Linux

Linux is a treasure trove of powerful tools, many of which remain undiscovered by casual users. While staples like grep, awk, sed, and top dominate tutorials and guides, there's a second layer of utilities—lesser-known yet immensely powerful—that can dramatically improve your daily efficiency and control over your system.

In this article, we dive into 10 underrated Linux tools that can help you streamline your workflow, improve productivity, and unlock new levels of system mastery. Whether you’re a developer, sysadmin, or Linux hobbyist, these tools deserve a place in your arsenal.

1. fd: Find Files Fast with Simplicity

The traditional find command is incredibly powerful but notoriously verbose and complex. Enter fd, a modern, user-friendly alternative.

• Cleaner syntax (fd pattern instead of find . -name pattern)

• Recursive by default

• Colorized output

• Ignores .gitignore files for cleaner results

fd ".conf"

Finds all files containing .conf in the name, starting from the current directory.

Quickly locate configuration files, scripts, or assets without navigating nested directories or crafting complex expressions.

2. bat: cat on Steroids

bat is a drop-in replacement for cat with superpowers. It adds syntax highlighting, Git integration, and line numbers to your file viewing experience.

• Syntax highlighting for dozens of languages

• Git blame annotations

• Works as a pager with automatic line wrapping

bat /etc/ssh/sshd_config

You’ll get a beautifully highlighted and numbered output, much easier to parse than with cat.

Perfect for reading scripts, configs, and logs with visual clarity—especially helpful during debugging or code reviews.

3. ripgrep: Blazing-Fast Text Search

Also known as rg, ripgrep is a command-line search tool that recursively searches your current directory for a regex pattern, similar to grep—but much faster and more intuitive.

Introduction: The Rise of the Maker Revolution

Over the last decade, the open-source movement has not only transformed the world of software, but also catalyzed a sweeping revolution in hardware tinkering. At the heart of this shift lies a convergence of accessible microcomputers like the Raspberry Pi and microcontrollers like Arduino—each supercharged by the robust ecosystem of Linux. This combination offers hobbyists, engineers, and creators a versatile, low-cost, and endlessly customizable toolkit for automating their homes, collecting environmental data, and even experimenting with artificial intelligence at the edge.

This article serves as your dive into the world of Linux-based DIY automation. Whether you're looking to build a smart garden, a weather station, or simply learn how to use Bash scripts to control physical components, you're in for a journey that fuses digital logic with real-world interaction.

Understanding the Core Platforms

The Raspberry Pi is a credit card-sized computer capable of running full-fledged Linux distributions such as Raspberry Pi OS, Ubuntu, or even lightweight server OSes like DietPi. It features a Broadcom SoC, USB ports, HDMI output, Ethernet, Wi-Fi, and a 40-pin GPIO header for interfacing with sensors, relays, and other peripherals.

Key Features:

• Runs full Linux OSes.

• Offers Python, C/C++, and shell scripting environments.

• Suitable for tasks requiring networking, databases, file systems, and multimedia.

Use Cases:

• Home automation hub.

• Data logging and processing.

• Media streaming and game emulation.

Arduino, by contrast, is not a full computer but a microcontroller. Devices like the Arduino Uno or Nano excel at reading analog sensors, controlling motors, and maintaining precise timing. They are programmed using the Arduino IDE, which runs on Linux, Windows, and macOS.

Key Features:

• Real-time control of electronic components.

• Lightweight and low-power.

• Supports C/C++ with a vast array of libraries.

Use Cases:

• Reading temperature, humidity, motion sensors.

• Driving LEDs, motors, and servos.

• Reliable execution of small, repeatable tasks.

Setting Up a DIY Linux Development Environment

1. Download Raspberry Pi Imager from raspberrypi.com.

In an era where cyber threats are evolving rapidly, securing Linux systems goes far beyond basic user permissions. Traditional security mechanisms like Discretionary Access Control (DAC) offer limited safeguards against privilege escalation, compromised applications, and insider threats. To address these limitations, Security-Enhanced Linux (SELinux) offers a powerful, fine-grained framework for Mandatory Access Control (MAC) — and it's not just for Red Hat-based distributions anymore.

In this article, we'll explore how to integrate SELinux into Debian, one of the most widely used and respected GNU/Linux distributions. We'll break down its architecture, setup procedures, policy management, and troubleshooting techniques. Whether you're running a mission-critical server or seeking to harden your desktop environment, this guide will show you how SELinux can elevate your system security to enterprise-grade standards.

Understanding the Foundations of SELinux

SELinux is a kernel security module initially developed by the United States National Security Agency (NSA) in collaboration with the open-source community. It introduces the concept of mandatory access controls by enforcing policy-based rules that strictly define how processes and users can interact with files, directories, sockets, and devices.

Unlike DAC, where file owners control access, MAC policies are imposed by the system administrator and enforced by the kernel, regardless of user ownership or permissions.

• Subjects: Active entities (usually processes).

• Objects: Passive entities (like files, directories, devices).

• Contexts: Security labels assigned to subjects and objects.

• Types/Domains: Used to define access rules and behavior.

• Policies: Written rulesets that determine access control logic.

• Enforcing: SELinux policies are applied and violations are blocked.

• Permissive: Policies are not enforced, but violations are logged.

• Disabled: SELinux is turned off entirely.

SELinux on Debian: A Reality Check

Debian has traditionally favored AppArmor for its simplicity and ease of integration. However, SELinux support is fully present in Debian’s repositories. As of Debian 12 (Bookworm) and later, integrating SELinux is more streamlined and better documented than ever.

Introduction

In today's fast-paced IT environments, performance, reliability, and scalability are critical factors that determine the effectiveness of a network. Advanced Linux networking techniques such as VLAN trunking, interface bonding, and Quality of Service (QoS) are key tools in the hands of system administrators and network engineers who aim to build robust and efficient systems. Whether you're managing a data center, configuring high-availability clusters, or optimizing bandwidth for critical services, these technologies provide the foundation for high-performance networking on Linux.

This article explores each of these advanced networking capabilities, explaining their benefits, configurations, and practical use cases. By the end, you will have a comprehensive understanding of how to implement VLANs, bonding, and QoS effectively on your Linux systems.

Understanding VLAN Trunking in Linux

Virtual LANs (VLANs) allow the segmentation of a physical network into multiple logical networks. VLAN trunking is the process of transporting multiple VLANs over a single network link—typically between switches or between a switch and a server. This allows a single network interface card (NIC) to handle traffic for multiple VLANs, optimizing resource usage and simplifying cabling.

Trunking is crucial in virtualized environments where multiple virtual machines (VMs) or containers need to reside in separate VLANs for security or organizational reasons.

• Isolation: Separates traffic for security and compliance.

• Efficiency: Reduces the number of physical interfaces needed.

• Scalability: Makes it easy to add or modify VLANs without physical changes.

Linux supports VLANs natively via the kernel module 8021q. The modern toolset uses the ip command from the iproute2 package for configuration. Older systems may use the vconfig utility, though it's now deprecated.

Ensure the module is loaded:

sudo modprobe 8021q

Use the ip command:

sudo ip link add link eth0 name eth0.10 type vlan id 10 sudo ip addr add 192.168.10.1/24 dev eth0.10 sudo ip link set dev eth0.10 up

On Ubuntu (netplan):

Bash scripting is often seen as a convenient tool for automating repetitive tasks, managing simple file operations, or orchestrating basic system utilities. But beneath its surface lies a trove of powerful features that allow for complex logic, high-performance workflows, and robust script behavior. In this article, we’ll explore the lesser-known but incredibly powerful techniques that take your Bash scripting from basic automation to professional-grade tooling.

Mastering Arrays for Structured Data

Bash supports both indexed arrays (traditional, numeric indexes) and associative arrays (key-value pairs), which are ideal for structured data manipulation.

# Indexed array fruits=("apple" "banana" "cherry") # Associative array declare -A user_info user_info[name]="Alice" user_info[role]="admin"

# Indexed for fruit in "${fruits[@]}"; do echo "Fruit: $fruit" done # Associative for key in "${!user_info[@]}"; do echo "$key: ${user_info[$key]}" done

Use Case: Managing dynamic options or storing configuration mappings, such as service port numbers or user roles.

Indirect Expansion and Parameter Indirection

Ever needed to reference a variable whose name is stored in another variable? Bash allows this with indirect expansion using the ${!var} syntax.

user1="Alice" user2="Bob" var="user1" echo "User: ${!var}" # Outputs: Alice

Use Case: When parsing dynamically named variables from a configuration or runtime-generated context.

Process Substitution: Piping Like a Pro

Process substitution enables a command’s output to be treated as a file input for another command.

diff <(ls /etc) <(ls /var)

Instead of creating temporary files, this technique allows on-the-fly data streaming into commands that expect filenames.

Use Case: Comparing outputs of two commands, feeding multiple inputs to grep, diff, or custom processors.

Using Traps for Cleanup and Signal Handling

Traps let you capture signals (like script termination or interruption) and execute custom handlers.

temp_file=$(mktemp) trap "rm -f $temp_file" EXIT # Do something with $temp_file

Common signals:

• EXIT: Always triggered when the script ends

• ERR: Triggered on any command failure (with set -e)

• INT: Triggered by Ctrl+C

Use Case: Cleaning up temporary files, resetting terminal states, or notifying external systems on exit.

In an age where data breaches and cyber threats are growing both in frequency and sophistication, securing your Linux system is more important than ever. Ubuntu, one of the most popular Linux distributions, comes with a powerful security tool that many users overlook — AppArmor. Designed to provide a robust layer of defense, AppArmor enhances Ubuntu's built-in security model by confining programs with access control profiles.

This article will walk you through the ins and outs of AppArmor, explain why it's a crucial part of a hardened Ubuntu system, and teach you how to leverage it to protect your environment.

Understanding AppArmor: What It Is and Why It Matters

AppArmor (Application Armor) is a Mandatory Access Control (MAC) system that supplements the traditional Discretionary Access Control (DAC) provided by Linux file permissions. While DAC relies on user and group ownership for access control, MAC goes a step further by enforcing rules that even privileged users must obey.

AppArmor operates by loading security profiles for individual applications, specifying exactly what files, capabilities, and system resources they are allowed to access. This approach prevents compromised or misbehaving applications from harming the rest of the system.

While SELinux (Security-Enhanced Linux) is another MAC system popular on Red Hat-based distributions, AppArmor is often preferred in Ubuntu environments for its ease of use, human-readable syntax, and simple profile management. Where SELinux can be daunting and complex, AppArmor offers a more user-friendly approach to strong security.

Core Concepts of AppArmor

Before diving into how to use AppArmor, it's important to understand its core concepts:

A profile is a set of rules that define what an application can and cannot do. These are usually stored in the /etc/apparmor.d/ directory and loaded into the kernel at runtime.

• Enforce: The profile is actively enforced, and actions outside the defined rules are blocked.

• Complain: The profile logs rule violations but doesn’t enforce them, which is useful for debugging.

Profiles specify permissions for:

• File access (read, write, execute)

• Capabilities (e.g., net_admin, sys_admin)

• Network operations

• Signals and inter-process communications

Ubuntu has long relied on APT and DEB packages for software management, with Snap becoming increasingly prevalent in recent releases. However, a third contender has risen to prominence in the Linux world: Flatpak. Designed as a universal software packaging and distribution framework, Flatpak offers a fresh, sandboxed approach to application management that works seamlessly across distributions. In this article, we’ll dive into how to manage software with Flatpak on Ubuntu, providing everything you need to get started, optimize your workflow, and compare it with existing solutions.

What is Flatpak?

Flatpak is a modern application packaging system developed by the Free Desktop Project. Its goal is to enable the distribution of desktop applications in a sandboxed environment, ensuring greater security, consistency, and compatibility across Linux distributions.

• Cross-distribution compatibility: A single Flatpak package works on any Linux distribution with Flatpak support.

• Sandboxing: Applications run in isolation, reducing the risk of affecting or being affected by other software or the host system.

• Bundle dependencies: Flatpak packages include all necessary dependencies, reducing compatibility issues.

• Version control: Developers can ship and maintain multiple versions easily.

• Storage overhead: Applications may use more disk space due to bundled runtimes.

• Redundancy: Ubuntu users already have Snap, which can lead to confusion or duplication.

Installing Flatpak on Ubuntu

Although Flatpak isn't pre-installed on Ubuntu, setting it up is straightforward.

Open a terminal and run:

sudo apt update sudo apt install flatpak

To integrate Flatpak apps into the Ubuntu Software GUI:

sudo apt install gnome-software-plugin-flatpak

This step allows Flatpak apps to appear alongside APT and Snap apps in GNOME Software.

Restart your session to apply system changes and enable Flatpak integration fully.

Adding the Flathub Repository

Most Flatpak applications are hosted on Flathub, the central repository for Flatpak packages.

To add Flathub:

The Linux boot process is a sequence of events that initializes a Linux system from a powered-off state to a fully operational state. The knowledge of Linux boot process is essential when it comes to technical interviews, but sometimes it becomes difficult to remember or recall the key steps in the process. This article discusses a quick and easy way to remember it - Best Geeks Know It! Yes, you only need to remember that.

Best Geeks Know It -> B – G – K – I -> BIOS – GRUB – KERNEL – INIT

This BGKI acronym provides a high-level overview of the Linux boot process. Each step builds upon the previous one, gradually bringing the system to a fully operational state. Of course, there are more detailed processes within each step, but this simplified version should give you a good foundation for understanding and remembering the Linux boot sequence.

Here's a concise expansion of B-G-K-I:

B - BIOS/UEFI

• Performs Power-On Self-Test (POST)
• Checks hardware: CPU, RAM, storage
• Loads MBR (Master Boot Record) or GPT (GUID Partition Table)
• Transfers control to bootloader

G - GRUB

• Located in first 512 bytes of boot drive
• Reads /boot/grub/grub.conf
• Shows menu with kernel options
• Loads selected kernel + initramfs (temporary root filesystem) into RAM
• Passes boot parameters to kernel
• Can handle multiple OS boot options

K - KERNEL

• Decompresses itself into RAM
• Initializes hardware and drivers
• Mounts root filesystem, loads initramfs
• Sets up memory management
• Starts device detection
• Creates kernel threads

I - INIT (systemd in modern systems)

• PID 1 (first process)
• Reads /etc/inittab (traditional) or unit files (systemd)
• Sets default runlevel/target
• Starts essential services in order:
  • System services
  • Network services
  • Display manager
  • User interface (CLI/GUI)
• Reaches default target state

/boot/grub/grub.conf  - GRUB configuration

/etc/systemd/system/  - systemd unit files

/etc/inittab                  - Init configuration (traditional)