Linux 101 : Gathering information about our system - whoami, id, ss, ps, ... -
The command "whoami" displays the username we are logged in as:
To be able to see all the users in a Linux system, we can have a look in the "/etc/passwd" file, using the command:
- a, x : list all processes whether they are attached to a terminal or not.
- u : list the processes in a human-readable format.
To list all the network connections, including the ports they are listening on and the programs that opened them, we use the below:
- -a : to list all connections
- -n : lists IP addresses without hostname resolution.
- -p : displays the program the connection belongs to.
We could check the scheduled tasks in a Linux system by looking at the "/etc/cron.*" directories.
The "*" sign is the frequency a task is executed at - daily, weekly, monthly -.
The daily tasks for example are in "/etc/cron.daily".
Administrators may also put their scheduled tasks in the "/etc/crontab" file.
To list the applications installed on a system, we could use the below command:
To find the SUID programs that running a machine, we could use the below command:
The "2>/dev/null" command sends the error messages to the "null" device so they don't appear on the screen.
The SUID bit - when set on a program - allows a user to run a program with the permissions of the owner of the program.
For example, to allow users to change their password, the "passwd" program - which has root privileges - has the SUID bit set.