LPI LPIC-1: Linux System Administration, Filesystems, and Shell Scripting

LPIC-1 starts with how Linux boots. Boot sequence: BIOS/UEFI firmware > bootloader (GRUB 2 — stored in MBR or EFI partition) > kernel (loaded into RAM, decompresses itself, mounts root filesystem) > init system (systemd or SysV init) > user space. GRUB 2: configuration in /boot/grub/grub.cfg (do not edit directly — edit /etc/grub.d/ files and /etc/default/grub, then run update-grub or grub-mkconfig). Kernel parameters: passed at boot in GRUB — 'quiet splash' suppresses boot messages, 'single' boots to single-user mode (maintenance), 'init=/bin/bash' bypasses init (emergency root access — bypasses password). Hardware detection: lspci (PCI devices — network cards, GPUs), lsusb (USB devices), lsmod (loaded kernel modules), modprobe (load a module), rmmod (remove a module), dmesg (kernel ring buffer — hardware messages during boot). Package management: apt (Debian/Ubuntu — apt-get install/remove/update/upgrade, apt-cache search), dpkg (low-level Debian package tool — dpkg -i install, dpkg -l list installed, dpkg -r remove), yum/dnf (Red Hat/CentOS/Fedora — dnf install/remove/update, dnf search), rpm (low-level RPM tool — rpm -ivh install, rpm -qa list all, rpm -e remove).

Linux filesystem hierarchy standard (FHS): / root, /boot bootloader and kernel, /etc system configuration, /home user home directories, /var variable data (logs, spool, databases), /tmp temporary (cleared on reboot), /usr user-space programs, /lib shared libraries, /dev device files, /proc kernel virtual filesystem, /sys hardware interface. Partitioning: fdisk (MBR partitions — up to 4 primary, or 3 primary + 1 extended with logical partitions), parted (GPT and MBR, supports disks over 2 TB), gdisk (GPT only). Filesystem creation: mkfs.ext4 /dev/sdb1, mkfs.xfs /dev/sdb2 — ext4 (most common, journaling, backward compatible), XFS (high performance, large files, used by RHEL/CentOS), btrfs (copy-on-write, snapshots, RAID — emerging). Mount: mount /dev/sdb1 /mnt/data, umount /mnt/data. Persistent mounts: /etc/fstab — fields: device, mount point, filesystem type, options, dump (0 = no backup), pass (0 = no fsck, 1 = root priority, 2 = other). LVM: pvcreate, vgcreate, lvcreate — lvextend followed by resize2fs (ext4) or xfs_growfs (XFS) to resize online. RAID: mdadm creates software RAID — RAID 0 (striping, no redundancy), RAID 1 (mirroring), RAID 5 (striping + distributed parity, 1 drive failure tolerance), RAID 6 (2 drive failure tolerance).

Bash scripting is a core LPIC-1 topic. Script structure: #!/bin/bash shebang line declares the interpreter, chmod +x script.sh makes it executable, run with ./script.sh or bash script.sh. Variables: NAME='value' (no spaces around =), $NAME or ${NAME} to reference. Quotes: single quotes preserve literals, double quotes allow variable expansion, backticks or $(command) for command substitution. Conditionals: if [ condition ]; then ... elif [ condition ]; then ... else ... fi. Test operators: -eq/-ne/-lt/-gt (numbers), ==/!= (strings), -f (file exists), -d (directory exists), -z (empty string), -e (file or directory exists). Loops: for VAR in list; do ... done, while [ condition ]; do ... done. Functions: function_name() { commands; }. Exit codes: $? holds the exit code of the last command (0 = success, non-zero = error). Text processing: grep (search — -i case-insensitive, -r recursive, -v invert match, -E extended regex), sed (stream editor — sed 's/old/new/g' replaces all occurrences, sed -n '5,10p' prints lines 5-10), awk (field processing — awk '{print $1, $3}' prints fields 1 and 3, awk -F: '{print $1}' /etc/passwd prints usernames), sort (-n numeric, -r reverse, -u unique), uniq (remove adjacent duplicates — pipe sort first), cut (-d: -f1 cuts field 1 with colon delimiter), wc (-l lines, -w words, -c bytes), head/tail (-n 20 shows 20 lines), tee (read from stdin, write to file AND stdout — useful in pipelines).

LPIC-1 networking: ip addr, ip route, ip link (modern interface management — replaces ifconfig and route), ss -tuln (socket statistics — replaces netstat), ping, traceroute, host, dig, nslookup. Network configuration: /etc/network/interfaces (Debian), /etc/sysconfig/network-scripts/ (Red Hat — legacy), NetworkManager (modern systems — nmcli for CLI). SSH: ssh-keygen generates RSA or ED25519 key pair, ssh-copy-id copies public key, ~/.ssh/authorized_keys stores trusted public keys, /etc/ssh/sshd_config configures daemon (Port, PermitRootLogin, PasswordAuthentication). Security: passwd (change password), chage (password aging — chage -l username shows expiry, chage -M 90 username sets 90-day expiry), sudo configuration (/etc/sudoers via visudo), PAM (Pluggable Authentication Modules — /etc/pam.d/ controls authentication for each service). System logging: rsyslog (traditional syslog daemon — /etc/rsyslog.conf, log files in /var/log/), journald (systemd — journalctl to read, journalctl -u sshd to filter by unit, journalctl -f for live follow, journalctl --since '2025-01-01' for time filtering). Log rotation: logrotate (/etc/logrotate.conf and /etc/logrotate.d/) — rotates, compresses, and removes old logs on schedule.