LPIC / LFCS — Street Ops¶
Exam-ready patterns organized by domain.
Essential Commands Speed Run¶
# Find files modified in the last 24 hours
find / -type f -mtime -1 2>/dev/null
# Find files larger than 100MB
find / -type f -size +100M 2>/dev/null
# Find files owned by a specific user
find / -user alice -type f 2>/dev/null
# Find files with SUID set
find / -perm -4000 -type f 2>/dev/null
# Find and delete (careful!)
find /tmp -type f -name "*.tmp" -mtime +7 -delete
# Complex find with exec
find /var/log -name "*.log" -exec gzip {} \;
# Archive patterns
tar czf backup.tar.gz /etc/ /home/ # create gzipped
tar cjf backup.tar.bz2 /etc/ # create bzip2
tar xzf backup.tar.gz -C /restore/ # extract to dir
tar tzf backup.tar.gz # list contents
# Soft vs hard links
ln -s /path/to/target symlink # soft link
ln /path/to/target hardlink # hard link
# Hard links: same inode, survive target rename/move
# Soft links: point to path, break if target removed
Remember: Hard links cannot cross filesystem boundaries and cannot link to directories. Soft links can do both. Mnemonic: Hard links are married to the inode, soft links are just following a name tag.
Default trap:
find / -perm -4000finds SUID binaries, which is a common exam and security audit task. The-before4000means "at least these bits set." Without the-, it means "exactly these bits" — which would miss files that also have other permission bits set.
User Management Patterns¶
# Create user with full options
sudo useradd -m -s /bin/bash -c "Alice Smith" -G sudo,docker alice
echo "alice:TempP@ss123" | sudo chpasswd
sudo chage -d 0 alice # force password change on login
# Create system account (no login, no home)
sudo useradd -r -s /sbin/nologin -c "App Service" appuser
# Lock/unlock
sudo usermod -L alice # lock (prepends ! to password hash)
sudo usermod -U alice # unlock
# Set password expiry
sudo chage -M 90 -W 7 -I 14 alice
# -M: max days between changes (90)
# -W: warning days before expiry (7)
# -I: inactive days after expiry before lock (14)
# Skeleton directory (template for new users)
ls /etc/skel/
# Add files here → copied to every new user's home
Storage Workflow¶
Standard Partition → Filesystem → Mount¶
# 1. Create partition
sudo fdisk /dev/sdb
# n → new, p → primary, accept defaults, w → write
# 2. Create filesystem
sudo mkfs.ext4 /dev/sdb1
# 3. Create mount point
sudo mkdir -p /mnt/data
# 4. Mount
sudo mount /dev/sdb1 /mnt/data
# 5. Persist in fstab (use UUID!)
UUID=$(blkid -s UUID -o value /dev/sdb1)
echo "UUID=$UUID /mnt/data ext4 defaults 0 2" | sudo tee -a /etc/fstab
# 6. Verify fstab
sudo mount -a # test all fstab entries
Gotcha: If you use
/dev/sdb1in fstab instead ofUUID=..., disk names can shuffle after adding or removing drives. UUID persists across reboots regardless of disk order. Always use UUIDs in fstab.
LVM Workflow¶
# 1. Physical volume
sudo pvcreate /dev/sdb /dev/sdc
sudo pvs # verify
# 2. Volume group
sudo vgcreate datavg /dev/sdb /dev/sdc
sudo vgs # verify
# 3. Logical volume
sudo lvcreate -L 10G -n datalv datavg
sudo lvs # verify
# 4. Filesystem + mount
sudo mkfs.xfs /dev/datavg/datalv
sudo mkdir /mnt/data
sudo mount /dev/datavg/datalv /mnt/data
# 5. Extend later
sudo lvextend -L +5G /dev/datavg/datalv
sudo xfs_growfs /mnt/data # xfs
# or: sudo resize2fs /dev/datavg/datalv # ext4
Networking Patterns¶
Static IP (Ubuntu/Netplan)¶
# /etc/netplan/01-config.yaml
network:
version: 2
ethernets:
ens160:
addresses: [192.168.1.100/24]
routes:
- to: default
via: 192.168.1.1
nameservers:
addresses: [8.8.8.8]
iptables Rules (Exam Tested)¶
# Allow SSH
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
# Allow HTTP/HTTPS
sudo iptables -A INPUT -p tcp --dport 80 -j ACCEPT
sudo iptables -A INPUT -p tcp --dport 443 -j ACCEPT
# Allow established connections
sudo iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
# Allow loopback
sudo iptables -A INPUT -i lo -j ACCEPT
# Default deny
sudo iptables -P INPUT DROP
# Save (Debian/Ubuntu)
sudo apt install iptables-persistent
sudo netfilter-persistent save
# List rules
sudo iptables -L -n -v --line-numbers
# Delete a rule by number
sudo iptables -D INPUT 3
Service Configuration Patterns¶
Apache Virtual Host (Debian)¶
# Create vhost
sudo tee /etc/apache2/sites-available/mysite.conf <<EOF
<VirtualHost *:80>
ServerName mysite.example.com
DocumentRoot /var/www/mysite
ErrorLog \${APACHE_LOG_DIR}/mysite-error.log
CustomLog \${APACHE_LOG_DIR}/mysite-access.log combined
</VirtualHost>
EOF
# Enable and reload
sudo a2ensite mysite.conf
sudo systemctl reload apache2
Nginx Server Block (Debian)¶
sudo tee /etc/nginx/sites-available/mysite <<EOF
server {
listen 80;
server_name mysite.example.com;
root /var/www/mysite;
index index.html;
}
EOF
sudo ln -s /etc/nginx/sites-available/mysite /etc/nginx/sites-enabled/
sudo nginx -t && sudo systemctl reload nginx
LFCS Time Management¶
| Domain | Weight | Estimated Time |
|---|---|---|
| Essential Commands | 25% | 30 min |
| Running Systems | 20% | 25 min |
| User/Group Management | 15% | 15 min |
| Networking | 15% | 20 min |
| Storage | 15% | 20 min |
| Service Configuration | 10% | 10 min |
Total: 2 hours. Save 10 minutes to review.
Remember: On the LFCS exam, the environment is a live system — not multiple choice. Read every question twice before typing. A
rm -rfon the wrong path has no undo. Mnemonic for iptables rule order: LAED — Loopback first, Allow established, Explicit allows, Default deny last.