Linux Essentials¶
From AWS Re/Start (June 2025). Linux is the OS running on ~99% of cloud servers — understanding it means understanding the environment your code runs in.
Ultra-Short Summary¶
Linux organises everything as files. The filesystem has a standardised layout (FHS). Everything you do — running a program, connecting a device, reading a network interface — involves files in a predictable location. Master the hierarchy and the key commands, and you can navigate any Linux server.
The Linux Filesystem Hierarchy¶
/ root of the entire filesystem
├── bin/ binaries — essential commands (ls, cp, mv)
├── boot/ files needed to start the OS
├── dev/ device files (disks, terminals, null)
├── etc/ configuration files for all programs
├── home/ user home directories (/home/cain/)
├── lib/ shared libraries (.so files — like Windows .dll)
├── mnt/ mount point for external drives / USB
├── opt/ optional third-party software
├── proc/ virtual filesystem — running processes + kernel info
├── root/ home directory for the root user
├── sbin/ system binaries (powerful commands — reformat, partition)
├── srv/ service data
├── tmp/ temporary files (cleared on reboot)
├── usr/ user-related programs and data
└── var/ variable data — logs, cache, mail, print queues, crash data
Key insight: /proc is not a real disk directory. It's a virtual filesystem that exposes kernel and process data. cat /proc/cpuinfo reads live CPU data from the kernel — not a file on disk.
Essential Commands¶
Navigation¶
pwd # print working directory
ls # list files
ls -la # all files + permissions (long format)
cd /etc # change directory
cd .. # go up one level
cd ~ # go to your home directory
File Operations¶
touch file.txt # create empty file
mkdir -p dir/sub # create directory (and parents)
cp file.txt backup/ # copy
mv file.txt new.txt # move or rename
rm file.txt # delete file
rm -rf directory/ # delete directory and everything inside (irreversible)
cat file.txt # print file contents
less file.txt # view file page by page (q to quit)
head -20 file.txt # first 20 lines
tail -f app.log # last lines, live-updating (great for log monitoring)
Search¶
grep "error" app.log # search for text in file
grep -r "config" /etc/ # recursive search in directory
grep -i "error" app.log # case-insensitive
find / -name "*.conf" # find files by name
find /var/log -newer file.txt # find files modified more recently than file.txt
Permissions¶
chmod 755 script.sh # rwxr-xr-x
chmod +x script.sh # add execute permission
chmod 600 key.pem # rw------- (required for SSH keys)
chown user:group file # change owner
sudo command # run as superuser
whoami # show current user
Permission numbers:
r = 4 (read)
w = 2 (write)
x = 1 (execute)
755 = 7(owner: rwx) 5(group: r-x) 5(other: r-x)
644 = 6(owner: rw-) 4(group: r--) 4(other: r--)
600 = 6(owner: rw-) 0(group: ---) 0(other: ---)
Processes¶
ps aux # list all running processes
top # live process monitor (q to quit)
kill 1234 # send SIGTERM to process ID 1234
kill -9 1234 # force kill (SIGKILL)
nohup command & # run command that survives logout
Networking¶
ping 8.8.8.8 # test connectivity (Google DNS)
ping -c 4 google.com # ping 4 times then stop
curl https://example.com # make HTTP request
wget https://url/file # download file
ssh -i key.pem user@ip # SSH with key
scp -i key.pem file user@ip:/path # secure copy to remote
netstat -tuln # show listening ports
ss -tuln # modern alternative to netstat
ifconfig / ip addr # show network interfaces + IPs
traceroute google.com # trace route (hop by hop)
dig google.com # DNS lookup
nslookup google.com # simpler DNS lookup
Disk¶
df -h # disk space usage (human readable)
du -sh * # size of each item in current directory
lsblk # list block devices (disks, volumes)
mount # show mounted filesystems
File Redirection¶
command > file.txt # stdout to file (overwrite)
command >> file.txt # stdout to file (append)
command 2> err.txt # stderr to file
command 2>&1 # redirect stderr to stdout
command &> /dev/null # discard all output
cat file | grep "error" # pipe output of one command into another
File descriptors:
0= stdin (input)1= stdout (normal output)2= stderr (error output)
Shell Profile Files¶
| File | When It Loads |
|---|---|
~/.bash_profile |
Login shell (SSH, console login) |
~/.bashrc |
Interactive non-login shell (new terminal tab) |
~/.zshrc |
Zsh equivalent of .bashrc |
Apply changes without restarting: source ~/.bashrc
Package Management¶
# Debian/Ubuntu (apt)
sudo apt update # refresh package index
sudo apt install nginx # install package
sudo apt upgrade # upgrade all packages
# RHEL/CentOS/Amazon Linux (yum/dnf)
sudo yum install httpd
sudo yum update
sudo dnf install python3 # newer RHEL uses dnf
Amazon Linux 2023 uses dnf. Amazon Linux 2 uses yum.
Systemd (Service Management)¶
sudo systemctl start nginx # start service
sudo systemctl stop nginx # stop service
sudo systemctl restart nginx # restart
sudo systemctl enable nginx # start on boot
sudo systemctl status nginx # check if running
journalctl -u nginx -f # view live logs for a service
Mental Model¶
Linux = everything is a file
Programs → /bin, /usr/bin
Config → /etc
Logs → /var/log
Processes → /proc (virtual)
Devices → /dev
You don't "open an application" — you execute a binary from a path.
You don't "check settings" — you read a text file in /etc.
You don't "view running programs" — you read /proc or use ps.
Once you see the pattern, every Linux system is the same.
Self-Quiz¶
- What does
/proccontain and why isn't it a real directory on disk? - What's the difference between
/binand/sbin? chmod 600 key.pem— what permissions does this set and why is it required for SSH?tail -f app.log— what does the-fflag do and when would you use it?- What's
2>&1doing in a command? rm -rf /— what would this do? Why is it dangerous?- How do you check which port a service is listening on?
- What's the difference between
apt updateandapt upgrade?