Week 2 – Linux System Administration & Automation

Welcome to Week 2 of the 90DaysOfDevOps – 2025 Edition! Whether you’re new to Linux or already familiar, this blog will guide you through Linux system administration and automation in the simplest way possible. 🖥️⚡

📌 What This Week Covered

This week’s tasks were designed to simulate real-world Linux system administration:

  1. User & group management

  2. File & directory permissions

  3. Log file analysis with grep, awk, and sed

  4. Volume management & disk usage

  5. Process monitoring & control

  6. Backup automation using shell scripting & cron


✅ Hands-On Implementation

1️⃣ User & Group Management

Think of your Linux system like a building with different rooms and access levels.

  • Users (/etc/passwd): Imagine each "user" is a person in this building.

    • Creating a user (sudo useradd devops_user): (Look at the first panel of the image, where a single character appears.) This is like a new person being invited into the building. The sudo useradd devops_user command creates a new account for 'devops_user' on the system.
  • Groups (/etc/group): Now, think of "groups" as teams or departments within the building.

    • Creating a group (sudo groupadd devops_team): (Look at the second panel, where a group of characters forms.) This is like forming a new team, 'devops_team', in our building.
  • Adding Users to Groups:

    • Adding a user to a group (sudo usermod -aG devops_team devops_user): (See the third panel, where the single character joins the group.) Our 'devops_user' now joins the 'devops_team'. The usermod command modifies the user, and -aG means "append to Group," so they become a member of 'devops_team'. This helps manage permissions easily – instead of giving access to each person, you give it to the team!
  • Setting Passwords:

    • Setting a password (sudo passwd devops_user): (Check out the fourth panel, where a key or lock appears next to the user.) Just like each person needs a key or code to enter certain rooms, the passwd command sets a password for 'devops_user', securing their account.
  • Giving Sudo Access:

    • Giving sudo access (sudo usermod -aG sudo devops_user): (Look at the fifth panel, where the user character gets a shield or 'power-up'.) This is like giving 'devops_user' a special "master key" or "admin pass" that lets them temporarily do anything in the building (run commands as root) when they need to, by using the sudo command before their action. They still use their own password to activate this power.

Restrict SSH login for certain users:

Imagine you have a specific entrance (SSH login) to your building, and you want to prevent certain people from using it.

  • sudo nano /etc/ssh/sshd_config: This command opens the configuration file for the SSH server, which is like the rules manual for that specific entrance.

  • Add: DenyUsers test_user: By adding this line, you're telling the system, "Do not let 'test_user' log in via SSH."

  • sudo systemctl restart sshd: After changing the rules, you need to restart the security system for the entrance (SSH daemon) so the new rules take effect.

Steps I performed:

# Create user and group
sudo useradd devops_user
sudo groupadd devops_team

# Add user to group
sudo usermod -aG devops_team devops_user

# Set password
sudo passwd devops_user

# Give sudo access
sudo usermod -aG sudo devops_user

Restrict SSH login for certain users:

sudo nano /etc/ssh/sshd_config
# Add:
DenyUsers test_user
sudo systemctl restart sshd

2️⃣ File & Directory Permissions

Created a secure workspace directory:

mkdir /devops_workspace
touch /devops_workspace/project_notes.txt

Set permissions:

chmod 640 /devops_workspace/project_notes.txt
ls -l /devops_workspace/project_notes.txt
  • Owner: Read & write

  • Group: Read only

  • Others: No access


3️⃣ Log File Analysis (grep, awk, sed)

Logs are crucial for troubleshooting and monitoring.

Downloaded the log file:

wget https://raw.githubusercontent.com/logpai/loghub/master/Linux/Linux_2k.log

Extracted insights:

# Find errors
grep "error" Linux_2k.log

# Extract timestamps & log levels
awk '{print $1, $2, $3}' Linux_2k.log | head

# Replace IP addresses for security
sed -E 's/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+/[REDACTED]/g' Linux_2k.log > sanitized.log

# Find most frequent log entries
awk '{print $5}' Linux_2k.log | sort | uniq -c | sort -nr | head -10

Imagine your log file is a giant, ancient scroll filled with messages. To understand it, you call in a team of specialists:

  • The Detective (grep): With his trusty magnifying glass, he scans the entire scroll to find specific clues you ask for. In this case, he's hunting for every mention of the word "error" to quickly find problems.

  • The Librarian (awk): She is a master organizer. She doesn't read the whole message, but neatly cuts out specific columns of information you need, like the timestamp and log level, and arranges them for you.

  • The Security Guard (sed): His job is to protect sensitive information. He goes through the scroll and uses his "[REDACTED]" stamp to block out private data like IP addresses, making the log safe to share.

  • The Analyst (awk, sort, uniq): This expert looks for patterns. He takes a specific part of each log entry, counts how many times each one appears, and creates a Top-10 chart to show you the most frequent messages, helping you spot what's happening most often on your system.


4️⃣ Volume Management & Disk Usage

Steps:

mkdir /mnt/devops_data

# Simulate mounting a volume (using loop device)
sudo mount /dev/loop0 /mnt/devops_data

# Verify
df -h | grep devops_data
mount | grep devops_data

5️⃣ Process Management & Monitoring

Start a background process:

ping google.com > ping_test.log &

Monitor processes:

ps aux | grep ping
top
htop

Kill process:

kill <PID>

6️⃣ Backup Automation with Shell Script

Created a backup script:

#!/bin/bash
mkdir -p /backups
tar -czf /backups/backup_$(date +%F).tar.gz /devops_workspace
echo -e "\e[32mBackup completed successfully!\e[0m"

Make executable & schedule:

chmod +x backup.sh
crontab -e
# Run daily at midnight:
0 0 * * * /path/to/backup.sh

📝 Summary of Week 2

✅ Managed Linux users, groups & SSH access
✅ Set secure file & directory permissions
✅ Analyzed logs using grep, awk, sed
✅ Practiced volume mounting & disk checks
✅ Monitored and killed background processes
✅ Automated backups with shell scripts & cron jobs


📢 Final Thoughts

Linux administration builds the foundation for DevOps.
Strong command-line skills in user management, logs, processes, and automation make server management much easier.

💡 Tip: Learn it once, and you’ll use it for your entire DevOps career.


📤 Connect With Me

Blog Series: https://hashnode.com/@VaishnaviTandekar
GitHub Repo: 90DaysOfDevOps
#90DaysOfDevOps #Linux #SysAdmin #DevOpsBeginner


0
Subscribe to my newsletter

Read articles from Vaishnavi Tandekar directly inside your inbox. Subscribe to the newsletter, and don't miss out.

Written by

Vaishnavi Tandekar
Vaishnavi Tandekar

Hey there! I’m Vaishnavi 👋 Learning DevOps step by step 🛠️ Writing what I learn so no one learns alone ✨