Portal | Level: L2: Operations | Topics: LPIC / LFCS Exam, Linux Fundamentals, Bash / Shell Scripting, systemd | Domain: Linux
LPIC / LFCS Exam Preparation — Primer¶
Why This Matters¶
The LPIC-1 (Linux Professional Institute) and LFCS (Linux Foundation Certified Sysadmin) are the Debian-family counterparts to RHCSA/RHCE. They are distro-neutral but lean heavily toward Debian/Ubuntu tooling. They validate core Linux administration skills that every ops engineer needs.
Certification Landscape¶
| Cert | Vendor | Focus | Distro Bias | Exam Format |
|---|---|---|---|---|
| RHCSA (EX200) | Red Hat | RHEL sysadmin | RHEL only | Hands-on |
| RHCE (EX294) | Red Hat | Ansible automation | RHEL only | Hands-on |
| LPIC-1 (101+102) | LPI | General Linux admin | Distro-neutral | Multiple choice + fill-in |
| LPIC-2 (201+202) | LPI | Advanced admin | Distro-neutral | Multiple choice + fill-in |
| LFCS | Linux Foundation | Sysadmin | Ubuntu or CentOS (choose) | Hands-on |
| LFCE | Linux Foundation | Engineer | Ubuntu or CentOS (choose) | Hands-on |
LFCS is the closest Debian-family equivalent to RHCSA — it's hands-on and lets you choose Ubuntu as your exam environment.
Timeline: LPI was founded in 1999, making LPIC-1 one of the oldest vendor-neutral Linux certifications. The Linux Foundation launched LFCS in 2014 as a hands-on alternative to LPIC's multiple-choice format, explicitly modeled on Red Hat's practical exam style.
LFCS Exam Domains¶
1. Essential Commands (25%)¶
# File operations
cp, mv, rm, mkdir, rmdir, touch, ln
find / -name "*.conf" -mtime -7
find / -type f -size +100M
locate filename # uses updatedb database
# Archiving
tar czf archive.tar.gz /path/
tar xzf archive.tar.gz
tar tjf archive.tar.bz2 # list contents
# File permissions
chmod 755 script.sh
chmod u+x,g-w,o-r file
chown user:group file
chown -R user:group dir/
# Special permissions
chmod u+s binary # setuid
chmod g+s directory # setgid
chmod +t /tmp # sticky bit
# ACLs
setfacl -m u:alice:rwx file
setfacl -m g:devs:rx directory
getfacl file
setfacl -x u:alice file # remove
setfacl -b file # remove all ACLs
# Text processing
grep -r "pattern" /path/
grep -E "regex|pattern" file
sed 's/old/new/g' file
sed -i 's/old/new/g' file # in-place
awk '{print $1, $3}' file
cut -d: -f1 /etc/passwd
sort file | uniq -c | sort -rn
wc -l file
diff file1 file2
tee file # read stdin, write to stdout AND file
# I/O Redirection
command > file # stdout to file (overwrite)
command >> file # stdout to file (append)
command 2> file # stderr to file
command &> file # stdout + stderr to file
command1 | command2 # pipe stdout to next command
command < file # stdin from file
Remember: Mnemonic for special permission bits: "Suid-Sgid-sTicky = SST = 4-2-1" — same pattern as rwx. setuid=4, setgid=2, sticky=1. So
chmod 4755means setuid + rwxr-xr-x.
2. Operation of Running Systems (20%)¶
# Process management
ps aux
ps -ef
top / htop
kill PID
kill -9 PID # SIGKILL (force)
kill -HUP PID # reload config
killall processname
pkill -f "pattern"
nice -n 10 command # start with lower priority
renice -n 5 PID # change priority
# systemd
systemctl start/stop/restart/reload service
systemctl enable/disable service
systemctl status service
systemctl list-units --type=service
systemctl list-unit-files --state=enabled
systemctl mask service # prevent starting
systemctl unmask service
systemctl get-default # current target
systemctl set-default multi-user.target
systemctl isolate rescue.target
# Journald
journalctl -u nginx
journalctl -u nginx --since "1 hour ago"
journalctl -p err # priority: emerg, alert, crit, err, warning
journalctl -b # current boot
journalctl -b -1 # previous boot
journalctl --disk-usage
# Boot process
# BIOS/UEFI → GRUB2 → kernel + initramfs → systemd → target
# GRUB2
cat /etc/default/grub
sudo update-grub # Debian/Ubuntu
sudo grub2-mkconfig -o /boot/grub2/grub.cfg # RHEL
# Scheduling
crontab -e # edit user crontab
crontab -l # list
sudo crontab -u alice -e # edit another user's
# Cron format: min hour dom month dow command
# */5 * * * * /path/to/script.sh
# 0 2 * * 0 /weekly-backup.sh
at now + 5 minutes <<< "/path/to/script.sh" # one-time job
3. User and Group Management (15%)¶
# Create/modify users
useradd -m -s /bin/bash -G sudo alice
useradd -r -s /sbin/nologin serviceuser # system account
usermod -aG docker alice # add to group
usermod -L alice # lock account
usermod -U alice # unlock account
userdel -r alice # remove + home dir
# Passwords
passwd alice
chage -l alice # password aging info
chage -M 90 alice # max password age 90 days
chage -E 2025-12-31 alice # account expiration
# Groups
groupadd developers
groupmod -n newname oldname
groupdel groupname
gpasswd -a alice developers # add user to group
gpasswd -d alice developers # remove user from group
# Files
/etc/passwd # user accounts
/etc/shadow # password hashes
/etc/group # group memberships
/etc/gshadow # group passwords
/etc/login.defs # login defaults
/etc/skel/ # skeleton for new home dirs
# PAM
/etc/pam.d/ # PAM configuration
/etc/security/limits.conf # resource limits
# sudo
visudo # edit sudoers safely
/etc/sudoers.d/ # drop-in sudo rules
alice ALL=(ALL) NOPASSWD: ALL
%developers ALL=(ALL) /usr/bin/systemctl restart nginx
4. Networking (15%)¶
# Interface configuration
ip addr show
ip link show
ip route show
ip -s link show eth0 # statistics
# DNS
dig example.com
nslookup example.com
host example.com
cat /etc/resolv.conf
cat /etc/hosts
systemd-resolve --status # or resolvectl
# Connectivity
ping host
traceroute host
mtr host # combined ping + traceroute
ss -tlnp # listening TCP sockets
ss -ulnp # listening UDP sockets
ss -s # socket statistics
curl -v http://example.com
wget http://example.com/file
# Network config (Ubuntu)
cat /etc/netplan/*.yaml
sudo netplan apply
# Network config (Debian)
cat /etc/network/interfaces
sudo ifup eth0
sudo ifdown eth0
# Hostname
hostnamectl set-hostname server01
hostname -f
# Firewall (Ubuntu)
sudo ufw status
sudo ufw allow 22/tcp
sudo ufw enable
# Firewall (raw iptables — exam may test this)
sudo iptables -L -n -v
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
sudo iptables -P INPUT DROP
sudo iptables-save > /etc/iptables/rules.v4
5. Storage Management (15%)¶
# Disk info
lsblk
fdisk -l
blkid
df -h
du -sh /path/
# Partitioning
sudo fdisk /dev/sdb # MBR
sudo gdisk /dev/sdb # GPT
sudo parted /dev/sdb
# Filesystems
sudo mkfs.ext4 /dev/sdb1
sudo mkfs.xfs /dev/sdb1
sudo tune2fs -l /dev/sdb1 # ext4 info
sudo xfs_info /dev/sdb1 # xfs info
# Mount
sudo mount /dev/sdb1 /mnt/data
sudo umount /mnt/data
cat /etc/fstab
# fstab entry
# /dev/sdb1 /mnt/data ext4 defaults 0 2
# UUID=xxx /mnt/data xfs defaults 0 0
# LVM
sudo pvcreate /dev/sdb
sudo vgcreate datavg /dev/sdb
sudo lvcreate -L 5G -n datalv datavg
sudo mkfs.ext4 /dev/datavg/datalv
sudo mount /dev/datavg/datalv /mnt/data
# Extend LVM
sudo lvextend -L +2G /dev/datavg/datalv
sudo resize2fs /dev/datavg/datalv # ext4
sudo xfs_growfs /mnt/data # xfs
# Swap
sudo mkswap /dev/sdb2
sudo swapon /dev/sdb2
sudo swapoff /dev/sdb2
free -h
cat /proc/swaps
# RAID (software)
sudo mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb /dev/sdc
cat /proc/mdstat
sudo mdadm --detail /dev/md0
6. Service Configuration (10%)¶
# SSH
/etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
PubkeyAuthentication yes
sudo systemctl restart sshd
# DNS client
/etc/resolv.conf
/etc/hosts
/etc/nsswitch.conf
# NTP / time
timedatectl
timedatectl set-timezone America/New_York
sudo timedatectl set-ntp true # enable chrony/systemd-timesyncd
chronyc sources -v
# HTTP (Apache on Debian)
sudo apt install apache2
sudo a2ensite mysite.conf
sudo a2enmod rewrite ssl
sudo a2dissite 000-default.conf
sudo systemctl reload apache2
# Config: /etc/apache2/sites-available/
# HTTP (Nginx on Debian)
sudo apt install nginx
sudo ln -s /etc/nginx/sites-available/mysite /etc/nginx/sites-enabled/
sudo nginx -t # test config
sudo systemctl reload nginx
# Logging
/var/log/syslog # Debian
/var/log/messages # RHEL
/var/log/auth.log # Debian auth
/var/log/secure # RHEL auth
/var/log/kern.log # kernel
/var/log/dmesg # boot messages
# rsyslog
/etc/rsyslog.conf
/etc/rsyslog.d/*.conf
# local6.* /var/log/myapp.log
# logrotate
/etc/logrotate.conf
/etc/logrotate.d/
LPIC-1 Additional Topics¶
LPIC-1 covers some topics LFCS doesn't emphasize:
Hardware and Boot¶
# Hardware info
lspci
lsusb
lscpu
lsblk
dmidecode
cat /proc/cpuinfo
cat /proc/meminfo
# Kernel modules
lsmod
modprobe module_name
modprobe -r module_name # remove
modinfo module_name
/etc/modules-load.d/ # auto-load at boot
# Boot loader
update-grub # Debian/Ubuntu
grub2-mkconfig # RHEL
/etc/default/grub # GRUB defaults
Shell Scripting (Tested on Both LPIC-1 and LFCS)¶
#!/bin/bash
set -euo pipefail
# Variables
NAME="world"
echo "Hello, $NAME"
# Conditionals
if [[ -f /etc/passwd ]]; then
echo "File exists"
elif [[ -d /tmp ]]; then
echo "Directory exists"
fi
# Loops
for host in web1 web2 web3; do
ping -c 1 "$host" && echo "$host is up"
done
while read -r line; do
echo "Line: $line"
done < /etc/hosts
# Functions
backup() {
local src="$1"
tar czf "${src##*/}-$(date +%Y%m%d).tar.gz" "$src"
}
# Exit codes
command_that_might_fail || {
echo "Failed!" >&2
exit 1
}
X Window / Desktop (LPIC-1 Only)¶
# Display manager
systemctl status gdm # GNOME
systemctl status lightdm # Ubuntu/Xfce
systemctl status sddm # KDE
# X forwarding
ssh -X user@remote
export DISPLAY=:0
# Wayland check
echo $XDG_SESSION_TYPE # x11 or wayland
Exam Tips¶
LFCS (Hands-On)¶
- Choose Ubuntu if you're more comfortable with Debian-family
- Know vim basics — you will need to edit files
- Practice with systemd — it's on every modern distro
- Know both iptables AND ufw — exam may test either
- Time management: 2 hours, ~25 tasks. Don't get stuck
- man pages are available — use them
- Verify your work after each task
LPIC-1 (Multiple Choice + Fill-In)¶
- Memorize exact command flags — fill-in-the-blank requires precision
- Know both Debian AND RHEL tools — the exam is distro-neutral
- Study the weight of each topic — focus on high-weight areas
- Use practice exams — the question format matters
- Two exams required: 101-500 AND 102-500
Interview tip: Both LFCS and LPIC-1 are respected but serve different purposes on a resume. LFCS proves you can do the work (hands-on). LPIC-1 proves you know the theory (multiple choice). If you can only take one, LFCS is more credible for operations roles because the exam format matches the job.
Wiki Navigation¶
Prerequisites¶
- Linux Ops (Topic Pack, L0)
- Debian & Ubuntu Ecosystem (Topic Pack, L1)
Related Content¶
- Linux Ops (Topic Pack, L0) — Bash / Shell Scripting, Linux Fundamentals, systemd
- RHCE (EX294) Exam Preparation (Topic Pack, L2) — Bash / Shell Scripting, Linux Fundamentals, systemd
- Advanced Bash for Ops (Topic Pack, L1) — Bash / Shell Scripting, Linux Fundamentals
- Bash Exercises (Quest Ladder) (CLI) (Exercise Set, L0) — Bash / Shell Scripting, Linux Fundamentals
- Cron & Job Scheduling (Topic Pack, L1) — Bash / Shell Scripting, systemd
- Deep Dive: Linux Boot Sequence (deep_dive, L2) — Linux Fundamentals, systemd
- Deep Dive: Systemd Architecture (deep_dive, L2) — Linux Fundamentals, systemd
- Deep Dive: Systemd Timers Journald Cgroups and Resource Control (deep_dive, L2) — Linux Fundamentals, systemd
- Environment Variables (Topic Pack, L1) — Bash / Shell Scripting, Linux Fundamentals
- Linux Boot Process (Topic Pack, L1) — Linux Fundamentals, systemd