• Shuffle
    Toggle On
    Toggle Off
  • Alphabetize
    Toggle On
    Toggle Off
  • Front First
    Toggle On
    Toggle Off
  • Both Sides
    Toggle On
    Toggle Off
  • Read
    Toggle On
    Toggle Off
Reading...
Front

Card Range To Study

through

image

Play button

image

Play button

image

Progress

1/138

Click to flip

Use LEFT and RIGHT arrow keys to navigate between flashcards;

Use UP and DOWN arrow keys to flip the card;

H to show hint;

A reads text to speech;

138 Cards in this Set

  • Front
  • Back
filenames can begin with a dot and ....
These socalled dot files are hidden from view by most utilities that display files, so they’re popular for storing configuration files in your home directory.
single dot (.) refers to

filename that consists of a double dot (..) refers to
(.) current dir

(..) refers to the parent directory
Characters enclosed in square brackets ([]) normally match
any character in the set.
For instance, b[ao][lo]k matches balk and book but not buck
For instance, b[a-z]ck matches back, buck, and other four-letter filenames of this form whose second character is a lowercase letter
ls Command
ls [options] [files]

ls command displays the names of files in a directory
ls options
-a
--color
-d
-l
-a or --all parameter displays dot files
--color option produces a color-coded listing that differentiates directories, symbolic links, and so on by displaying them in different colors
-d or --directory parameter changes this behavior to list only the directory name, which is sometimes preferable
-l produces a long listing that includes information such as the file’s permission strin
ls options
-F
-F or --file-type option appends an indicator code to the end of each name so you know what type of file it is. the meanings are as follows:
/ Directory
@ Symbolic link
= Socket
| Pipe
ls options
-R
-R or --recursive option causes ls to display directory contents recursively. That is, if the target directory contains a subdirectory, ls displays both the files in the target directory and the files in its subdirectory
cp Command
copies a file

cp [options] source destination
cp options
-f
-i
-p
-f or --force option forces the system to overwrite any existing files without prompting

-i or --interactive option causes cp to ask you before overwriting any existing files.

-p or --preserve option preserves ownership and permissions, if possible.
cp options
-R
-a
-u
-R or --recursive option and specify a directory as the source, the entire directory, including its subdirectories, is copied.

-a or --archive option is similar to -R, but it also preserves ownership and copies links as is

-u or --update option tells cp to copy the file only if the original is newer than the target or if the target doesn’t exist
ollowing command copies the /etc/fstab configuration file to a backup location in /root, but only if the original /etc/fstab is newer than the existing backup
# cp -u /etc/fstab /root/fstab-backup
mv Command
mv command (short for move) is commonly used both to move files and directories from one location to another and to rename them

mv [options] source destination
mv options
-f
-i
-f or --force option forces the system to overwrite any existing files without prompting

-i or --interactive option causes cp to ask you before overwriting any existing files.
command copies the document.odt file into the important/purchases subdirectory
$ mv document.odt important/purchases/
touch Command
Linux-native filesystems maintain three time stamps for every file:
- Creation time
- Last modification time
- Last access time

touch [options] files

1)By default, touch sets the modification and access times to the current time
2)the specified files don’t already exist, touch creates them as empty files
touch options
-a
-m
-c
-t
-a or --time=atime option causes touch to change the access time alone
-m or --time=mtime option causes touch to change the modification time alone
-c or --no-create option If you don’t want touch to create any files that don’t already exist
-t timestamp option sets the time to the specified timestam
tar Utility
tar program’s name stands for “tape archiver”
tar cmds
--create

--concatenate

--append

--update
abr
--create - c - Creates an archive
--concatenate - A - Appends tar files to an archive
--append - r - Appends non-tar files to an archive
--update - u - Appends files that are newer than those in an archive
tar cmds
--diff or --compare

--list

--extract or --get
abr
--diff or --compare - d - Compares an archive to files on disk
--list - t - Lists an archive’s contents
--extract or --get - x - Extracts files from an archive
tar qualifiers
--directory dir

--file [host:]file

--listed-incremetnal file
abr
--directory dir - C - Changes to directory dir before performing operations
--file [host:]file - f - Uses the file called file on the computer called host as the archive file
--listed-incremental file - g - Performs an incremental backup or restore, using file as a list of previously archived files
tar qualifiers
--one-file-system
--multi-volume
--tape-lenth N
--same-permissions
--one-file-system - l - Backs up or restores only one filesystem (partition)
--multi-volume - M - Creates or extracts a multi-tape archive
--tape-length N - L - Changes tapes after N kilobytes
--same-permissions - p - Preserves all protection information
tar qualifiers
--absolute-paths
--verbose
--verify
--exclude file
--absolute-paths - P - Retains the leading / on filenames
--verbose - v - Lists all files read or extracted; when used
with --list, displays file sizes, ownership, and time stamps
--verify - W - Verifies the archive after writing it
--exclude file - (none) - Excludes file from the archive
tar qualifiers
--exclude-from file
--gzip or --ungzip
--bzip2
--exclude-from file - X - Excludes files listed in file from the archive
--gzip or --ungzip - z - Processes an archive through gzip
--bzip2 - j - Processes an archive through bzip2
archiving and compressing the my-work subdirectory of your home directory to a USB pen drive mounted at /media/pen
$ tar cvfz /media/pen/my-work.tgz ~/my-work
pen drive to another system, mount it at /media/usb, and want
to extract the archive, you can do so with another command
$ tar xvfz /media/usb/my-work.tgz
cpio Utility
cpio program is similar in principle to tar, but the details of its operation differ.
The cpio utility has three operating modes:
Copy-out mode
This mode, activated by use of the -o or --create option, creates an archive and copies files into it.
Copy-in mode
You activate copy-in mode by using the -i or --extract option. This mode extracts data from an existing archive. If you provide a filename or a pattern to match, cpio extracts only the files whose names match the pattern you provide.
Copy-pass mode
This mode is activated by the -p or --pass-through option. It combines the copy-out and copy-in modes, enabling you to copy a directory tree from one location to another.
Options for Use with cpio
--reset-access-time
--append
--pattern-file=filename
--file=filename
--reset-access-time - abbr - -a Resets the access time after reading a file so that it doesn’t appear to have been read.
--append - abbr -A - Appends data to an existing archive.
--pattern-file=filename - abbr. -E filename - Uses the contents of filename as a list of files to be extracted in copy-in mode.
--file=filename - abbr -F filename - Uses filename as the cpio archive file; if this parameter is omitted, cpio uses standard input or output.
Options for Use with cpio
--format=format
-I filename
--no-absolute-filenames
-O filename
--format=format -H format Uses a specified format for the archive file. Common values for format include bin (the default, an old binary format), crc (a newer binary format with a checksum), and tar (the format used by tar).
-I filename Uses the specified filename instead of standard input.
--no-absolute-filename - In copy-in mode, extracts files relative to the current directory, even if filenames in the archive contain full directory paths.
-O filename Uses the specified filename instead of standard output
Options for Use with cpio
--list
--unconditional
--verbose
--list - abbr -t - Displays a table of contents for the input.

--unconditional - abbr -u - Replaces all files without first asking for
verification.

--verbose - abbr -v - Displays filenames as they’re added to or
extracted from the archive. When used with -t, displays additional listing information (similar to ls -l).
use cpio to archive a directory, you must pass a list of files to the utility using standard input
$ find ./my-work | cpio -o > /media/pen/my-work.cpio
use cpio to archive a directory, you must pass a list of files to the utility using standard input with compression
$ find ./my-work | cpio -o | gzip > /media/pen/my-work.cpio.gz
Extracting data from an uncompressed cpio archive (say, on another computer with the media mounted at /media/usb) entails using the -i option, but no pipe is required:
$ cpio -i < /media/usb/my-work.cpio
If your cpio archive is compressed, you must first uncompress it with gunzip. By using the -c option to this command, you can pass its output to cpio in a pipe:
$ gunzip -c /media/usb/my-work.cpio.gz | cpio -i
dd Utility
archive a filesystem at a very low level. This utility is a low-level copying program, and when it’s given the device file for a partition as input, it copies that partition’s contents to the output file you specify.

# dd if=/dev/sda3 of=/dev/st0
backs up the /dev/sda3 disk partition to /dev/st0 (a SCSI tape drive).
# dd if=/dev/sda3 of=/dev/st0
dd restore from /dev/sda3
# dd if=/dev/st0 of=/dev/sda3
dd utility shortcoming
good way to create exact backups of entire partitions but
backs up the entire partition, including any empty space
Restoring individual files is also impossible unless the target device is a random access device that can be mounted
you can’t easily restore data to a partition that’s smaller than the original partition

good for CD-ROM
/dev/zero device
a Linux device that returns nothing but zeroes
if you need an empty file of a
particular size
$ dd if=/dev/zero of=empty-file.img bs=1024 count=720

creates a 720KB (1024 × 720 bytes) empty file
In Linux, a link is a ?
In Linux, a link is a way to give a file multiple identities, similar to shortcuts in Windows and aliases in Mac OS.
Two types of links exist:
hard links and soft links (a.k.a.
symbolic links).
ln command
ln command creates links.

ln [options] source link

source is the original file, and the link is the name of the link you want to create
ln cmd options
-f
-i
-d, -F
-s
-f or --force option
causes ln to remove any existing links or files that have the target link name
-i or --interactive option
causes ln to remove any existing links or files that have the target link name but queireis
-d, -F, or --directory
Ordinarily, you can’t create hard links to directories. The root user can attempt to do so, though, by passing the -d, -F, or --directory option to ln
-s or --symbolic option
ln command creates hard links by default. To create a symbolic
link, use -s
mkdir Command
mkdir command creates a directory

mkdir [options] directory-name(s)
mkdir options
-m
-p
-m mode or --mode=mode option causes the new directory to have the specified permission mode, expressed as an octal number
-p or --parents option
if you specify the creation of a directory within a directory that doesn’t exist, mkdir responds with a No such file or directory error with -p option creates the parent
rmdir Command
destroys a directory

rmdir [options] directory-name(s)
delete one/two/three, then
one/two, and finally one
rmdir -p one/two/three

-p or --parents option causes rmdir to delete an entire directory tree
learn who owns a file
ls command

$ ls -l
total 1141
-rw-r--r-- 1 rodsmith users 219648 Mar 8 13:06 4425ch02.doc
-rw-r--r-- 1 rodsmith users 942590 Mar 6 23:31 f0201.tif

rodsmith - username of the owner
users - group name
Changing a File’s Owner
change a file’s ownership using the chown command

chown [options] [newowner][:newgroup] filenames
chown option
-R
-R or --recursive, which implements the ownership change on an entire directory tree.
Changing a File’s Group
changes a file’s group

chgrp [options] newgroup filenames
file type code
ls -l test
-rwxr-xr-x 1 rodsmith users 111 Apr 13 13:48 test

The first character has special meaning—it’s the file type code. The type code determines how Linux will interpret the file—as ordinary data, a directory, or a special file type
Linux File Type Codes
-
d
l
p
- Normal data file;

d Directory;

l Symbolic link; the file contains the name of another file or directory. When Linux accesses the symbolic link, it tries to read the linked-to file.

p Named pipe; a pipe enables two running Linux programs to communicate with each other.
Linux File Type Codes
s
b
c
s Socket; a socket is similar to a named pipe, but it permits network and bidirectional links.

b Block device; a file that corresponds to a hardware device to and from which data is transferred in blocks of more than one byte. Disk devices (hard disks, floppies, CD-ROMs, and so on) are common block devices

c Character device; a file that corresponds to a hardware device to and from which data is transferred in units of one byte. Examples include parallel and RS-232 serial port devices.
Meanings of Permission Bits
2 to 10
$ ls -l test
-rwxr-xr-x 1 rodsmith users 111 Apr 13 13:48 test
first char - file type code
2 to 10 are broken in 3 groups of 3 chars:
first group controls the file owner's access to files
second group controls the group's access to the file
third controls all other users' access to the file
Meanings of Permission Bits (2 to 10) each group (permission string)
the permission string determines the presence or absence of each of three types of access: read, write, and execute.
The absence of the permission is denoted by a dash (-) in the permission string.
permission bits (def)
Individual permissions, such as execute access for the file’s owner, are often referred to as permission bits
one digit for each of the owner, group, and world permissions
1 for execute permission,
2 for write permission, and
4 for read permission
permission string vs octal code
rwxrwxrwx

rwxr-xr-x

rwxr-x---
rwxrwxrwx - 777 - Read, write, and execute permissions for all users.
rwxr-xr-x - 755 - Read and execute permission for all users. The file’s owner also has write permission.
rwxr-x--- - 750 - Read and execute permission for the owner and group. The file’s owner also has write permission. Users who
aren’t the file’s owner or members of the group have no access to the file.
permission string vs octal code
rwx------
rw-rw-rw-
rw-rw-r--
rwx------ - 700 - Read, write, and execute permissions for the file’s owner only; all others have no access.
rw-rw-rw- - 666 - Read and write permissions for all users. No execute permissions for anybody.
rw-rw-r-- - 664 - Read and write permissions for the owner and group. Read-only permission for all others.
permission string vs octal code
rw-rw----
rw-r--r--
rw-r-----
rw-rw---- - 660 - Read and write permissions for the owner and group. No world permissions.
rw-r--r-- - 644 - Read and write permissions for the owner. Read-only permission for all others.
rw-r----- - 640 - Read and write permissions for the owner, and readonly permission for the group. No permission for others.
permission string vs octal code
rw-------
r--------
rw------- - 600 - Read and write permissions for the owner. No permission for anybody else.
r-------- - 400 - Read permission for the owner. No permission for anybody else.
Symbolic links are unusual with respect to permissions
This file type always has 777 (rwxrwxrwx) permissions, thus granting all users full access to the file. This access applies
only to the link file itself, however, not to the linked-to file
SUID
Set user ID (SUID)
used in conjunction with executable files, and it tells Linux to run the program with the permissions of whoever owns the file rather than with the permissions of the user who runs the program
SUID programs are indicated by an s in the owner’s execute bit position in the permission string, as in
rwsr-xr-x.
SGID
set group ID (SGID)
sets the group of the running program to the group of the file. It’s indicated by an s in the group execute bit position in the permission string, as in rwxr-sr-x. When the SGID bit is set on a directory, new files or subdirectories created in the original directory will inherit the group ownership of the directory, rather than be based on the user’s current default group
Sticky bit
In modern Linux implementations
it’s used to protect files from being deleted by those who don’t own the files. When this bit is present on a directory, the directory’s files can be deleted only by their owners, the directory’s owner, or root. The sticky bit is indicated by a t in the world execute bit position, as in rwxr-xr-t.
Linux ACLs
new and improved permission system
consist of three permission bits, one each for read, write, and execute permissions
file’s owner can assign ACLs to an arbitrary number of users and groups, making ACLs more flexible than Linux permissions, which are limited to groups defined by the system administrator

ACLs require their own commands to set and view. The setfacl command sets an ACL, and the getfacl command displays the ACLs for a file.
command sets an ACL
command displays the ACLs for a file
setfacl
getfacl
suppose you’ve acquired a script called bigprogram. You want to set both SUID and SGID bits (6); to make the program readable, writeable, and executable by the owner (7); to make it readable and executable by the group (5); and to make it completely inaccessible to all others (0).
$ ls -l bigprogram
-rw-r--r-- 1 rodsmith users 10323 Oct 31 18:58 bigprogram
$ chmod 6750 bigprogram
$ ls -l bigprogram
-rwsr-s--- 1 rodsmith users 10323 Oct 31 18:58 bigprogram
symbolic mode permission set code
u - Owner
g - Group
o - World
a - All
symbolic mode change type code
+ - Add
- - Remove
= - set equal to
symbolic mode permissions to modify code
r - Read
w - Write
x - Execute
X - Execute only if the file is a dir or already has execute permission
s - SUID or SGID
t - Sticky bit
u - existing owner's permissions
g - existing group permission
0 - existing world permissions
rw-r--r--
chmod a+x bigprogram will cause
rw-r--r--
chmod a+x bigprogram will cause
rwxr-xr-x
r--------
chmod ug=rw report.tex
r--------
chmod ug=rw report.tex
rw-rw----
rwxrwxr-x
chmod o-rwx bigprogram
rwxrwxr-x
chmod o-rwx bigprogram
rwxrwx---
rw-r--r--
chmod g=u report.tex
rw-r--r--
chmod g=u report.tex
rw-rw-r--
rw-rw-rw-
chmod g-w,o-rw report.tex
rw-rw-rw-
chmod g-w,o-rw report.tex
rw-r-----
umask command
When a user creates a file, that file has default ownership and permissions.
The default group is the user’s primary group.
The default permissions are configurable. These are defined by the user mask (umask), which is set by the umask command
Special Permission Bits list
SUID - Set user ID
SGID - Set group ID
Sticky bit
When a user creates a file what ownership and permissions are
When a user creates a file, that file has default ownership and permissions. The default owner is, user who created the file.
The default group is the user's primary group.
Permissions are configurable with user mask which is manipulated by umask command
Sample Umask Values and Their Effects
000
002
022
Umask - Created Files - Created Dir
000 - 666 (rw-rw-rw-)- 777 (rwxrwxrwx)
002 - 664 (rw-rw-r--) - 775 (rwxrwxr-x)
022 - 644 (rw-r--r--) - 755 (rwxr-xr-x)
Sample Umask Values and Their Effects
027
077
277
Umask - Created Files - Created Dir
027 - 640 (rw-r-----) - 750 (rwxr-x---)
077 - 600 (rw-------) - 700 (rwx------)
277 - 400 (r--------) - 500 (r-x------)
How superuser can set default setting fro all users
Edit
/etc/profile
contains unmask commands
find what the current umask is use
umask -S
umask u=rwx,g=rx,o=rx is equivalent to
umask 022
users can change their default group
with
newgrp

newgrp skyhook
create new files with the group set to the skyhook group
newgrp -l <group> cmd
newgrp -l skyhook, which reinitializes the
environment as if the user had just logged in.
chattr command
allows you to change file attributes
chattr command options
a
c
i
j
a - append only
sets append mode, which disables writes access but allows append
c - compressed
causes the kernel to automatically compress data written to the file and uncompress it when it's read back
i - immutable
makes file immutable, can't be deleted, links to it can't be created, and file can't be renameed
j - data journaling
tells the kernel to journal all data wrtten to the file
chattr command options
s
t
A
s - secure deletion
when you delete a file it might still be available for recycling with s kernel zeros its data blocks
t - no tail-merging
A - no access time updates
Linux won't update the access time stamp when you access a file
Tail-merging def
is a process in which small pieces of data at the ends of files that don’t fill a complete block are merged with similar pieces of data from other files. The result is reduced disk space consumption
cmd to add the immutable flag to the important.txt
# chattr +i important.txt

to remove the immutable

# chattr -i important.txt
Two general quota support systems are available for Linux
quota v1 support - up to 2.4.x kernel
quota v2 system - added after 2.6.x
How is the package called that is used for the quota v2 system
called quota

it installs a number of utilities, configuration files, SysV startup scripts
what you must modify for any partitions on which you want to use quota support
You must modify your /etc/fstab entries for any partitions on which you want to use
quota support.

/dev/hdc5 /home ext3 usrquota,grpquota 1 1

This line activates both user and group quota support for the /dev/hdc5 partition which is mounter at /home
How can you set the quotas
edquota

which starts the Vi editor on a temporary configuration file (/etc/quotatab) that controls quotas for the user you specify.
When you exit the utility, edquota uses the temporary configuration file to write the quota information to low-level disk data structures that control the kernel’s quota mechanisms.
edquota -t
set the grace period by using edquota with its -t option
Grace periods are set on a per-filesystem basis rather than a per-user basis
quotacheck
which verifies and updates quota information on quota-enabled disks
repquota
repquota, which summarizes the quota information about the filesystem you specify or on all filesystems if you pass it the -a option.
quota -g
quota -l
quota -q
quota -g
displays group quotas

quota -l
omits NFS mounts

quota -q
limits output to filesystems on which usage is over the limit
FSSTND (abbr and def)
FSSTND - Filesystem Standard

FSSTND standardized several specific features
1)Standardized t NN he programs that reside in /bin and /usr/bin. Differences on this score
caused problems when scripts referred to files in one location or the other
2)Specified that executable files NN shouldn’t reside in /etc, as had previously been common.
3)Removed changeable files from the /usr directory tree, enabling it to be mounted readonly (a useful security measure)
FHS
FHS - Filesystem Hierarchy Standard
is based on FSSTND but extends it substantially
FHS shareable file
Shareable files may be reasonably shared between computers, such as user data files and program binary files. If files are shared, they’re normally shared through an NFS server
FHS unshareable file
contain system-specific information, such as configuration files. For instance, you’re not likely to want to share a server’s configuration file between computers
FHS static files
don’t normally change except through direct intervention by the
system administrator
FHS variable files
Variable files may be changed by users, automated scripts, servers, or the like
FHS /
every Linux filesystem traces its roots to the root filesystem/dir
Where /etc and /sbin should be location
must reside on the root partition
FHS /boot
/boot directory contains static and unshareable files related to the initial booting
of the computer.
FHS /etc
Higher-level startup and configuration files reside in /etc
FHS /bin
This directory contains certain critical executable files, such as ls, cp, and mount. These commands are accessible to all users and constitute the most important commands
that ordinary users might issue
FHS /sbin
directory is similar to /bin, but it contains programs that are normally run only by the system administrator—tools like fdisk and e2fsck
FHS /lib
similar to /bin and /sbin
it contains program libraries, which are made up of code that’s shared across many programs and stored in separate files to save disk space and RAM
/lib/modules
/lib/modules subdirectory contains kernel modules—drivers that can be loaded and unloaded as required.
FHS /usr
hosts the bulk of a Linux computer’s programs
FHS /usr/local
contains subdirectories that mirror the organization of /usr, such as /usr/local/bin and /usr/local/lib.
/usr/local directory hosts files that a system administrator installs locally
FHS /usr/X11R6
houses files related to the X Window System
FHS /opt
similar to /usr/local in many ways, but it’s intended for readymade packages that don’t ship with the OS, like commercial word processors or games. Typically, these programs reside in subdirectories in /opt named after themselves, such as /opt/applix.
FHS /home
This directory contains users’ data, and it’s shareable and variable. Although the /home
directory is considered optional in FHS, in practice it’s a matter of the name being optional.
FHS /root
home directory for the root user. Because the root account is so critical and system specific, this variable directory isn’t really shareable.
FHS /var
contains transient files of various types--system log files, print spool files, mail and news files, and so on
FHS /tmp
Many programs need to create temporary (hence variable) files, and the usual place
to do so is in /tmp.
FHS /mnt
Linux mounts removable-media devices within its normal directory structure, and
/mnt is provided for this purpose

/mnt, such as /mnt/floppy and /mnt/cdrom, to function as mount points
FHS /media
This directory is an optional part of the FHS. It’s like /mnt, but it should contain
subdirectories for specific media types, such as /media/floppy and /media/cdrom. Many modern distributions use /media subdirectories as the default mount points for common removable disk types.
FHS /dev
Linux treats most hardware devices as if they were files, the OS must have a location in its filesystem where these device files reside. The /dev directory is that place. It contains a large number of files that function as hardware interfaces.
FHS /proc
This is an unusual directory because it doesn’t correspond to a regular directory or partition. Instead, it’s a virtual filesystem that’s created dynamically by Linux to provide access to certain types of hardware information that aren’t accessible via /dev
displaying information about your
CPU—its model name, speed, and so on
cat /proc/cpuinfo
find Command
find utility implements a brute-force approach to finding files

find [path...] [expression...]
find
-name pattern

-perm mode

-gid GID
-name pattern
You can search for a filename using the -name pattern expression doing so finds files that match the specified pattern

-perm mode
If you need to find files that have certain permissions, you can do so by using the -term mode expression

-gid GID
searches for files whose group ID (GID) is set to GID
find
-size n

-group name

-uid UID
-size n
You can search for a file of a given size

-group name
option locates files whose group name is name

-uid UID
searches for files owned by the user whose
user ID (UID) is UID
find
-user name

-maxdepth levels
-user name
searches for files owned by name

-maxdepth levels
If you want to search a directory and, perhaps, some limited number of subdirectories, you can use the -maxdepth levels expression to limit the search
consider the task of finding all C source code files, which normally have names that end in .c, in all users’ home directories. If these home directories reside in /home, you might issue the following command:
# find /home -name “*.c”
locate cmd
locate utility works much like find if you want to find a file by name, but it differs in two important ways

1)far less sophisticated in its search options. You normally use it to search only on filenames, and the program returns all files that contain the specified string. For instance, when searching for rpm, locate will return other programs, like gnorpm and rpm2cpio.
2)locate program works from a DB that it maintains Most distributions include a cron job that calls locate with options that cause it to update its database periodically, such as once a night or once a week
slocate cmd
Some Linux distributions use slocate rather than locate

slocate program includes security features to prevent users from seeing the names of files in directories they shouldn’t be able to access
whereis cmd
searches for files in a restricted set of locations, such as standard binary file directories, library directories, and man page directories
This tool does not search user directories or many other locations that are easily searched by find or locate.
cmd locates ls
$ whereis ls
ls: /bin/ls /usr/share/man/man1/ls.1.bz2

result shows both the ls executable (/bin/ls) and the ls man page
which cmd
Considered as a search command, which is very weak; it merely searches your path for the command that you type and lists the complete path to the first match it find.
For instance, you might want to know
where the xterm program is located:

$ which xterm
/usr/bin/xterm
type Command
ommand isn’t really a search command; instead, it tells you how a command you
type will be interpreted—as a built-in command, an external command, an alias, and so on.

$ type type
type is a shell builtin
$ type cat
cat is /bin/cat
$ type ls
ls is aliased to `ls --color’