Unix Philosophy Workflow Advisory and Command Reference

Executive Summary

This document serves three purposes:

  1. Provide David with a structured path toward Unix mastery.

  2. Document my workflow, tools, and high-leverage Linux commands.

  3. Work on itrack tickets: 3a. incident # 1911859 3b. service request# 3508480

The emphasis is on:

  • Terminal-first workflow

  • Composability

  • Text processing

  • Structured data mastery (JSON/YAML)

  • Performance-aligned hardware decisions

== iTrack Tickets




.incident # 1911859
----
1. Details in ticket added by requestor {Arin Khachikyan}: Evan, opening up a ticket on this so its on your tracker. You should have the list of MACs in our Teams chat, but if you need it again please reach out to me. (AutoClosed)

Requestor name: Arin Khachikyan
Requestor department: Network team
Problem Summary: wireless strongline devices are not in the correct ISE identity group which is causing these endpoints to go into the incorrect VLAN/Network.

ISE policy info:
    Identity group name: IoT_iPSK_VLAN1610_Strongline

    Policy Set:
    Authorization Policy Name: IoT iPSK Devlce VLAN 1610
    Authororization Profile: IoT_WiFI_iPSK_VLAN1610_Strongline


Action Plan:
1. Run an export from ISE context visibility of all strongline devices and filter out the devices that are:
   1a. in the correct identity group
   1b: the ones that are not and need to be moved.

Link to ISE context visibility: https://ppan.ise.chla.org/admin/#context_dir/context_dir_devices

2. Check and confirm with Infoblox to ensure that strongline devices that are in the incorrect VLAN are accounted for and no missed in the ISE export.

Link to Infoblox: https://ehb-infoblox.la.ad.chla.org/ui/

3. Run a context visiblity endpoint import using an approved ISE CSV format that can be export right from the ISE context visiblity endpoints dashboard.


Additional notes:
1. Reopen the incident that was closed
2. Open a task for:
   2a. Evan
   2b. David
----


.service request# 3508480
----
Current problem: Researcher, Xianming Ding is having issues connecting to the Linux workstation using his AD account with SSH.

-----




== Part I — Unix Philosophy in Practice

Core principles:

* Do one thing well.
* Compose small tools.
* Prefer text interfaces.
* Automate repetition.
* Make everything grep-able.

Terminal mastery compounds.

Part II — Core Workflow Model

Shell Environment

Typical stack:

  • Arch Linux

  • Tiling window manager

  • Neovim

  • tmux

  • aerc (email)

  • git

  • Firefox + Tridactyl

== Part III — Hardware Advisory for David

=== Inspect Current Mac Hardware

[source,bash]
----
# macOS hardware summary
system_profiler SPHardwareDataType

# Check RAM
sysctl hw.memsize

# CPU info
sysctl -n machdep.cpu.brand_string

# Disk info
diskutil list
----

=== On Linux (if testing hardware)

[source,bash]
----
# CPU
lscpu

# Memory
free -h

# Detailed memory
sudo dmidecode -t memory

# GPU
lspci | grep -i vga

# Disk
lsblk
----

=== LLM Workload Reality Check

[source,bash]
----
# Monitor RAM usage live
watch -n1 free -h

# Monitor GPU usage (NVIDIA)
nvidia-smi

# Monitor system load
htop
----

Recommended baseline for local AI:

* 32GB RAM minimum
* Upgradeable memory
* Discrete GPU
* NVMe storage
* Native Linux compatibility

Part IV — Essential Unix Commands (High Leverage)

Searching and Filtering

# Recursive search
grep -R "pattern" .

# Faster alternative
rg "pattern"

# Find files by name
fd filename

# Find files by extension
fd -e log

# Search including hidden files
rg -uu "pattern"

Text Processing Mastery

# Print first column
awk '{print $1}' file.txt

# Sum column values
awk '{sum += $3} END {print sum}' file.txt

# Replace text
sed 's/old/new/g' file.txt

# In-place replace
sed -i 's/old/new/g' file.txt

# Extract lines 10-20
sed -n '10,20p' file.txt

Sorting and Counting

# Count unique entries
sort file.txt | uniq -c | sort -nr

# Top 10 largest files
du -ah . | sort -rh | head -10

Powerful Pipelines Example

# Top IPs in access log
awk '{print $1}' access.log | sort | uniq -c | sort -nr | head
== Part V — Process and Network Diagnostics

=== Process Management

[source,bash]
----
ps aux | grep process
kill -9 <pid>
htop
top
----

=== Network Diagnostics

[source,bash]
----
# Listening ports
ss -tulnp

# Open files on port
lsof -i :443

# Ping test
ping 8.8.8.8

# Trace route
traceroute google.com
----

Part VI — Structured Data Mastery (JSON)

Install jq (Arch)

sudo pacman -S jq

Basic JSON Operations

# Pretty print
jq . file.json

# Extract field
jq '.user.name' file.json

# Extract array values
jq '.items[] | .id' file.json

# Filter objects
jq '.users[] | select(.active==true)' file.json

# Count items
jq '.items | length' file.json

Transform JSON

# Create new object
jq '{name: .user.name, id: .user.id}' file.json

# Update value
jq '.enabled = true' file.json

# Remove field
jq 'del(.password)' file.json

Parse API Output

curl -s https://api.example.com/data | jq '.data[] | {id, status}'

Group and Aggregate

jq '.logs | group_by(.level) | map({level: .[0].level, count: length})' logs.json
== Part VII — YAML Mastery (yq)

=== Install yq

[source,bash]
----
sudo pacman -S yq
----

=== Basic YAML Queries

[source,bash]
----
# Pretty print
yq eval '.' file.yaml

# Extract nested field
yq eval '.spec.template.spec.containers[0].image' deployment.yaml

# Update value in place
yq eval '.replicas = 3' -i deployment.yaml
----

=== Convert Between Formats

[source,bash]
----
# YAML to JSON
yq -o=json eval '.' file.yaml

# JSON to YAML
jq . file.json | yq -P
----

=== Combine yq and jq

[source,bash]
----
yq -o=json eval '.' config.yaml | jq '.items[] | .name'
----

Part VIII — Log Analysis Mastery

Extract Errors

grep -i error application.log

Follow Logs Live

tail -f application.log

JSON Logs

cat app.json.log | jq '. | select(.level=="error")'
== Part IX — Active Directory Troubleshooting (Linux Workstation)

[source,bash]
----
# Check domain join
realm list

# Check SSSD
systemctl status sssd

# Test user lookup
id username

# Kerberos tickets
klist

# SSSD logs
journalctl -u sssd

# Network to domain controller
ping dc.domain.local
----

Part X — Daily Practice Recommendations for David

  1. Use the terminal for everything possible.

  2. Write 10 jq queries per day.

  3. Rewrite GUI workflows as CLI workflows.

  4. Store all documentation as plain text.

  5. Build reusable command snippets.

== Closing Statement

The terminal is leverage.

Master:

* grep
* awk
* sed
* jq
* yq
* git
* pipelines

And the system becomes programmable.

Small tools.
Composed well.
Win.

Using tee for Safe and Visible Appends

The tee command allows writing output to both standard output (your screen) and a file simultaneously. It is safer and more transparent than cat >> because you see exactly what is being written.

Basic Append Usage

tee -a file.adoc << 'EOF'
New content here
EOF

Flags explained:

  • -a → append (without it, tee overwrites)

  • << 'EOF' → quoted heredoc (prevents shell expansion)

=== Why I Prefer tee Over cat >>

Benefits:

* Visible confirmation of content
* Reduced risk of silent corruption
* Better for documentation workflows
* Easier to audit before committing

Example: Appending an AsciiDoc Section

tee -a docs/modules/ROOT/_drafts/DOC-2026-03-02-unix-workflow-advisory.adoc << 'EOF'

== Additional File Inspection Techniques

[source,bash]

stat file.adoc du -h file.adoc file file.adoc git status --short file.adoc

EOF
=== Using tee in Pipelines

One of the most powerful uses of `tee` is capturing output while continuing
a pipeline.

Example: Save command output while inspecting it.

[source,bash]
----
ls -lh | tee listing.txt
----

Example: Capture logs while monitoring them.

[source,bash]
----
journalctl -u sssd -f | tee sssd-live.log
----

Example: Capture API output before processing with jq.

[source,bash]
----
curl -s https://api.example.com/data \
  | tee raw.json \
  | jq '.items[] | {id, status}'
----

Workflow Integration

How I use or will use tee in practice:

  1. Capture diagnostic commands during ticket troubleshooting.

  2. Save structured API output before transforming with jq.

  3. Preserve logs while debugging AD or network issues.

  4. Append documentation sections programmatically.

  5. Record command output as artifacts for later review.

Example during AD troubleshooting:

realm list | tee realm-output.txt
systemctl status sssd | tee sssd-status.txt
journalctl -u sssd | tee sssd-logs.txt

This ensures:

  • Reproducibility

  • Auditability

  • Knowledge retention

  • Clean documentation history

=== Final Philosophy

`tee` turns ephemeral terminal output into durable knowledge.

In a Unix-first workflow, anything not captured is lost.

Capture intentionally.

Immutable and Image-Based Linux Operating Systems

In contrast to traditional mutable Linux distributions (e.g., Arch Linux, Ubuntu, Rocky Linux, Fedora Workstation), immutable or image-based operating systems are designed so that the core system is essentially read-only, with changes delivered as atomic updates. These systems emphasize:

  • Stability through enforced immutability

  • Atomic, transactional updates with rollback capability

  • Reduced configuration drift

  • Predictability for desktop, server, and container workloads

Immutable distributions are growing in popularity for both desktop stability and cloud or container-centric deployments. :contentReference[oaicite:0]{index=0}

Core Concepts

  • Immutable base — The core OS files are mounted read-only.

  • Atomic updates — New system states are deployed as images rather than incremental package installs.

  • Rollback support — Ability to revert to a known good state.

  • Containers and layering — Tools like Flatpak, Toolbox, or containers are used for workloads without modifying the system base.

Many immutable systems use tools like OSTree (a Git-like content-addressed update system) to manage images and updates. :contentReference[oaicite:1]{index=1}

== Major Immutable Linux Options (With Links)

=== Fedora Atomic / Silverblue Ecosystem

* 🐧 **Fedora Silverblue** — The flagship immutable desktop version of Fedora with GNOME.
  Official: https://silverblue.fedoraproject.org/ :contentReference[oaicite:2]{index=2}

* 🐧 **Fedora Kinoite** — KDE Plasma variant of Silverblue.
  Official: https://kinoite.fedoraproject.org/ :contentReference[oaicite:3]{index=3}

* 🐧 **Fedora Sway Atomic** — Sway tiling WM variant.
  Docs: https://docs.fedoraproject.org/en-US/fedora/latest/system-docs/silverblue/ (search for Sway) :contentReference[oaicite:4]{index=4}

* 🐧 **Fedora Budgie Atomic** — Budgie Desktop variant.
  Community info: https://docs.fedoraproject.org/en-US/fedora/latest/system-docs/silverblue/ :contentReference[oaicite:5]{index=5}

* **Fedora CoreOS** — Minimal, container-oriented immutable OS.
  Official: https://coreos.fedoraproject.org/ :contentReference[oaicite:6]{index=6}

Fedora’s immutable “Atomic” editions are designed to make updates safe and predictable, with the ability to roll back to previous deployments. :contentReference[oaicite:7]{index=7}

---

=== openSUSE Immutable Variants

* 🐧 **openSUSE MicroOS** — A minimal, transactional server/desktop OS with automatic rollback.
  Official: https://en.opensuse.org/Portal:MicroOS :contentReference[oaicite:8]{index=8}

* 🐧 **openSUSE Aeon** — Immutable GNOME variant (community).
  Awesome lists: https://malix-labs.github.io/Awesome-Atomic/ :contentReference[oaicite:9]{index=9}

* 🐧 **openSUSE Kalpa** — Immutable KDE variant (community).
  Awesome lists: https://malix-labs.github.io/Awesome-Atomic/ :contentReference[oaicite:10]{index=10}

---

=== Purely Declarative / Reproducible Systems

* 🐧 **NixOS** — Declarative operating system built on the Nix package manager with robust rollback.
  Official: https://nixos.org/ :contentReference[oaicite:11]{index=11}

* 🐧 **GNU Guix System** — Declarative system similar to NixOS, using Guix.
  Official: https://guix.gnu.org/ :contentReference[oaicite:12]{index=12}

---

=== Other Immutable and Minimal Systems

* 🐧 **Flatcar Container Linux** — Immutable Linux focused on containers and edge/cloud.
  Official: https://www.flatcar.org/ :contentReference[oaicite:13]{index=13}

* 🐧 **Ubuntu Core** — Snap-based immutable OS for IoT/embedded.
  Official: https://ubuntu.com/core :contentReference[oaicite:14]{index=14}

* 🐧 **Bottlerocket** — AWS-built immutable OS targeting container workloads.
  Official: https://aws.github.io/bottlerocket/ :contentReference[oaicite:15]{index=15}

* 🐧 **Talos Linux** — Immutable Kubernetes-focused OS.
  Official: https://www.talos.dev/ :contentReference[oaicite:16]{index=16}

* 🐧 **Endless OS** — Desktop with read-only base and Flatpak app delivery.
  Official: https://endlessos.org/ :contentReference[oaicite:17]{index=17}

* 🐧 **Vanilla OS** — Hybrid immutable system based on Debian/Ubuntu with flexible package layering.
  Official: https://vanilla-os.org/ :contentReference[oaicite:18]{index=18}

* 🐧 **SteamOS (Immutable)** — The gaming-oriented OS powering Steam Deck, built with an immutable base.
  Official: https://store.steampowered.com/steamos/ :contentReference[oaicite:19]{index=19}

* 🐧 **blendOS** — Emerging immutable system supporting multiple distro patterns.
  Official: https://blendos.org/ :contentReference[oaicite:20]{index=20}

---

=== Immutable Variants *Not* Provided by Rocky Linux (Yet)

At present, neither **Rocky Linux** nor **AlmaLinux** (RHEL clones) offer a first-class immutable or OSTree-based desktop flavor like Fedora Silverblue. Discussions exist in the community about a potential OSTree spin, but no official release has materialized. :contentReference[oaicite:21]{index=21}

🔗 Rocky Linux official page: https://rockylinux.org/ :contentReference[oaicite:22]{index=22}

---

== How to Explore Immutable Distros

=== Fedora (rpm-ostree) Commands

```bash
# Show current deployment
rpm-ostree status

# Update to the latest image
rpm-ostree upgrade

# Rollback to the previous image
rpm-ostree rollback

# Rebase Silverblue to a different Fedora release
rpm-ostree rebase fedora:fedora/XYZ/atomic

Reviving a MacBook with Linux — Intel (T2) and Apple Silicon Options

Modern Linux distributions support many hardware platforms, but Apple devices require special considerations.

This section covers how to install Linux on both:

  • Intel Macs with Apple T2 Security Chip

  • Apple Silicon Macs (M1, M2, etc.)

We will describe distributions, kernels, installer projects, commands, and links to official resources.

=== Intel Macs with Apple T2 Chip

Apple’s T2 Security Chip (found in many 2018–2020 Intel MacBook models) blocks Linux from loading drivers via the stock kernel. The community has developed patched kernels and tailored installers to enable Linux.

==== 1. T2 Linux Kernel Project

The core resource for Linux support on T2 Macs:

* GitHub: https://github.com/t2linux/T2-Debian-and-Ubuntu-Kernel

This repository contains:

* Patched kernels for Debian/Ubuntu
* Multiple kernel variants (mainline, LTS, Xanmod)
* Build instructions for creating your own patched kernel

You do not need to build the kernel by hand if you use pre‑built images.

==== 2. Distribution Images for T2 Macs

Several community projects offer ready‑to‑use live ISOs:

* **T2‑Ubuntu** — Ubuntu with T2 kernel patches
  https://github.com/t2linux/T2-Ubuntu

* **T2‑Mint** — Linux Mint variant with T2 support
  https://github.com/t2linux/T2-Mint

These images include the patched kernel and boot support, so installation on T2 hardware is much smoother.

==== 3. Example Commands

Mount and inspect a USB installer:

[source,bash]
----
# Create bootable USB (example using Ubuntu ISO)
sudo dd if=ubuntu-t2.iso of=/dev/diskX bs=4M status=progress

# Inspect kernel version
uname -r

# Check available kernels (after install)
dpkg --list | grep linux-image
----
Make sure the kernel you install includes “t2” or similar in the package name.

==== 4. Limitations & Notes

* External keyboard/mouse may be needed for install.
* Wi‑Fi drivers may not work out of the box — sometimes requiring firmware blobs.
* Sleep/suspend may not be fully supported.
* Community support can vary over time.

Community wiki for Wi‑Fi drivers: https://wiki.t2linux.org/guides/wifi

==== 5. Links & Resources

* T2 Linux Kernels: https://github.com/t2linux/T2-Debian-and-Ubuntu-Kernel
* T2 Ubuntu Installer: https://github.com/t2linux/T2-Ubuntu
* T2 Mint Installer: https://github.com/t2linux/T2-Mint
* T2 Linux Wiki & Docs: https://wiki.t2linux.org/
* Community discussions (Reddit): https://www.reddit.com/r/linux4noobs

Apple Silicon Macs (M1 / M2 and newer)

Apple’s transition to ARM‑based Apple Silicon (M1, M2, etc.) requires a different kernel approach than Intel/T2. The community has made significant progress, and some projects provide near‑mainline Linux support.

1. Asahi Linux — The Canonical Apple‑Silicon Linux Port

Asahi Linux is the primary, actively maintained project focused on:

  • M1/M2 kernel support

  • Hardware drivers (GPU, USB, networking)

  • Boot integration with Apple firmware

Asahi provides a bespoke installer that simplifies the process.

2. Asahi Linux Installation Overview

Here’s how you generally install Asahi Linux:

# First, boot macOS into Recovery via Command+R
# Then open Terminal and run the Asahi install script
curl https://alx.sh | sudo bash

This script walks through partition resizing, boot loader setup, and kernel installation.

3. Manual Kernel & Support Details

For advanced users or custom distributions:

  • Asahi patches are upstreamed into the mainline kernel regularly.

  • You can build your own kernel with Asahi patches.

Asahi GitHub repository: github.com/AsahiLinux

4. Limitations & Notes

  • Not all hardware features may be stable initially (trackpad, GPU acceleration, etc.).

  • Frequent upstream updates may require rebuilds or updates to patches.

Messages from the community, including hardware support lists, are available on Asahi’s own forums and GitHub.

5. Links & Resources

=== Which Approach Should You Choose?

| Hardware Type | Recommended Path |
|---------------|------------------|
| Intel + T2 Chip | T2 Linux Kernel + T2‑Ubuntu or T2‑Mint |
| Apple Silicon (M1/M2) | Asahi Linux |
| Legacy Intel (no T2) | Any mainstream distro (Arch, Debian, Ubuntu) |
| Newer ARM (non‑Apple) | distro of choice with ARM support |

Both methods allow you to revive older Apple hardware with full or nearly full Linux support, but each has trade‑offs.

Testing Before Installing

  • Always test with a live USB first (if supported).

  • Ensure keyboard, touchpad, and networking work before committing to install.

  • Back up all macOS data before resizing partitions.

=== External Resources

* T2 Linux Kernel Project — https://github.com/t2linux/T2-Debian-and-Ubuntu-Kernel
* T2‑Ubuntu Installer — https://github.com/t2linux/T2-Ubuntu
* T2‑Mint Installer — https://github.com/t2linux/T2-Mint
* T2 Linux Wiki — https://wiki.t2linux.org/
* Asahi Linux — https://asahilinux.org/
* Asahi Linux Docs — https://docs.asahilinux.org/
* Asahi GitHub — https://github.com/AsahiLinux
* Community forum — https://discuss.asahilinux.org/