LFCS: Linux Foundation Certified System Administrator

File system navigation: absolute vs. relative paths, ln (hard and symbolic links), find (by name, type, size, mtime, permissions), locate (requires updatedb), tar (c create, x extract, z gzip, j bzip2, v verbose, f file), rsync (incremental sync, --delete, -a archive mode). Disk management: lsblk (list block devices), fdisk/gdisk (partition tables — fdisk for MBR, gdisk for GPT), mkfs (format: mkfs.ext4, mkfs.xfs), mount/umount, /etc/fstab (persistent mounts with UUID, fsck order, options). df -h (disk usage), du -sh (directory size). LVM (Logical Volume Manager): pvcreate (initialise physical volume), vgcreate (create volume group), lvcreate (create logical volume with -L size and -n name), lvextend + resize2fs or xfs_growfs (extend online). LVM snapshot: lvcreate --snapshot for point-in-time backup.

Users and groups: useradd (create user, -m homedir, -s shell, -G groups), usermod (modify: -aG to append group), userdel (-r to remove home), passwd (set password), chage (password aging: -M max days, -E expiry date). /etc/passwd, /etc/shadow, /etc/group file formats. Permissions: chmod (symbolic: u+x, g-w, o=r; numeric: 755, 644), chown (change owner and group: chown user:group), chgrp. Special bits: SUID (4000, execute as owner), SGID (2000, execute as group, new files inherit group), Sticky (1000, only owner can delete file in shared directory). ACLs: getfacl, setfacl -m u:user:rwx for fine-grained permissions beyond ugo. Sudo: /etc/sudoers and /etc/sudoers.d/ — always edit with visudo (syntax validation). sudoers syntax: user host=(runas) command. NOPASSWD: allows command without password prompt.

Network configuration: ip addr (show/add/del IP addresses), ip route (show/add/del routes), ip link (show/set interface state), nmcli (NetworkManager CLI — persistent configuration), nmtui (text UI). /etc/hosts for local name resolution, /etc/resolv.conf for DNS servers. SSH: sshd_config (/etc/ssh/sshd_config) — PermitRootLogin, PasswordAuthentication, Port, AllowUsers. ssh-keygen (generate keypair), ssh-copy-id (deploy public key), ssh -L (local port forward), ssh -R (remote port forward). scp and sftp for file transfer. firewalld: zones (public, internal, trusted, drop), services (named rule sets like ssh, http), ports (direct port rules). firewall-cmd --permanent (persist changes), --reload (apply persistent rules). iptables: chains (INPUT, OUTPUT, FORWARD), targets (ACCEPT, DROP, REJECT), -I insert, -A append, -D delete. nft (nftables) is the modern replacement.

Processes: ps aux (all processes, user, CPU/mem), top/htop (interactive), kill/killall (-9 SIGKILL, -15 SIGTERM, -1 SIGHUP), nice/renice (priority -20 to 19, lower = higher priority), jobs/bg/fg (job control). /proc filesystem: /proc/PID/status, /proc/meminfo, /proc/cpuinfo. systemd: systemctl start/stop/restart/enable/disable/status. Unit files in /etc/systemd/system/ (highest precedence) and /usr/lib/systemd/system/ (package-provided). journalctl: -u for unit, -f follow, --since/--until for time ranges, -p for priority (err, warning, info). systemd-analyze blame for boot time analysis. Cron and at: crontab -e (per-user cron), /etc/cron.d/ for system cron files. Cron syntax: minute hour day month weekday. at command for one-time scheduling. anacron for systems that are not always running (laptops). logrotate: /etc/logrotate.conf and /etc/logrotate.d/ — size, rotate, compress, dateext options.