3.1.2.6 Lab - Working With Text Files in The CLI
3.1.2.6 Lab - Working With Text Files in The CLI
Introduction
In this lab, you will get familiar with Linux command line text editors and configuration files.
Required Resources
• CyberOps Workstation Virtual Machine
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 1 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
Note: While the Linux file systems do not rely on extensions, some applications such as SciTE may
attempt to use them to identify file types.
i. Close space.txt when finished.
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 2 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
b. nano will launch and automatically load the space.txt text file. While the text may seem to be truncated
or incomplete, it is not. Because the text was created with no return characters and line wrapping is not
enabled by default, nano is displaying one long line of text.
Use the Home and End keyboard keys to quickly navigate to the beginning and to the end of a line,
respectively.
What character does nano use to represent that a line continues beyond the boundaries of the screen?
____________________________________________________________________________________
____________________________________________________________________________________
c. As shown on the bottom shortcut lines, CTRL+X can be used to exit nano. nano will ask if you want to
save the file before exiting (‘Y’ for Yes, or N for ‘No’). If ‘Y’ is chosen, you will be prompted to press enter
to accept the given file name, or change the file name, or provide a file name if it is a new unnamed
document.
d. To control nano, you can use CTRL, ALT, ESCAPE or the META keys. The META key is the key on the
keyboard with a Windows or Mac logo, depending on your keyboard configuration.
e. Navigation in nano is very user friendly. Use the arrows to move around the files. Page Up and Page
Down can also be used to skip forward or backwards entire pages. Spend some time with nano and its
help screen. To enter the help screen, press CTRL+G.
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 3 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
While a few files are displayed, none of them seem to be configuration files. This is because it is
convention to hide home-directory-hosted configuration files by preceding their names with a “.” (dot)
character.
b. Use the ls command again but this time add the –a option to also include hidden files in the output:
[analyst@secOps ~]$ ls –la
total 268
drwxr-xr-x 19 analyst analyst 4096 Aug 2 15:43 .
drwxr-xr-x 3 root root 4096 Sep 26 2014 ..
-rw------- 1 analyst analyst 250 May 4 11:42 .atftp_history
-rw------- 1 analyst analyst 13191 Aug 1 09:48 .bash_history
-rw-r--r-- 1 analyst analyst 97 Mar 21 15:31 .bashrc
drwxr-xr-x 4 analyst analyst 4096 Jul 6 10:26 broken_down
drwxr-xr-x 10 analyst analyst 4096 Nov 7 2016 .cache
drwxr-xr-x 12 analyst analyst 4096 Jun 5 11:45 .config
-rw-r--r-- 1 analyst analyst 16384 Apr 12 10:06 .cyberops_topo.py.swp
drwxr-xr-x 2 analyst analyst 4096 Sep 26 2014 Desktop
-rw-r--r-- 1 analyst analyst 43 Sep 27 2014 .dmrc
drwx------ 3 analyst analyst 4096 Jul 14 11:28 Downloads
-rw-r--r-- 1 analyst analyst 72 Sep 26 2014 .fehbg
drwxr-xr-x 5 analyst analyst 4096 Sep 26 2014 .fluxbox
drwx------ 3 analyst analyst 4096 Sep 7 2016 .gnupg
-rw------- 1 analyst analyst 28920 Aug 2 15:01 .ICEauthority
drwxr-xr-x 2 analyst analyst 4096 Sep 26 2014 .idlerc
drwxr-xr-x 3 analyst analyst 4096 Sep 27 2014 .java
drwxr-xr-x 8 analyst analyst 4096 Jul 25 16:27 lab.support.files
-rw------- 1 analyst analyst 290 Jul 6 15:15 .lesshst
drwxr-xr-x 3 analyst analyst 4096 Sep 26 2014 .local
<Some output omitted>
c. Use cat command to display the contents of the .bashrc file. This file is used to configure user-specific
terminal behavior and customization.
[analyst@secOps ~]$ cat .bashrc
export EDITOR=vim
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 4 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
the entire system and of which configuration files are stored under /etc. Notice that regular users do not
have writing access to /etc. This is important as it restricts the ability to change the system-wide service
configuration to the root user only.
Use the ls command to list the contents of the /etc directory:
[analyst@secOps ~]$ ls /etc
adjtime host.conf mke2fs.conf rc_maps.cfg
apache-ant hostname mkinitcpio.conf request-key.conf
apparmor.d hosts mkinitcpio.d request-key.d
arch-release ifplugd modprobe.d resolv.conf
avahi initcpio modules-load.d resolvconf.conf
bash.bash_logout inputrc motd rpc
bash.bashrc iproute2 mtab rsyslog.conf
binfmt.d iptables nanorc securetty
ca-certificates issue netconfig security
crypttab java-7-openjdk netctl services
dbus-1 java-8-openjdk netsniff-ng shadow
default kernel nginx shadow-
depmod.d krb5.conf nscd.conf shells
dhcpcd.conf ld.so.cache nsswitch.conf skel
dhcpcd.duid ld.so.conf ntp.conf ssh
dkms ld.so.conf.d openldap ssl
drirc libnl openvswitch sudoers
elasticsearch libpaper.d os-release sudoers.d
environment lightdm pacman.conf sudoers.pacnew
ethertypes locale.conf pacman.conf.pacnew sysctl.d
filebeat locale.gen pacman.d systemd
fonts locale.gen.pacnew pam.d tmpfiles.d
fstab localtime pango trusted-key.key
gai.conf login.defs papersize udev
gemrc logrotate.conf passwd UPower
group logrotate.d passwd- vdpau_wrapper.cfg
group- logstash pcmcia vimrc
group.pacnew lvm pkcs11 webapps
grub.d machine-id polkit-1 wgetrc
gshadow mail.rc profile X11
gshadow- makepkg.conf profile.d xdg
gshadow.pacnew man_db.conf protocols xinetd.d
gtk-2.0 mdadm.conf pulse yaourtrc
gtk-3.0 mime.types rc_keymaps
e. Use the cat command to display the contents of the bash_bashrc file:
[analyst@secOps ~]$ cat /etc/bash.bashrc
#
# /etc/bash.bashrc
#
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 5 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
case ${TERM} in
xterm*|rxvt*|Eterm|aterm|kterm|gnome*)
PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033]0;%s@%s:%s\007"
"${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"'
;;
screen)
PROMPT_COMMAND=${PROMPT_COMMAND:+$PROMPT_COMMAND; }'printf "\033_%s@%s:%s\033\\"
"${USER}" "${HOSTNAME%%.*}" "${PWD/#$HOME/\~}"'
;;
esac
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 6 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
c. Because .bashrc is a hidden file with no extension, SciTE does not display it in the file list. If the Location
feature is not visible in the dialog box, click the Type a file name button, as shown below, and type
.bashrc. Click Open.
d. Locate 32 and replace it with 31. 32 is the color code for green, while 31 represents red.
e. Save the file by selecting File > Save and close SciTE by clicking the X icon.
f. Click the Terminal application icon located on the Dock, at the bottom center of the Cisco CyberOPS VM
screen. The prompt should appear in red instead of green.
Did the terminal window which was already open also change color from green to red? Explain.
____________________________________________________________________________________
____________________________________________________________________________________
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 7 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
g. The same change could have been made from the command line with a text editor such as nano. From a
new terminal window, type nano .bashrc to launch nano and automatically load the .bashrc file in it:
[analyst@secOps ~]$ nano .bashrc
export EDITOR=vim
[ Read 5 lines ]
^G Get Help ^O Write Out ^W Where Is ^K Cut Text ^J Justify ^C Cur Pos
^X Exit ^R Read File ^\ Replace ^U Uncut Text^T To Spell ^_ Go To Line
1
2 #user html;
3 worker_processes 1;
4
5 #error_log logs/error.log;
6 #error_log logs/error.log notice;
7 #error_log logs/error.log info;
8
9 #pid logs/nginx.pid;
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 8 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
10
11
12 events {
13 worker_connections 1024;
14 }
15
16
17 http {
18 include mime.types;
19 default_type application/octet-stream;
20
21 #log_format main '$remote_addr - $remote_user [$time_local] "$request$
22 # '$status $body_bytes_sent "$http_referer" '
23 # '"$http_user_agent" "$http_x_forwarded_for"';
24
25 #access_log logs/access.log main;
26
27 sendfile on;
28 #tcp_nopush on;
29
30 #keepalive_timeout 0;
31 keepalive_timeout 65;
32
33 #gzip on;
34
35 server {
36 listen 81;
37 server_name localhost;
38
39 #charset koi8-r;
40
41 #access_log logs/host.access.log main;
42
43 location / {
44 root /usr/share/nginx/html;
45 index index.html index.htm;
46 }
47
48 #error_page 404 /404.html;
49
^G Get Help ^O Write Out ^W Where Is ^K Cut Text ^J Justify ^C Cur Pos
^X Exit ^R Read File ^\ Replace ^U Uncut Text^T To Spell ^_ Go To Li
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 9 of 10 www.netacad.com
Lab – Working with Text Files in the CLI
c. Notice that at the bottom of the window, above the nano commands, the line number is highlighted and
listed. On line 36, change the port number from 81 to 8080. This will tell nginx to listen to HTTP requests
on port TCP 8080.
d. Next, move to line 44 and change the path from /usr/share/nginx/html/ to
/home/analyst/lab.support.files/
Note: Be careful not to remove the semi-colon at the end of the line or nginx will throw an error on
startup.
e. Press CTRL+X to save the file. Press Y and then ENTER to confirm and use the custom_server.conf as
the filename.
f. Type the command below to execute nginx using the modified configuration file:
[analyst@secOps ~]$ sudo nginx -c custom_server.conf -g “pid
/var/run/nginx_v.pid;”
Note: The -g “pid /var/run/nginx_v.pid;” is needed to tell nginx what file to use when storing the
process ID that identifies this instance of nginx.
g. Click the web browser icon on the Dock to launch Firefox.
h. On the address bar, type 127.0.0.1:8080 to connect to a web server hosted on the local machine on port
8080. A page related to this lab should appear.
i. After successfully opening the nginx homepage, look at the connection message in the terminal window.
What is the error message referring to?
____________________________________________________________________________________
j. To shut down the nginx webserver, press ENTER to get a command prompt and type the following
command in the terminal window:
[analyst@secOps ~]$ sudo pkill nginx
k. You can test whether the nginx server is indeed shut down by first clearing the recent history in the web
browser, then close and re-open the web browser, then go to the nginx homepage at 127.0.0.1:8080.
Does the web page appear? _____
Challenge: Can you edit the /etc/nginx/custom_server.conf file with SciTE? Describe the process below.
Remember, because the file is stored under /etc, you will need root permissions to edit it.
_______________________________________________________________________________________
_______________________________________________________________________________________
Reflection
Depending on the service, more options may be available for configuration.
Configuration file location, syntax, and available parameters will vary from service to service. Always consult
the documentation for information.
Permissions are a very common cause of problems. Make sure you have the correct permissions before
trying to edit configuration files.
More often than not, services must be restarted before the changes take effect.
Cisco and/or its affiliates. All rights reserved. Cisco Confidential Page 10 of 10 www.netacad.com