Learning Path Beginner Linux Linux / Systems Engineer

Linux Engineer Learning Path

A complete roadmap to mastering Linux — from basic commands to system administration, shell scripting, networking, security hardening, and managing production servers.

Path Goal

By the end of this path you will confidently manage Linux servers in production — administering users, processes, storage, networking, security, and services using the command line.

7
Milestones
8–12 weeks
Duration
5
Projects
100%
Free
January 18, 2025 Linux / Systems Engineer
linux bash shell-scripting sysadmin networking security
LINUX Beginner
Linux Engineer Learning Path
Linux / Systems Engineer · 8–12 weeks

Click a milestone to see tools, technologies, and resources

0% explored

Select a station to explore tools and resources

0% explored
roadmap.sh-style view
Click any topic or milestone card for free & premium resources
What You'll Achieve
  • Navigate and manage Linux file systems, permissions, and ownership confidently
  • Write production-quality bash scripts for automation and ops tasks
  • Manage users, groups, sudo access, and system services
  • Configure network interfaces, firewalls, and diagnose connectivity issues
  • Administer storage with LVM, manage mounts, and monitor disk health
  • Harden a Linux server to production security standards

Who Is This Path For?

This path is for absolute beginners — you’ve never used a Linux terminal before, and that’s completely fine. It’s also great for developers who use Linux daily but have gaps in their sysadmin knowledge.

Linux is the foundation of cloud computing, DevOps, and server engineering. Almost every server running AWS, Kubernetes, or Docker runs on Linux. This path gives you that foundation.

Milestone 1 — Getting Started with Linux

Break the fear of the terminal. It’s just text — and it’s powerful.

Topics:

  • What is Linux? Distributions — Ubuntu, CentOS, Amazon Linux
  • Installing Ubuntu (VM with VirtualBox, or a free EC2 t2.micro)
  • The terminal — what it is, why it matters
  • Essential commands: ls, cd, pwd, mkdir, rm, cp, mv
  • Understanding the Linux file system hierarchy (/etc, /var, /home, /usr, /tmp)
  • Getting help — man, --help, tldr
  • Package management — apt update, apt install, apt remove

Hands-On Task: Install Ubuntu on a VM or EC2. Navigate to 5 different system directories, read a config file with cat, and install htop, tree, and curl using apt.

Milestone 2 — Files, Permissions & Users

Linux security starts here. Everything is a file — and every file has an owner.

Topics:

  • File permissions — read, write, execute (r, w, x)
  • chmod — symbolic (chmod u+x) and octal (chmod 755)
  • chown and chgrp — changing ownership
  • User management — useradd, usermod, userdel, passwd
  • Group management — groupadd, groups, gpasswd
  • sudo — granting and restricting root access (/etc/sudoers, visudo)
  • Special permissions — setuid, setgid, sticky bit
  • umask — default permission for new files

Hands-On Task: Create three users (dev, ops, readonly). Set up a shared group directory where dev and ops can write but readonly can only read. Use visudo to allow ops to run only systemctl with sudo.

Milestone 3 — Bash Scripting

Stop repeating commands. Automate everything.

Topics:

  • Shebang line, making scripts executable (chmod +x)
  • Variables — declaring, using, environment vs local
  • User input — read, command-line arguments ($1, $@, $#)
  • Conditionals — if/elif/else, test, [[ ]] comparisons
  • Loops — for, while, until
  • Functions — defining, calling, returning values
  • Exit codes and error handling — $?, set -e, trap
  • String manipulation — cut, awk, sed, grep
  • Arithmetic — $(( )), bc
  • Logging — writing to files, timestamps, log levels

Hands-On Task 1: Write a script that checks if a website is reachable every 5 minutes, logs the result with a timestamp, and sends an alert (echo or email) if it’s been down for 3 consecutive checks.

Hands-On Task 2: Write a system health report script that outputs CPU usage, memory usage, disk usage, top 5 processes by CPU, and failed systemd services — all formatted as a readable report.

Milestone 4 — Process & Service Management

Topics:

  • Processes — ps, top, htop, pgrep, kill, killall, nice, renice
  • Background jobs — &, jobs, fg, bg, nohup, screen, tmux
  • systemd — the init system
    • systemctl start/stop/restart/enable/disable/status
    • Writing a custom .service unit file
    • journalctl — querying logs (-u, -f, --since)
  • Cron — crontab -e, cron syntax, /etc/cron.d/
  • Anacron for systems that aren’t always on
  • logrotate — managing log file sizes

Hands-On Task: Write a Python web server, create a systemd service unit for it (start on boot, restart on failure), enable it, and verify it starts after a reboot. Set up logrotate to compress its logs weekly.

Milestone 5 — Networking

Topics:

  • Networking basics — IP addresses, subnets, CIDR, gateways, DNS
  • Network interfaces — ip addr, ip link, ip route, nmcli
  • DNS — /etc/resolv.conf, /etc/hosts, dig, nslookup
  • SSH — connecting, key-based auth, ~/.ssh/config, tunnels, scp, rsync
  • Firewall management:
    • ufw — simple and practical (Ubuntu)
    • iptables — understanding INPUT, OUTPUT, FORWARD chains
    • firewalld — zones and services (CentOS/RHEL)
  • Troubleshooting tools — ping, traceroute, mtr, ss, netstat, tcpdump, nc, curl
  • /etc/hosts and local DNS overrides

Hands-On Task: Set up two VMs. Configure SSH key authentication between them. Write a firewall ruleset with ufw that allows only SSH (22) and HTTP (80) inbound. Use tcpdump to capture and inspect HTTP traffic.

Milestone 6 — Storage & Disk Management

Topics:

  • Block devices — /dev/sda, lsblk, fdisk, parted
  • Filesystems — mkfs.ext4, mkfs.xfs, mkfs.btrfs, when to use each
  • Mounting — /etc/fstab, mount, umount, UUIDs
  • LVM — Logical Volume Manager
    • Physical Volumes (PV), Volume Groups (VG), Logical Volumes (LV)
    • Creating, extending, and snapshotting LVs
  • Disk monitoring — df, du, iostat, iotop, dstat
  • NFS — setting up an NFS server and client mount
  • Swap — creating and managing swap space

Hands-On Task: Attach a new 10GB disk to your VM. Create a partition, set up LVM on it (PV → VG → LV), format it ext4, mount it persistently via /etc/fstab. Then extend the LV by 5GB without unmounting.

Milestone 7 — Security Hardening & Production Readiness

Servers in production must be hardened. This milestone teaches you how professionals do it.

Topics:

  • SSH hardening:
    • Disable root login (PermitRootLogin no)
    • Key-based auth only (PasswordAuthentication no)
    • Change default port
    • AllowUsers directive
  • fail2ban — blocking brute-force SSH attacks
  • Automatic security updates (unattended-upgrades)
  • SELinux overview (CentOS) and AppArmor (Ubuntu) — modes, profiles
  • Audit logs — auditd, aureport, ausearch
  • Finding world-writable files and SUID binaries
  • CIS Benchmark basics — hardening checklist
  • System patching strategy — staging → production

Capstone Project: Start with a fresh Ubuntu 24.04 VM. Write a single bash script that:

  1. Creates an ops user with sudo privileges and SSH key
  2. Disables root SSH login and password authentication
  3. Installs and configures fail2ban
  4. Sets up ufw rules (SSH + HTTP + HTTPS only)
  5. Enables automatic security updates
  6. Installs auditd and enables logging of privilege escalations
  7. Outputs a final security report

This script becomes your server bootstrap automation — the kind that DevOps and SRE teams run on every new server.

Help Improve This Learning Path

Have a resource, project idea, or milestone suggestion? Submit it!

Open Google Form