// eknathalabs.com · linux lab

Master Linux.
Admin with Confidence.

Structured hands-on Linux learning — LFCS exam domains, 8 interactive offline tools, 250+ commands, 10-question quiz, and full lab walkthroughs. Built by a Platform Engineer.

eknatha@linuxlab ~ bash
eknatha@linuxlab $ systemctl status nginx
● nginx.service - A high performance web server Active: failed (Result: exit-code) eknatha@linuxlab $ journalctl -u nginx -n 5
Aug 12 09:42 nginx[1234]: bind() to 0.0.0.0:80 failed (98: Address already in use) eknatha@linuxlab $ ss -tlnp | grep :80
LISTEN 0 128 0.0.0.0:80 users:(("apache2",pid=999)) # Port 80 held by apache2 — stop it first
eknatha@linuxlab $ sudo systemctl stop apache2 && sudo systemctl start nginx
✓ nginx.service — Active: active (running) eknatha@linuxlab $
14
Modules
8
Tools
250+
Commands
10
Quiz Q&A
6
Labs
12
Tutorials
LFCS
Exam Ready

⚡ CMD OF THE DAY
Loading...

// LFCS Exam Blueprint

Official Domain Coverage

Every module, quiz question, and lab maps to an official LFCS domain.

25%
Operations & Deployment
systemd, boot, cron, packages, containers
25%
Networking
interfaces, routing, iptables, firewalld, SSH, DNS
20%
Storage
LVM, partitioning, filesystems, RAID, mounting
20%
Essential Commands
find, grep, sed, awk, pipes, redirects, archives
10%
Users & Groups
useradd, sudo, PAM, ACLs, groups

// Learning Path

Structured Modules

14 modules from essential commands to advanced security. Click any to explore.

⌨️
Beginner
Essential Commands
Navigation, find, grep, sed, awk, pipes, redirects, stdin/stdout/stderr, archives.
findgrepsed/awkLFCS 20%
🔐
Beginner
Users, Groups & Permissions
useradd, passwd, sudo, ACLs, chmod, chown, SUID/SGID, sticky bit, umask.
useraddsudoACLLFCS 10%
⚙️
Beginner
systemd & Service Management
systemctl, journalctl, unit files, targets, boot sequence, dependencies.
systemctljournalctlLFCS 25%
💾
Intermediate
Storage & Filesystems
Partitioning (fdisk/gdisk), mkfs, mount, fstab, swap, ext4/xfs/btrfs.
fdisklvmmountLFCS 20%
🗄️
Intermediate
LVM — Logical Volume Manager
pvcreate, vgcreate, lvcreate, resize, snapshots, thin provisioning.
pvcreatelvcreatelvextend
🌐
Intermediate
Networking Fundamentals
ip, nmcli, netplan, static IPs, routes, DNS, ss, netstat, troubleshooting.
ip addrnmclissLFCS 25%
🛡️
Intermediate
Firewall — iptables & firewalld
iptables chains, rules, NAT, PREROUTING, firewalld zones, rich rules.
iptablesfirewalldnft
🔑
Intermediate
SSH & Remote Access
Key-based auth, sshd_config hardening, port forwarding, jump hosts, rsync.
ssh-keygensshdrsync
📦
Intermediate
Package Management
apt/dpkg (Debian), dnf/rpm (RHEL), snap, flatpak, compiling from source.
aptdnfrpm
📊
Intermediate
Process & Resource Management
ps, top, kill, nice/renice, ulimit, cgroups, load average, memory analysis.
pstopcgroups
🕐
Intermediate
Cron & Task Scheduling
crontab syntax, system cron, at, anacron, systemd timers.
crontabatsystemd timer
📋
Advanced
Shell Scripting for Sysadmins
Bash patterns, error handling, loops, functions, heredocs, real automation.
bashscriptingautomation
🐳
Advanced
Containers & Docker Basics
docker run/build/compose, image management, networking, volumes.
dockercontainersLFCS
🔒
Advanced
SELinux & AppArmor
Mandatory access control, contexts, booleans, audit logs, denial troubleshooting.
SELinuxAppArmorMAC

// Interactive Tools

Built-in Linux Tools

8 fully offline interactive tools — no API, no internet, works anywhere.

🔴
LOOKUP
Error Encyclopedia
Search 25 Linux errors. Root cause, exact fix commands, and prevention tips.
⚙️
GENERATOR
systemd Unit Builder
Fill in the form → get a production-ready .service file. Copy and deploy.
🔐
CALCULATOR
Permission Calculator
Click rwx bits → live octal, symbolic, and chmod commands. Quick presets.
🕐
BUILDER
Cron Expression Builder
Build cron expressions visually. See next run times + systemd timer equivalent.
🌐
REFERENCE
Port Reference
Search 50+ well-known ports. Click to copy the ss/iptables command.
💾
GENERATOR
LVM Command Generator
Enter disk/VG/LV names → get the full pvcreate → mkfs → mount script.
📡
REFERENCE
Signals Reference
All 31 Linux signals — number, name, action, use case. Click to copy kill command.
🔍
TESTER
grep / Regex Tester
Paste text + pattern → matches highlighted live. Toggle -i -E -v -n flags.
🧮
CALCULATOR
Subnet Calculator
Enter IP + CIDR → network address, broadcast, host range, usable hosts, wildcard mask.
📋
ANALYZER
Log Analyzer
Paste any log output → highlights ERROR/WARN/CRIT, counts by severity, extracts IPs & timestamps.

// Quick Reference

Linux Cheatsheet

250+ commands — searchable, click any row to copy to clipboard.

20 commands
find / -perm /4000Find all SUID files on system⎘ copy
journalctl -u nginx --since "1 hour ago"View nginx logs from last hour⎘ copy
ss -tlnpList all TCP listening ports with process⎘ copy
lvcreate -L 10G -n data vg0Create 10G LVM logical volume⎘ copy
iptables -L -n -v --line-numbersList all iptables rules with line numbers⎘ copy
grep -r "pattern" /etc/ --include="*.conf"Recursive grep in .conf files only⎘ copy
tar -czf backup.tar.gz /var/dataCreate compressed tar archive⎘ copy
rsync -avz --delete src/ user@host:/dst/Sync with delete of removed files⎘ copy
nmcli con mod eth0 ipv4.method manual ipv4.addresses 192.168.1.10/24Set static IP via NetworkManager⎘ copy
ausearch -m avc -ts recentFind recent SELinux denials⎘ copy
systemctl list-units --failedList all failed systemd units⎘ copy
df -hTShow disk usage with filesystem type⎘ copy
lsblk -fList block devices with filesystem info⎘ copy
ps aux --sort=-%mem | head -10Top 10 processes by memory usage⎘ copy
netstat -rnShow kernel routing table⎘ copy
useradd -m -s /bin/bash -G sudo usernameCreate user with home dir and sudo⎘ copy
chmod 2775 /shared/dirSet SGID on shared directory⎘ copy
getfacl /path/to/fileView ACL entries for a file⎘ copy
pvdisplay && vgdisplay && lvdisplayFull LVM stack summary⎘ copy
strace -p $PIDTrace system calls of running process⎘ copy
No commands match your search.

// Practice Questions

LFCS Quiz

36 scenario-based questions mapped to official LFCS domains.

Score: 0/0 Q 1/10
Quiz Complete

// Hands-on Scenarios

Practice Labs

25 step-by-step labs modelled on real production incidents and LFCS exam tasks.

01
Recover a Broken Boot — GRUB Rescue
Simulate and recover from a corrupted GRUB config. Single-user mode, chroot, reinstall bootloader.
~45 minIntermediate
Boot into GRUB rescue mode by holding Shift during boot to access GRUB menu.
At rescue prompt, find your root partition: ls (hd0,1)/ until you see etc/.
Set root and prefix: set root=(hd0,1) then set prefix=(hd0,1)/boot/grub
Load normal module and boot: insmod normal then normal
Once booted, reinstall GRUB: sudo grub-install /dev/sda && sudo update-grub
Verify: cat /boot/grub/grub.cfg | grep menuentry
02
LVM Full Disk — Expand Without Downtime
Simulate 100% disk alert. Add PV, extend VG, resize LV, grow filesystem live.
~30 minIntermediate
Check current state: df -h /dev/mapper/vg0-data — confirm 100% usage.
Initialize new disk as PV: sudo pvcreate /dev/sdb
Extend the volume group: sudo vgextend vg0 /dev/sdb
Extend the logical volume: sudo lvextend -L +20G /dev/vg0/data
Grow ext4 filesystem online: sudo resize2fs /dev/vg0/data
Verify: df -h /dev/mapper/vg0-data — confirm new size.
03
Nginx Fails to Start — Port Conflict Debug
Diagnose port conflict with ss/fuser, stop conflicting service, persist with systemd.
~20 minBeginner
Check nginx status: sudo systemctl status nginx — note "Address already in use".
Find who owns port 80: ss -tlnp | grep :80 or sudo fuser 80/tcp
Identify conflicting service: ps aux | grep <PID>
Stop conflicting service: sudo systemctl stop apache2
Start nginx: sudo systemctl start nginx && sudo systemctl enable nginx
Verify: curl -I http://localhost — expect HTTP/1.1 200 OK.
04
Set Up SSH Hardening — No-Password Auth
Key-based auth only, disable root login, change port, configure fail2ban.
~35 minIntermediate
Generate SSH key pair: ssh-keygen -t ed25519 -C "admin@server"
Copy public key: ssh-copy-id -i ~/.ssh/id_ed25519.pub user@host
Edit sshd config: Set PasswordAuthentication no, PermitRootLogin no, Port 2222
Reload sshd: sudo systemctl reload sshd — test new key login first!
Install fail2ban: sudo apt install fail2ban, configure /etc/fail2ban/jail.local
Test: attempt 5 wrong logins — sudo fail2ban-client status sshd
05
Firewall: Isolate a Compromised Web Server
Use iptables to allow only 443 inbound, block all outbound except DNS, persist rules.
~40 minAdvanced
Flush rules: sudo iptables -F && sudo iptables -X
Set default DROP: sudo iptables -P INPUT DROP && sudo iptables -P OUTPUT DROP
Allow established: sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
Allow HTTPS inbound: sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
Allow DNS outbound: sudo iptables -A OUTPUT -p udp --dport 53 -j ACCEPT
Persist: sudo iptables-save > /etc/iptables/rules.v4
06
SELinux Denial — Fix Without Disabling
App fails due to AVC denial. Use audit2allow, setsebool, restorecon. Never setenforce 0.
~45 minAdvanced
Check SELinux status: sestatus — ensure Enforcing mode.
Find the denial: ausearch -m avc -ts recent | audit2why
Check boolean fix: getsebool -a | grep httpd then setsebool -P httpd_can_network_connect on
Fix file context: restorecon -Rv /var/www/html/
Custom policy: ausearch -m avc | audit2allow -M mypol && semodule -i mypol.pp
Verify: sestatus | grep mode — still enforcing.
07
Find and Kill a Runaway Process
Identify a CPU-hogging process using top/ps, trace it with strace, send graceful SIGTERM then SIGKILL.
~20 minBeginner
Identify the runaway: top -b -n1 | head -20 — sort by %CPU, note the PID.
Confirm with ps: ps aux --sort=-%cpu | head -5
Get full command: cat /proc/<PID>/cmdline | tr '' ' '
Try graceful stop: kill -15 <PID> — wait 10 seconds.
If still running, force kill: kill -9 <PID>
Verify: ps aux | grep <PID> — should show no results.
08
Disk Full — Hunt Down the Space Hog
Disk hits 100%. Find the culprit using du/lsof, truncate open log files, free inodes.
~25 minIntermediate
Check disk usage: df -h — identify the full partition.
Find top space consumers: du -sh /* 2>/dev/null | sort -rh | head -15
Drill down into suspects: du -sh /var/log/* | sort -rh | head -10
Find deleted-but-open files: sudo lsof | grep deleted | sort -k7 -rn | head -10
Truncate open log file safely: sudo truncate -s 0 /var/log/app/debug.log
Check inodes: df -i then find inode hogs: find /var -xdev -printf '%h ' | sort | uniq -c | sort -rn | head
09
Create a Systemd Service for a Custom App
Write a proper unit file with restart policy, dedicated user, resource limits, and journald logging.
~30 minBeginner
Create service user: sudo useradd -r -s /sbin/nologin myapp
Write unit file at /etc/systemd/system/myapp.service with [Unit], [Service], [Install] sections.
Set key directives: User=myapp, Restart=on-failure, RestartSec=5s, NoNewPrivileges=yes.
Reload daemon: sudo systemctl daemon-reload
Enable and start: sudo systemctl enable --now myapp
Verify logs: journalctl -u myapp -f — confirm service is running and logging.
10
Static IP + DNS + Route on RHEL with nmcli
Configure a persistent static IP, set DNS resolvers, add a static route, verify with ip and resolvectl.
~25 minIntermediate
List connections: nmcli connection show — note the interface name.
Set static IP: nmcli con mod ens3 ipv4.method manual ipv4.addresses 10.0.1.50/24 ipv4.gateway 10.0.1.1
Set DNS: nmcli con mod ens3 ipv4.dns "1.1.1.1 8.8.8.8" ipv4.dns-search "internal.lab"
Add static route: nmcli con mod ens3 +ipv4.routes "172.16.0.0/12 10.0.1.254"
Apply changes: nmcli con up ens3
Verify: ip addr show ens3, ip route show, resolvectl status
11
User Lockout Recovery — Restore Sudo Access
Restore sudo access for a locked-out user via single-user mode and visudo, then verify wheel group.
~30 minIntermediate
Boot into single-user mode: Interrupt GRUB, append rd.break to kernel parameters.
Remount root as read-write: mount -o remount,rw /sysroot then chroot /sysroot
Add user to wheel group: usermod -aG wheel username
Fix sudoers if broken: visudo — verify %wheel ALL=(ALL) ALL line exists.
Exit chroot and reboot: exit then reboot -f
Verify access: sudo -l -U username — confirm wheel group is listed.
12
Tune Kernel for High-Traffic Web Server
Apply sysctl tuning for network performance: TCP buffers, connection backlog, TIME_WAIT, BBR congestion control.
~40 minAdvanced
Baseline: ss -s, sar -n TCP 1 5 — record current connection stats.
Apply tuned profile: tuned-adm profile throughput-performance
Increase connection backlog: sysctl -w net.core.somaxconn=65535 and net.ipv4.tcp_max_syn_backlog=65535
Tune TCP buffers: sysctl -w net.core.rmem_max=134217728 net.core.wmem_max=134217728
Enable BBR: modprobe tcp_bbr then sysctl -w net.ipv4.tcp_congestion_control=bbr
Persist changes: write all params to /etc/sysctl.d/99-webserver.conf then sysctl --system
13
LVM Snapshot — Pre-Upgrade Backup & Rollback
Create a snapshot before a risky upgrade, simulate failure, merge snapshot to rollback to known-good state.
~35 minIntermediate
Check VG free space: vgs — need at least 10% free for CoW data.
Create snapshot: sudo lvcreate -L 5G -s -n lv_app-snap /dev/vg_data/lv_app
Verify snapshot: lvs -a — confirm snapshot with origin shown.
Simulate the upgrade or make changes. If things break, proceed to rollback.
Unmount the LV: sudo umount /opt/app
Merge snapshot to rollback: sudo lvconvert --merge /dev/vg_data/lv_app-snap then reboot.
14
Diagnose and Guard Against a Memory Leak
Track growing RSS over time with ps/smem, identify the leaking process, apply cgroup MemoryMax as a guardrail.
~45 minAdvanced
Monitor memory trend: watch -n 5 'ps aux --sort=-%mem | head -10'
Check OOM history: journalctl -k | grep -i oom
Use smem for accurate PSS: smem -r -k | head -15
Sample RSS over time: while true; do ps -o rss= -p <PID>; sleep 30; done
Apply memory cap via systemd override: systemctl edit myapp — add MemoryMax=512M and MemoryHigh=400M
Test guardrail: systemctl show myapp | grep Memory — confirm limits applied.
15
Log Rotation Setup with logrotate
Configure logrotate for an app writing large logs: compress, rotate daily, keep 30 days, post-rotate reload.
~20 minIntermediate
Check current log size: ls -lh /var/log/myapp/
Create config: sudo tee /etc/logrotate.d/myapp with path, daily, rotate 30, compress, missingok.
Add post-rotate: include systemctl reload myapp in a postrotate/endscript block.
Test config dry-run: sudo logrotate --debug /etc/logrotate.d/myapp
Force immediate rotation: sudo logrotate -f /etc/logrotate.d/myapp
Verify: ls -lh /var/log/myapp/ — check .gz files created, old logs removed.
16
NFS Mount with Automount and fstab Hardening
Mount NFS share, configure _netdev + nofail in fstab, set up systemd automount, test failover.
~40 minAdvanced
Install NFS client: sudo dnf install nfs-utils -y
Test manual mount: sudo mount -t nfs nas.local:/exports/data /mnt/nfs — verify access.
Add to fstab with options: nas.local:/exports/data /mnt/nfs nfs rw,hard,timeo=600,_netdev,nofail 0 0
Validate fstab: sudo findmnt --verify
Create systemd automount unit with TimeoutIdleSec=600 to unmount after 10 min idle.
Test failover: take network down — verify system boots without hanging on NFS mount.
17
ACL Setup for Shared Development Directory
Use setfacl to grant a group read-write on a shared dir while restricting others; set default ACLs for new files.
~20 minBeginner
Create shared dir and group: mkdir /shared/project && groupadd devteam
Set SGID so new files inherit group: chmod 2770 /shared/project && chgrp devteam /shared/project
Grant ACL to group: setfacl -m g:devteam:rwx /shared/project
Set default ACL for new files: setfacl -d -m g:devteam:rwx /shared/project
Give read-only ACL to ops team: setfacl -m g:ops:rx /shared/project
Verify: getfacl /shared/project — confirm all entries including default ACL.
18
Migrate Cron Job to Systemd Timer
Convert a cron job to a systemd timer, add logging, set RandomizedDelaySec, monitor with systemd-analyze.
~25 minIntermediate
List existing cron jobs: crontab -l — identify the job to migrate.
Create service unit: sudo tee /etc/systemd/system/backup.service with Type=oneshot and ExecStart.
Create timer unit: sudo tee /etc/systemd/system/backup.timer with OnCalendar=daily and RandomizedDelaySec=30min.
Enable timer: sudo systemctl enable --now backup.timer
Verify next run: systemctl list-timers and systemd-analyze calendar daily
Check logs after run: journalctl -u backup.service -n 20 — confirm output captured.
19
Network Bonding — Active-Backup Failover
Set up a bonded interface with two NICs in active-backup mode, simulate NIC failure, verify seamless failover.
~50 minAdvanced
Create bond: nmcli con add type bond con-name bond0 ifname bond0 bond.options "mode=active-backup,miimon=100"
Add first slave: nmcli con add type ethernet con-name bond0-slave1 ifname ens3 master bond0
Add second slave: nmcli con add type ethernet con-name bond0-slave2 ifname ens4 master bond0
Configure IP on bond: nmcli con mod bond0 ipv4.method manual ipv4.addresses 192.168.1.100/24 ipv4.gateway 192.168.1.1
Bring up bond: nmcli con up bond0 — verify with cat /proc/net/bonding/bond0
Simulate NIC failure: ip link set ens3 down — ping should continue; verify active slave changed in bonding file.
20
SSL/TLS Certificate Renewal — Zero Downtime
Renew an expiring SSL cert, test with openssl, deploy with nginx reload (not restart) for zero-downtime cutover.
~30 minIntermediate
Check expiry: openssl x509 -in /etc/ssl/certs/myapp.crt -noout -dates
Generate new CSR: openssl req -new -key /etc/ssl/private/myapp.key -out /tmp/myapp.csr
Install new cert (after CA signs it): cp newcert.crt /etc/ssl/certs/myapp.crt
Test nginx config: sudo nginx -t — must pass before any reload.
Zero-downtime reload: sudo systemctl reload nginx — NOT restart.
Verify new cert is live: openssl s_client -connect myapp.example.com:443 -brief 2>/dev/null | grep -i expire
21
iostat + iotop — Diagnose Disk I/O Bottleneck
Identify a disk-saturated service using iostat, iotop, and pidstat. Tune I/O scheduler and queue depth.
~40 minAdvanced
Check I/O load: iostat -xz 2 5 — look for %util near 100% or await > 20ms.
Find the I/O culprit: sudo iotop -o -d 1 — sort by I/O bandwidth.
Confirm with pidstat: pidstat -d 2 5 — match PID to service name.
Check current scheduler: cat /sys/block/sda/queue/scheduler
Tune scheduler (for SAS/SATA): echo mq-deadline > /sys/block/sda/queue/scheduler
Persist via udev rule: write to /etc/udev/rules.d/60-scheduler.rules then udevadm trigger
22
Write a Production-Safe Bash Script
Build a disk alert script with set -euo pipefail, logging, locking, and email notification.
~35 minBeginner
Open editor: vim /opt/scripts/disk-alert.sh — start with #!/usr/bin/env bash and set -euo pipefail.
Add logging function: log() { echo "[$(date '+%Y-%m-%d %H:%M:%S')] $*" | tee -a /var/log/disk-alert.log; }
Add lock mechanism using mkdir /var/run/disk-alert.lock to prevent concurrent runs.
Core logic: use df -h with awk to parse usage %, compare against threshold variable.
Add email alert: echo "$MSG" | mail -s "[DISK ALERT] $(hostname)" [email protected]
Test: bash -n disk-alert.sh then shellcheck disk-alert.sh — fix all warnings before deploying.
23
Swap Space Emergency — Add Without Reboot
System running out of memory. Add a 4GB swap file without downtime, tune swappiness, persist across reboots.
~15 minIntermediate
Check current swap: free -h and swapon --show
Allocate swap file: sudo fallocate -l 4G /swapfile
Secure it: sudo chmod 600 /swapfile
Format and enable: sudo mkswap /swapfile && sudo swapon /swapfile
Persist in fstab: echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab
Tune swappiness: sysctl -w vm.swappiness=10 and persist in /etc/sysctl.d/99-swap.conf
24
Audit Trail — Find Who Deleted a Critical File
Use auditd to track file deletions, query ausearch, trace the responsible user and process.
~40 minAdvanced
Install and enable auditd: sudo dnf install audit -y && sudo systemctl enable --now auditd
Add watch on critical file: sudo auditctl -w /etc/passwd -p wa -k passwd-changes
Persist rule: add to /etc/audit/rules.d/99-critical.rules then augenrules --load
Trigger event: delete or modify the file as a test user.
Query audit log: ausearch -k passwd-changes -ts recent — find UID, command, and timestamp.
Decode UID to username: ausearch -k passwd-changes -ts recent -i | grep -i auid
25
Package Version Lock and Rollback with dnf
Pin a package version, perform a test upgrade, use dnf history to rollback to the previous known-good state.
~25 minIntermediate
Check installed version: rpm -q nginx
Install versionlock plugin and pin: sudo dnf install python3-dnf-plugin-versionlock && sudo dnf versionlock add nginx
Verify lock: sudo dnf versionlock list — confirm nginx is pinned.
Perform upgrade test: sudo dnf versionlock delete nginx && sudo dnf update nginx
Rollback if issue: sudo dnf history undo last
Verify rollback: rpm -q nginx — confirm previous version is restored.

// Error Encyclopedia

Linux Error Encyclopedia

Common Linux errors — root cause, fix commands, and prevention. Click to expand.

Failed to start nginx.service — control process exited with error codesystemd
Root Cause

The nginx process failed to start — usually a config syntax error, port conflict, or missing file.

Fix Commands
journalctl -u nginx -n 50 --no-pager nginx -t ss -tlnp | grep :80 sudo systemctl start nginx
Prevention

Always run nginx -t before reloading. Use systemctl --failed to catch issues early.

bind() to 0.0.0.0:80 failed (98: Address already in use)Network
Root Cause

Another process is bound to port 80. Common culprits: apache2, another nginx instance, or a Node.js app.

Fix Commands
ss -tlnp | grep :80 sudo fuser -k 80/tcp sudo systemctl stop apache2 sudo systemctl start nginx
Prevention

Use ss -tlnp before starting services. Only one service should own each port.

GRUB error: unknown filesystem. Entering rescue mode...Boot
Root Cause

GRUB cannot find or read the boot partition — caused by disk change, wrong partition table, or GRUB misconfiguration.

Fix Commands
grub rescue> ls (hd0,1)/ grub rescue> set root=(hd0,1) grub rescue> insmod normal grub rescue> normal # After boot: sudo grub-install /dev/sda && sudo update-grub
Prevention

After changing disk layout, always run update-grub. Keep a live USB available.

No space left on device (ENOSPC)Storage
Root Cause

Either disk space is exhausted, or inode count is depleted (you can have free blocks but no free inodes).

Fix Commands
df -h # check disk space df -i # check inodes du -sh /* 2>/dev/null | sort -rh | head -10 journalctl --vacuum-size=200M
Prevention

Set up disk usage alerts at 80%. Rotate logs with logrotate. Monitor inodes.

type=AVC msg=audit: denied { read } for path=... comm="nginx"Permissions
Root Cause

SELinux is blocking nginx from reading a file — the file has an incorrect security context label.

Fix Commands
ausearch -m avc -ts recent | audit2why ls -Z /path/to/file restorecon -Rv /path/to/dir/ chcon -t httpd_sys_content_t /path/to/file
Prevention

Always use restorecon after moving files. Never use setenforce 0 as a fix.

ssh: connect to host 192.168.1.1 port 22: Connection refusedNetwork
Root Cause

SSH daemon is not running, bound to a different port, or firewall is blocking port 22.

Fix Commands
sudo systemctl status sshd sudo systemctl start sshd ss -tlnp | grep ssh sudo iptables -L | grep 22
Prevention

Enable sshd with systemctl enable sshd. Open firewall port before changing SSH port.

sudo: user not in the sudoers file. This incident will be reported.Permissions
Root Cause

The user account is not in the sudo group or lacks a sudoers entry.

Fix Commands
# As root: usermod -aG sudo username # Debian/Ubuntu usermod -aG wheel username # RHEL/CentOS visudo # edit sudoers safely
Prevention

Add users to the sudo/wheel group during provisioning.

E: Could not get lock /var/lib/dpkg/lockStorage
Root Cause

Another apt/dpkg process is running (e.g. unattended-upgrades, another terminal).

Fix Commands
ps aux | grep -E "apt|dpkg" sudo lsof /var/lib/dpkg/lock sudo kill -9 <PID> sudo rm /var/lib/dpkg/lock* sudo dpkg --configure -a
Prevention

Never force-kill apt without running dpkg --configure -a afterward.


// RHEL Deep-Dive Guides

Linux Tutorials

12 complete RHEL-based tutorials with real examples, Do's & Don'ts — read everything right here, no GitHub needed.

📁
Beginner
01 — File System & Navigation
Filesystem hierarchy, ls/cd/find/locate, inodes, hard vs soft links, hidden files, path tricks.
findinodessymlinksRHEL
🔐
Beginner
02 — Users, Groups & Permissions
useradd/usermod/userdel, sudoers, ACLs, chmod/chown, SUID/SGID, sticky bit, umask, PAM basics.
useraddsudoACLRHEL
📊
Intermediate
03 — Process Management
ps/top/htop, kill signals, nice/renice, ulimits, /proc, cgroups, load average, oom-killer.
pskillcgroupsRHEL
⚙️
Intermediate
04 — systemd & Service Management
systemctl, unit files, targets, journalctl, drop-in configs, boot analysis, timer units.
systemctljournalctlunitsRHEL
💽
Intermediate
05 — Storage & Partitioning
fdisk/gdisk, parted, mkfs, mount, /etc/fstab, swap, ext4/xfs/btrfs, RAID basics with mdadm.
fdiskxfsfstabRHEL
🗄️
Intermediate
06 — LVM Deep Dive
pvcreate→vgcreate→lvcreate pipeline, live resize, snapshots, thin provisioning, migration.
pvcreatelvcreatesnapshotsRHEL
🌐
Intermediate
07 — Networking on RHEL
nmcli/nmtui, ip commands, static IP, routes, DNS, bonding/teaming, troubleshooting toolkit.
nmcliip routebondingRHEL
🛡️
Intermediate
08 — firewalld & iptables
firewalld zones, rich rules, services, masquerade, iptables chains, NAT, nftables intro.
firewalldiptablesnftRHEL
🔒
Advanced
09 — SELinux Mastery
Modes, contexts, booleans, audit2allow, restorecon, custom policies. Never setenforce 0.
SELinuxcontextsaudit2allowRHEL
📦
Beginner
10 — Package Management (RHEL)
dnf install/update/remove, rpm queries, repos, gpg keys, subscriptions, local repos, dnf history.
dnfrpmreposRHEL
📋
Advanced
11 — Shell Scripting for SysAdmins
Bash patterns, error handling (set -euo pipefail), functions, loops, heredocs, real automation.
bashscriptingautomationRHEL
Advanced
12 — Performance Tuning & Troubleshooting
CPU/memory/IO analysis, sar/iostat/vmstat, tuned profiles, kernel parameters, strace/perf.
sartunedperfRHEL
visitors — visits