100%
GRIMOIRE
GrimoireDindon CorpusSynthesis VolumesThe Foundation of Iron
FRENAR
RATIO
THE FOUNDATION OF IRON · COURSE MATERIAL · WEEK 9
◆◆◆
LINUX ADMINISTRATION
LEVEL 1
Week 9 of 26 · Block 5 — Bare Metal OS
8h theory · 27h practice
◆ WEEKLY LEARNING OBJECTIVES

1. Install, update and remove packages using the distribution's package manager
2. Understand and manage system services with systemd
3. Create and administer users and groups
4. View and interpret system logs
5. Administer a basic Linux server under near-production conditions

◆◆◆
⚠ WARNING — SHELF LIFE OF VERSIONS REFERENCED HERE

The exact names of package managers, their command-line options, and systemd's precise behaviour can change between distribution versions. The instructor must verify the current syntax on the distribution actually in use at the time of teaching rather than relying solely on the fixed examples in this material.

Amine RAITI · Infrastructure Architect & SRE
Public document · CC BY-NC-SA 4.0 · AI Powered by Amine
Opération Dindon
RATIO
COURSE OUTLINE · 8H
THEORY GUIDING THREAD
9.1 · Package management2h
— A package manager's role: installation, updates, removal, dependency management
— Concept of a repository and a package source
— Difference between a low-level and a high-level package manager (automatic dependency resolution)
9.2 · systemd and service management3h
— systemd's role as a modern init system
— Concept of a service unit: starting, stopping, enabling at boot, checking status
— Creating a simple custom service (unit file)
9.3 · Users and groups2h
— Linux's user/group security model (direct link with the permissions covered in Week 8)
— Creating, modifying, deleting users and groups
— Concept of elevated privileges and controlled escalation
9.4 · System logs1h
— The role of logs in diagnostics: where to look depending on the type of problem
— Method for reading and filtering logs
EXAMPLE TO DEVELOP ON THE BOARD

A service that fails to start properly usually leaves a trace in the system logs explaining the cause of the failure (port already in use, missing configuration file, insufficient permission) — show how to find and read this trace step by step.

RATIO
EXERCISE 1 · PACKAGE AND SERVICE MANAGEMENT · 13H

Equipment: the system installed in Week 8, terminal and internet access (or a provided local repository).

(2h) Full system update using the package manager, installing 3-4 common utility packages (network tools, text editor, basic monitoring tools).
(2h) Searching for packages, checking detailed package information before installation, cleanly removing a test package with proper handling of orphaned dependencies.
(3h) Installing a simple service (a minimal web server or equivalent), starting, stopping, enabling automatic start at boot with systemd, checking its status.
(3h) Creating a custom systemd unit file for a provided simple script, enabling and testing the created service.
(3h) Induced failure exercise: the instructor deliberately introduces a fault into a service's configuration (port already in use, incorrect file path), the trainee must diagnose and fix it using systemd tools and logs.
SOLUTION — EXERCISE 1

Expected structure of the custom unit file: a [Unit] section describing the service, a [Service] section specifying the command to run and the service type, an [Install] section specifying the desired automatic startup level.

Expected diagnosis method for the induced failure exercise: check the service's status to see the error code, then check the service's detailed logs to identify the precise error message, which should point directly to the cause of the introduced fault.

RATIO
EXERCISE 2 · USERS, GROUPS AND LOGS · 14H

Equipment: the system configured in Exercise 1, a provided company scenario (a list of 5 fictitious employees with different roles to create).

(3h) Creating 5 user accounts according to the provided scenario, with initial passwords and correctly configured home directories.
(2h) Creating groups matching the scenario's roles (e.g. "accounting", "technical", "management"), assigning users to the appropriate groups.
(3h) Setting up shared folder permissions: creating a folder accessible only to a given group, verifying that users outside the group cannot access it — direct link with the permissions covered in Week 8.
(2h) Configuring controlled elevated privileges for a specific user (access to certain administrative commands without full administrator access).
(2h) Exploring and filtering system logs related to user logins (successful and failed login attempts).
(2h) Write-up: drafting a simple diagram documenting the user/group/permission organisation put in place.
SOLUTION — EXERCISE 2

Expected check for the shared folder: the group's members should have read/write access, other users none — practical test by logging in with an account outside the group to confirm access is denied.

Expected diagram for the write-up: a simple table or diagram cross-referencing users, group membership, and effective permissions on each folder created during the exercise.

◆ SUMMARY SHEET — WEEK 9 SELF-ASSESSMENT
1. I can cleanly install, update and remove a package.
2. I can start, stop and enable a service at boot with systemd.
3. I can create a simple systemd unit file.
4. I can create and administer users and groups.
5. I can set up shared group-based access permissions.
6. I can configure controlled privilege escalation.
7. I can view and filter system logs.
8. I can diagnose a service failure from the logs.