmcli con down eth0 → bring interface down
• nmcli con show → show network connections
• nmcli con modify eth0 ipv4.addresses 192.168.1.10/24 → set static IP
• nmcli con modify eth0 ipv4.gateway 192.168.1.1 → set gateway
• nmcli con modify eth0 ipv4.dns "8.8.8.8 8.8.4.4" → set DNS servers
• nmcli con reload → reload connections
• nmcli device status → list all devices and their state
• nmcli connection show → show configured connections
• nmtui → open text-based network manager UI

Socket Statistics (ss)

• ss -tulap → show all listening ports with processes
• ss -n → show connections without resolving names
• ss -t → show TCP connections
• ss -u → show UDP connections
• ss -l → show listening sockets
• ss -a → show all sockets
• ss -p → show process using socket

Routing Table

• netstat -nr → show routing table (numeric format)

Network Path Tracing

• traceroute 8.8.8.8 → trace path to destination
• tracepath 8.8.8.8 → trace network path (no root needed)

Check Connectivity

• ping 8.8.8.8 → check connectivity to IP
• ping google.com → check DNS resolution
• traceroute 8.8.8.8 → trace path to host
• curl -I http://example.com → check HTTP response
• dig google.com → query DNS records
• nslookup google.com → alternative DNS query

DNS Configuration

• Config file: /etc/resolv.conf → define nameservers
• nmcli dev show eth0 | grep DNS → show DNS used by interface

Compressing & Archiving

• tar -cvf archive.tar dir/ → create tar archive of directory
• tar -xvf archive.tar → extract tar archive
• tar -czvf archive.tar.gz dir/ → create gzip compressed tar
• tar -xzvf archive.tar.gz → extract gzip compressed tar
• tar -cjvf archive.tar.bz2 dir/ → create bzip2 compressed tar
• tar -xjvf archive.tar.bz2 → extract bzip2 compressed tar
• gzip file → compress file using gzip
• gunzip file.gz → decompress gzip file
• bzip2 file → compress file using bzip2
• bunzip2 file.bz2 → decompress bzip2 file
• zip archive.zip file1 file2 → create zip archive
• unzip archive.zip → extract zip archive
• 7z a archive.7z dir/ → create 7zip archive (if p7zip installed)
• 7z x archive.7z → extract 7zip archive
• tar -tvf archive.tar → list contents of tar archive

Transferring Files

• scp file user@host:/path → copy file to remote server
• scp -r dir user@host:/path → copy directory recursively
• rsync -avz source user@host:/dest → efficient sync and transfer
• rsync -avz --delete source user@host:/dest → sync and delete files not in source
• rsync -avz -P source user@host:/dest → show progress and allow resume
• ftp host → transfer files via FTP
• sftp user@host → secure file transfer over SSH
• scp user@host:/path/file . → copy file from remote server to local

Basic Package Management

• dnf install package → install a new package
• dnf remove package → remove/uninstall a package
• dnf update -y → update all packages automatically
• dnf upgrade package → update specific package
• dnf list installed → list all installed packages
• dnf list available → list available packages
• dnf search keyword → search for packages by keyword
• dnf info package → detailed info about a package

Group and Bulk Operations

• dnf groupinstall "Server with GUI" → install a package group
• dnf groupremove "Server with GUI" → remove a package group
• dnf check-update → list packages with available updates
• dnf autoremove → remove unused dependencies
• dnf clean all → clean cached metadata and packages
• dnf repolist → list enabled repositories
• dnf repoinfo → detailed info about repositories

Advanced Operations

• dnf downgrade package → revert package to older version
• dnf history → view transaction history
• dnf history undo transaction_ID → undo a previous transaction
• dnf config-manager --add-repo URL → add custom repository
• dnf config-manager --disable repo → disable a repository
• rpm -qa | grep package → check if package installed using rpm

YUM Package Management (RHEL 7 and older, backward-compatible)

• yum install package → install package
• yum remove package → remove package
• yum update -y → update all packages
• yum upgrade package → update specific package
• yum list installed → list installed packages
• yum list available → list available packages
• yum search keyword → search packages
• yum info package → show package info
• yum groupinstall "Server with GUI" → install package group
• yum groupremove "Server with GUI" → remove package group
• yum clean all → clear metadata and cache

RPM Package Management (Low-level, works without network)

• rpm -ivh package.rpm → install RPM package
• rpm -Uvh package.rpm → upgrade or install package
• rpm -e package → remove installed package
• rpm -qa → list all installed packages
• rpm -qi package → detailed info about installed package
• rpm -ql package → list files installed by package
• rpm -qc package → list configuration files from package
• rpm -qf /path/to/file → find which package owns a file

Listing Disks & Partitions

• lsblk → list block devices and partitions
• blkid → show partition UUIDs and file system types
• fdisk -l → list partition tables
• parted -l → show disk partitions and sizes
• df -h → show mounted disks with usage in human-readable format

Mounting & Unmounting Filesystems

• mount /dev/sda1 /mnt → mount filesystem
• mount -o ro /dev/sda1 /mnt → mount read-only
• mount -t ext4 /dev/sda1 /mnt → specify filesystem type
• umount /mnt → unmount filesystem
• umount -l /mnt → lazy unmount (detach immediately)
• mount | grep /mnt → check if filesystem is mounted

Disk & Folder Usage

• df -h → disk usage per mounted filesystem
• df -i → inode usage per filesystem
• du -sh /path → total size of folder
• du -h --max-depth=1 /path → show sizes of subdirectories

Filesystem Maintenance

• fsck /dev/sda1 → check and repair filesystem
• mkfs.ext4 /dev/sda1 → create ext4 filesystem
• mkfs.xfs /dev/sda1 → create XFS filesystem
• tune2fs -l /dev/sda1 → show filesystem info
• resize2fs /dev/sda1 → resize ext2/3/4 filesystem
• e2fsck /dev/sda1 → ext2/3/4 filesystem check

Mounting Options & Persistence

• /etc/fstab → configure filesystems to mount at boot
• UUID=$(blkid -s UUID -o value /dev/sda1) → get filesystem UUID for fstab
• mount -o defaults,noatime /dev/sda1 /mnt → mount with options