= Commands you need to know for Red Hat Enterprise Linux You've learned the https://www.redhat.com/sysadmin/10-commands-terminal[basic Linux commands], and you've learned the https://www.redhat.com/sysadmin/linux-commands-to-know[essential sysadmin commands]. You've purchased a subscription for Red Hat Enterprise Linux, you've installed it on your hardware. Now what? There are some commands you're going to find yourself using as a sysadmin that are either specific to Red Hat Enterprise Linux, or else that ubiquitous on Linux and yet don't get used often enough to get settled into the top of mind. This is a cheat sheet I made for a sysadmin who was taking over the everyday maintenance of one of my Red Hat Enterprise Linux servers. == Software management The `dnf` command is the primary package manager on Red Hat Enterprise Linux. The old `yum` command is still supported for backward compatibility in scripts, but you'll mostly use `dnf` in real life. It's one of my favourite package managers, partly because it doesn't force you to update a local catalogue before you get to see updates in the remote repository, the way some other package managers do. To find and then install an application: [source,bash] ---- $ sudo dnf search rxvt rxvt-unicode.x86_64 : Unicode version of rxvt $ sudo dnf install rxvt-unicode ---- Sometimes the name of an installable package doesn't match the name of the application you need. This happens when lots of little utilities are bundled together. That's where the `provides` command comes in: [source,bash] ---- $ sudo dnf provides pathchk Updating Subscription Management repositories. Last metadata expiration check: 1 day, 8:36:50 ago on Tue 24 Jan 2023 21:08:13. coreutils-8.32-31.el9.x86_64 : A set of basic GNU tools commonly used in shell scripts Repo : @System Matched from: Filename : /usr/bin/pathchk ---- == Workstation package management Flatpaks are containerized application packages that handle dependencies and work within unique namespaces. Because Flatpaks run in relative isolation, users without administrative privileges can install and use them without affecting the rest of the system. Flatpaks are available from the GNOME **Software** application, but there's also a suite of terminal commands you can use to search and install for user apps. [source,bash] ---- $ flatpak search libreoffice flatpak search libreoffice Name Description Application ID [...] LibreOffice productivity org.libreoffice.LibreOffice [...] [...] $ flatpak install org.libreoffice.LibreOffice ---- == Network configuration One of the sysadmin's most important domains is the network. Learning basic networking commands can help you understand how a device knows what network to connect to, how to find a shared printer or a file share—or the biggest network of all, the internet. Much of a server's network configuration is managed by Network Manager, and the terminal interface for that is `nmcli`. To connect to a network, you must first add a network connection to a network interface. If you're not sure what network interfaces are available on a machine, use the `ip` command: [source,bash] ---- $ ip link show 1: lo: mtu 65536 [...] link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: enp1s0: mtu 1500 [...] link/ether 54:54:00:5d:09:8e brd ff:ff:ff:ff:ff:ff ---- Add an ethernet connection to the network interface `enp1s0`: [source,bash] ---- $ sudo nmcli connection \ add type ethernet \ ifname enp1s0 ---- And then connect to the network: [source,bash] ---- $ sudo nmcli connection up ethernet-enp1s0 ---- == Service management If you're running a server, then you're probably running a lot of services. Starting and stopping and monitoring services is done, as it is on most Linux distributions, through the `systemctl` command. To start a service now and at boot: [source,bash] ---- $ sudo systemctl enable --now sshd ---- If you only need to start a service now, but you don't want it to start on its own at boot, then just use the `start` subcommand: [source,bash] ---- $ sudo systemctl start sshd ---- To get the status of a service: [source,bash] ---- $ sudo systemctl status sshd ---- To stop a running service: [source,bash] ---- $ sudo systemctl stop sshd ---- It's that simple. == Firewall The `firewall-cmd` command is one of the easiest interfaces to a firewall I've ever used. It's highly flexible, which is especially useful for testing and for travel (I don't carry my server around with me, but that's important for a Workstation). The simplest and most common incantation for me involves opening a port that has, as most of them do, defaulted to being closed. First, get a list of existing service definitions. This is a collection of service name, port, and protocol combinations you can use to make a quick configuration change. [source,bash] ---- $ sudo firewall-cmd --list-services ---- One of the available definitions is `ssh`, so you can use it to allow SSH traffic through its default port 22: [source,bash] ---- $ sudo firewall-cmd --add-service ssh ---- Should you need to add a custom service that doesn't already have a definition, you can do that manually with the `--add-port` option. Set the port number and protocol: [source,bash] ---- $ sudo firewall-cmd --add-port 12345/tcp ---- All rules you create through this command only last until a reboot. To make a rule permanent, add the `--permanent` option: [source,bash] ---- $ sudo firewall-cmd --add-port 12345/tcp --permanent ---- == Subscription management It can be hard to internalize `subscription-manager` commands, because you probably don't update the support subscriptions of the machines on your network on a daily or even monthly basis. Luckily, the primary command you'll use for new acquisitions is pretty simple: [source,bash] ---- $ sudo subscription-manager register \ --username tux \ --password mypassphrase123 \ --auto-attach ---- This registers the system with your Red Hat account, and attaches applicable subscriptions to it, based on the computer's classification (server, workstation, development, and so on). If you forget the `--auto-attach` option, you can attach subscriptions later using the `subscription-manager attach` command. == Cheat sheet The truth is, you don't necessarily need to commit all commands to memory in advance. Most sysadmins cheat, either with the literal https://www.redhat.com/sysadmin/linux-cheat-command[cheat] command (or https://www.redhat.com/sysadmin/tldr-linux[tldr]), or with cheat sheets. Personally, I print cheat sheets and plaster them to the wall or keep them in my notebook. It's how I learned https://www.redhat.com/sysadmin/beginners-guide-emacs[Emacs], https://opensource.com/resources/what-is-git[Git], https://opensource.com/downloads/cheat-sheet-awk-features[Awk], and much much more. If you're a fellow cheater, then you can download the commands in this article, along with several I haven't mentioned in it, as a PDF or plain text cheat sheet.