Red Hat Cheat Sheet

by nextnely via cheatography.com/71363/cs/18089/

Services Cron (cont) SELinux (cont)

systemctl list-u​nit​- Lists enable​d/d​isabled /etc/c​ron.deny Disabled Mandatory access control if

files -at service service unit files. turned off.
An empty deny file means nobody is denied.
systemctl list-units - Lists enable​d/d​isabled An empty allow file means nobody is allowed. sestatus Shows SELinux status.
at service running services. If both are missing nobody is allowed. set setenforce Tempor​arily changes
systemctl list-units -t Shows active running Root always has access. <mo​de> SELinux mode.
service --state services.
vi SELinux config file.
running RPM
/selin​ux/​config
-t Shows enabled service rpm -qa Queries all installed packages.
unit files. Networking
rpm -qa | sort
-a Shows both enabled
rpm -qi Shows inform​ation about the nmtui graphical network editor
and disabled service unit
[package] package.
files.
Logs
rpm -qa Group=​"​System Enviro​nme​nt/​She​lls​"
systemctl mask Prevents service from
[service name] starting. rpm --qa -last Shows packages install sorted less -N View rsyslog config​uration
by date /etc/r​sys​log.conf file with line numbering
turned on.
Cron rpm -ql yum Queries for list of file paths.
cat Lists messages log.
/var/s​poo​l/c​ron​/[user] User cron rpm -qc yum
/var/l​og/​mes​sage
jobs. rpm -qf [path Query file.
s
/etc/c​ron.d System to file]
grep -v Lists everything that does
cron jobs. rpm -qdf Shows all docume​ntation for
'systemd:' not include systemd.
[minute 0-59] [hour] [day of the Cron job [path to file] specified comman​d/file. /var/l​og/​mes​sage
month] [month of the year] [day time rpm -q --provide s
of the week] [path of script] format.
rpm -q --requires [file] tail -f Follows log file.
cronta​b-g​ene​rat​or.org Crontab /var/l​og/​mes​sage
rpm -q -- Shows changes to package.
generator. s
chan​gelog
0 1* Runs job [file] /var/l​og/​secure Private authen​tic​ation
everyday at messages (logins)
1 a.m. SELinux /etc/c​ron.daily Logrotate cron job.
0 1 * [user] Format for
Enforcing Security policy is enforced. /etc/l​ogr​ota​te.con Logrotate config​uration file.
system
mode f
wide cron
Permissive Security policy is observed and logger Writes message to
jobs.
mode warnings are printed but policy is "​mes​sag​e" messages log file.
/etc/a​t.allow Allow
not enforced.
access to
yum
the AT
services. yum --show​dup​licates -list Shows versions of

/etc/c​ron.allow Allow [pacakge name] a package.

access to yum list installed Lists all packages

cron installed.
services.

/etc/a​t.deny

By nextnely Published 19th December, 2018. Sponsored by Readability-Score.com

cheatography.com/nextnely/ Last updated 19th December, 2018. Measure your website readability!
Page 1 of 3. https://readability-score.com
 Red Hat Cheat Sheet
by nextnely via cheatography.com/71363/cs/18089/

yum (cont) yum (cont) Time

Bold Update available in yum versio​nlock Removes version lock timeda​tectl Lists local time for
reposi​tory. delete [output from from package. current timezone.
yum versio​nlock]
Bold and underline Current kernel timeda​tectl list- Filters timezones via
yum update -- Only updates security t​ime​zones | grep grep.
Red Package doesn't exist in
security packages. America
reposi​tory.
yum update​-mi​nimal Install strictly security timeda​tectl set- Sets timezone.
Yellow Newer package then in
--security updates. Doesn't ti​mezone [timezone]
reposi​tory.
include bug fixes.
timeda​tectl set-time Manually sets time.
yum list updates Lists updates for
packages installed. yum install yum- View package change 24:00:00
plugin changelog logs. timeda​tectl set-time Manually sets date.
yum list available
yum changelog Gets all change logs 2018-12-30
yum info [package Shows package info.
updates for packages with timeda​tectl set-ntp true Enables NTP.
name]
updates.
systemctl restart Restarts NTP
yum deplist Shows depend​encies for
yum changelog View change log for system​d-t​ime​dated service.
[package name] package.
[package name] specific package.
yum install ntp Installs NTP client.
yum search Searches for package
yum list installed Lists currently installed
[package name] name. /etc/n​tp.conf NTP config file.
kernel-* kernel.
yum reinstall Reinst​alled package. ntpdate -q <server Checks NTP server
ls -l /boot Kernel directory.
[package name] addres​s> address.
uname -r Shows running kernel.
yum reinstall --skip​-broken [package name] ntpdate <server Sets NTP server.
yum list available Lists available kernel. addres​s>
yum remove Removes package.
kernel
[package name] systemctl enable Enables NTP
yum -y update kernel Updates kernel. ntpdate synchr​oni​zation.
yum autoremove Removes packages
yum remove kernel
[package name] including depend​encies.
grub2-​set​-de​fault Changes kernel. Journal
yum packag​e- Shows unused packages.
c​leanup [kernel number]
journalctl Lists all journal entries.
yum install yum-utils ls Lists kernel module
journalctl Specifies journal.
/lib/m​odu​les​/$(​uname directory.
yum Checks for updates. /sbin/​crond
-r)/kernel
check-​update journalctl -f Tails journal.
lsmod Lists modules.
yum list obsoletes mkdir Directory for persistent
yum install yum-pl​ugi​n-v​ers​ionlock /var/l​og/​journal journals.

yum versio​nlock Prevents package from

[package name] updating.

yum versio​nlock Lists version locked

packages.

By nextnely Published 19th December, 2018. Sponsored by Readability-Score.com

cheatography.com/nextnely/ Last updated 19th December, 2018. Measure your website readability!
Page 2 of 3. https://readability-score.com
 Red Hat Cheat Sheet
by nextnely via cheatography.com/71363/cs/18089/

File Access Control File Access Control (cont)

ls -l [file Lists The user-owner is the 664 Default rw-rw-r--

name] group third column from the file
owners. left. THe group-​owner is permis​si
the fourth column. ons.
(umask
Read (r) 4
002)
Write 2
(w) umask 022 Changes umask.

Execute 1 umask 002 rw-rw-r-- Direct​ories- rwx-

(x) r-​xr-x, Files- rwxr--r--

-rw-rw- --user​own​er-​gro​upo​wne​r-other vi ~/bashrc User add new umask to

r-- umask end of file.

startup
chmod Symbolic permission format.
file
u=rwx,​g
vi System if [ "​$UI​D" -ge 1000]
=rx,o=
<fi​le> /etc/p​rof​ile.d wide ;then
/​unm​ash.sh unmask.
chmod Adds permis​sions format.
getfacl lists -t
u+rwx
<fi​le> ACLs on
<fi​le>
file.
chmod Remove permis​sions format.
setfacl -m Sets setfacl -m
o-x
user: ACLs on user:r​oot:rwx
<fi​le>
<​use​r>:​<pe​ file. /home/​fil​e.txt
chmod Removes execute from all positions.
rmi​ssi​ons>
a-x
aclfile
<fi​le>
setfacl -m group:​<gr​oup​>:<​per​mis​sio​n> <fi​le>
-R Recurs​ively adds permis​sions.
setfacl -x -x remove specific
umask View umask.
group:root ACL, -k removes all
umask - View umask in symbolic notation. <fi​le/​dir> default ACLs, -b
S removes all ACLs

775 Default rwxrwxrwx

directory
permis​si
ons.

755 rwx-r-xr-x

By nextnely Published 19th December, 2018. Sponsored by Readability-Score.com

cheatography.com/nextnely/ Last updated 19th December, 2018. Measure your website readability!
Page 3 of 3. https://readability-score.com