# Linux+ Study Targets This file tracks Linux+ weak areas, missed concepts, exam traps, and future lesson/quiz priorities. The purpose of this file is to guide future Emacs Lisp lesson and quiz creation. Lessons should be focused, topic-based, and generated using the existing numbered file convention in this repository. Avoid copying exact copyrighted study-book or practice-exam questions. Prefer paraphrased notes that capture the missed concept, the correct answer pattern, and the exam wording trap. ## Current Study Priority The next lessons should focus on weak areas that have appeared in missed questions, uncertain answers, or repeated review needs. Highest priority areas: ``` 1. Firewall basics, UFW, firewalld, and IDS recognition 2. Storage, LVM, and quotas 3. Boot process, GRUB2, kernel startup, and systemd 4. Kernel modules and hardware/system inspection 5. Networking services, ports, packet filtering, and bandwidth tools 6. Permissions, ACLs, ownership, and directory traversal 7. Scheduled tasks, cron syntax, and automation 8. Backup, archive, sync, and file transfer tools 9. Mail filtering and redirection 10. Cloud, containers, orchestration, and object storage 11. Databases, web services, and service role recognition ``` ## Next Suggested Lesson/Quiz Pair The next unused pair should continue the repository numbering scheme. Suggested next files: ``` 104-firewall-review-lesson.el 105-firewall-review-quiz.el ``` Suggested topic: ``` Firewall ACLs, packet inspection, persistent firewall configuration, stateful firewall behavior, firewalld runtime-to-permanent rules, numbered UFW rules, simple UFW SSH blocking, DenyHosts, and Fail2Ban ``` Reason: This topic reinforces several recent missed Linux+ book review questions. ## Study Format Each weak area should be recorded using this pattern: ``` Missed area: Correct concept: Exam wording trap: Commands/files to remember: Future lesson topic: Status: ``` Possible status values: ``` Needs lesson Needs quiz Needs review Improving Solid ``` ## Weak Area: Firewall Review Missed area: ``` Firewall basics, stateful firewall behavior, firewalld persistence, UFW command syntax, and DenyHosts/Fail2Ban recognition ``` Correct concept: ``` Firewalls use ACLs, inspect network packets, and use configuration files for persistence. ACL means access control list. Firewall ACL rules allow or deny traffic based on details such as source address, destination address, protocol, port, or interface. A stateless firewall checks packets against rules without remembering the state of a connection. A stateful firewall tracks connection state. For this book review, remember that a stateful firewall can operate faster for established connections and can determine if packets are fragmented. firewalld can use runtime configuration and permanent configuration. After testing firewalld runtime rules, make them permanent with: sudo firewall-cmd --runtime-to-permanent To view numbered UFW rules, use: sudo ufw status numbered To block SSH using simple UFW syntax, use: sudo ufw deny 22/tcp For this book item, remember DenyHosts and Fail2Ban as IDS tools. The expected answer associates them with /etc/hosts.deny. ``` Exam wording trap: ``` "Make firewalld runtime rules permanent" points to: firewall-cmd --runtime-to-permanent "Numbered UFW rules" points to: sudo ufw status numbered "Deny SSH with simple UFW syntax" points to: sudo ufw deny 22/tcp DenyHosts is strongly associated with /etc/hosts.deny. Fail2Ban commonly blocks through firewall actions in real-world configurations, but for the book question, memorize the book's expected wording. ``` Commands/files to remember: ``` sudo firewall-cmd --runtime-to-permanent sudo ufw status numbered sudo ufw deny 22/tcp /etc/hosts.deny ``` Future lesson topic: ``` 104-firewall-review-lesson.el 105-firewall-review-quiz.el ``` Status: ``` Needs lesson Needs quiz Needs review ``` ## Weak Area: Quotas and repquota Missed area: ``` Quota reporting and quota command roles ``` Correct concept: ``` repquota reports quota usage. quotaon enables quotas. quotaoff disables quotas. quotacheck checks or builds quota files/databases. edquota edits user or group quota limits. ``` Exam wording trap: ``` "Report quotas" points to repquota, not quotaon. "Enable quotas" points to quotaon, not repquota. "Edit quotas" points to edquota. ``` Commands/files to remember: ``` repquota -a quotaon -a quotaoff -a quotacheck edquota /etc/fstab usrquota grpquota ``` Future lesson topic: ``` 106-storage-lvm-quotas-lesson.el 107-storage-lvm-quotas-quiz.el ``` Status: ``` Needs lesson Needs quiz ``` ## Weak Area: LVM Missed area: ``` LVM command recognition and PV/VG/LV relationships ``` Correct concept: ``` A physical volume is storage prepared for LVM. A volume group is a pool of storage made from one or more physical volumes. A logical volume is usable storage created from a volume group. ``` Exam wording trap: ``` "Create a volume group" means vgcreate. "Create a logical volume" means lvcreate. "List logical volumes" means lvs. ``` Commands/files to remember: ``` pvcreate vgcreate lvcreate pvs vgs lvs pvdisplay vgdisplay lvdisplay lvextend resize2fs xfs_growfs ``` Future lesson topic: ``` 106-storage-lvm-quotas-lesson.el 107-storage-lvm-quotas-quiz.el ``` Status: ``` Needs lesson Needs quiz ``` ## Weak Area: Filesystem Usage Tools Missed area: ``` Choosing between df, du, lsblk, blkid, and findmnt ``` Correct concept: ``` df shows mounted filesystem usage. du shows file or directory space usage. lsblk lists block devices. blkid shows block device identifiers and filesystem attributes. findmnt shows mounted filesystems. ``` Exam wording trap: ``` "How full is the filesystem?" usually means df. "How large is this directory?" usually means du. "Show disks and partitions" usually means lsblk. ``` Commands/files to remember: ``` df -h du -sh PATH lsblk lsblk -f blkid findmnt /etc/fstab mount -a ``` Future lesson topic: ``` 106-storage-lvm-quotas-lesson.el 107-storage-lvm-quotas-quiz.el ``` Status: ``` Needs lesson Needs quiz ``` ## Weak Area: Boot Process, GRUB2, and systemd Missed area: ``` Bootloader location, kernel startup, PID 1, and service management ``` Correct concept: ``` GRUB2 loads the Linux kernel and initramfs. The kernel starts the first userspace process. On most modern Linux systems, PID 1 is systemd. systemctl controls systemd services. ``` Exam wording trap: ``` "PID 1" usually points to systemd on modern Linux. "Regenerate GRUB2 configuration" points to grub2-mkconfig or the distro equivalent. "Enable a service at boot" is not the same as starting it immediately. ``` Commands/files to remember: ``` ps -p 1 -o pid,comm,args systemctl status SERVICE systemctl start SERVICE systemctl enable SERVICE systemctl is-enabled SERVICE systemctl daemon-reload grub2-mkconfig /etc/default/grub /boot/grub2/grub.cfg /boot/efi ``` Future lesson topic: ``` 108-boot-grub-systemd-lesson.el 109-boot-grub-systemd-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Kernel Modules Missed area: ``` Listing, loading, removing, and inspecting kernel modules ``` Correct concept: ``` lsmod lists loaded kernel modules. modprobe loads or removes modules and handles dependencies. modinfo shows information about a module. rmmod removes a module but does not handle dependencies as well as modprobe. ``` Exam wording trap: ``` "List loaded modules" means lsmod. "Load a module with dependencies" means modprobe. "Remove a module with dependency handling" means modprobe -r. ``` Commands/files to remember: ``` lsmod modprobe MODULE modprobe -r MODULE modinfo MODULE rmmod MODULE depmod uname -r /lib/modules/$(uname -r)/ ``` Future lesson topic: ``` 110-kernel-modules-hardware-lesson.el 111-kernel-modules-hardware-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: SSH Configuration Precedence Missed area: ``` User-specific SSH client config versus system-wide SSH client config ``` Correct concept: ``` User SSH client config is normally ~/.ssh/config. System-wide SSH client config is normally /etc/ssh/ssh_config. The SSH server config is normally /etc/ssh/sshd_config. User-specific client settings generally override system-wide client settings. ``` Exam wording trap: ``` Do not confuse ssh_config with sshd_config. ssh_config is client configuration. sshd_config is server daemon configuration. ``` Commands/files to remember: ``` ~/.ssh/config /etc/ssh/ssh_config /etc/ssh/sshd_config ssh -F CONFIGFILE HOST sshd -T systemctl status sshd systemctl status ssh ``` Future lesson topic: ``` 112-ssh-config-precedence-lesson.el 113-ssh-config-precedence-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Network Services and Ports Missed area: ``` Service name to port/protocol mapping ``` Correct concept: ``` /etc/services maps service names to port numbers and protocols. getent services can query service mappings. ``` Exam wording trap: ``` A question asking about named services and port numbers often points to /etc/services. ``` Commands/files to remember: ``` /etc/services getent services ssh grep '^ssh' /etc/services ss -tulpen ``` Future lesson topic: ``` 114-network-services-firewall-lesson.el 115-network-services-firewall-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: netfilter, iptables, and nftables Missed area: ``` Linux packet filtering framework and related tools ``` Correct concept: ``` netfilter is the Linux kernel packet filtering framework. iptables and nftables are userspace tools for managing packet filtering rules. nftables is the newer framework/tooling commonly replacing many iptables workflows. ``` Exam wording trap: ``` "Kernel packet filtering framework" points to netfilter. "Firewall rules on modern Linux" may point to nftables. ``` Commands/files to remember: ``` nft list ruleset iptables -L firewall-cmd ufw status ss -tulpen ``` Future lesson topic: ``` 114-network-services-firewall-lesson.el 115-network-services-firewall-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Bandwidth and Network Testing Tools Missed area: ``` Choosing tools for network scanning, throughput testing, and interface inspection ``` Correct concept: ``` nmap scans hosts and ports. iperf tests network throughput. ip shows addresses, routes, and links. ss shows sockets. tcpdump captures packets. ``` Exam wording trap: ``` "Throughput test" usually means iperf. "Port scan" usually means nmap. "Socket/listening port inspection" usually means ss. "Packet capture" usually means tcpdump. ``` Commands/files to remember: ``` nmap iperf ip addr ip route ip link ss -tulpen tcpdump ``` Future lesson topic: ``` 116-network-diagnostics-lesson.el 117-network-diagnostics-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Permissions and ACLs Missed area: ``` Directory permissions, ACL inspection, and ACL removal ``` Correct concept: ``` Directory read permission allows listing names. Directory execute permission allows traversal. getfacl views ACLs. setfacl modifies ACLs. setfacl -b removes ACL entries. ``` Exam wording trap: ``` To access a file inside a directory, execute permission is needed on the directory path. To list directory contents, read permission is needed on the directory. ACL questions usually point to getfacl or setfacl. ``` Commands/files to remember: ``` ls -ld DIR chmod chown chgrp getfacl FILE setfacl -m setfacl -x setfacl -b ``` Future lesson topic: ``` 118-permissions-acls-lesson.el 119-permissions-acls-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: User and Group Management Missed area: ``` Password aging, group membership, and account defaults ``` Correct concept: ``` /etc/passwd stores basic user account information. /etc/shadow stores password hashes and password aging information. /etc/group stores group information. usermod -aG appends supplementary group membership. login.defs defines UID/GID ranges and default password aging policy values. ``` Exam wording trap: ``` Password aging is associated with /etc/shadow, chage, and login.defs, not /etc/passwd alone. When adding a user to a supplementary group, use usermod -aG, not just -G. ``` Commands/files to remember: ``` /etc/passwd /etc/shadow /etc/group /etc/login.defs useradd usermod -aG GROUP USER groupmod -n passwd chage id groups ``` Future lesson topic: ``` Already covered in 102-user-management-lesson.el and 103-user-management-quiz.el. Review if quiz score is weak. ``` Status: ``` Needs review ``` ## Weak Area: cron and Scheduled Tasks Missed area: ``` Cron field order and scheduled command recognition ``` Correct concept: ``` Cron field order is minute, hour, day of month, month, day of week, command. ``` Exam wording trap: ``` Do not confuse hour and minute fields. Do not confuse day-of-month with day-of-week. ``` Commands/files to remember: ``` crontab -e crontab -l /etc/crontab /etc/cron.d/ /etc/cron.daily/ /etc/cron.hourly/ systemctl list-timers ``` Future lesson topic: ``` 120-scheduled-tasks-cron-lesson.el 121-scheduled-tasks-cron-quiz.el ``` Status: ``` Needs lesson Needs quiz ``` ## Weak Area: Backup, Archive, and Sync Tools Missed area: ``` Choosing between rsync, tar, compression tools, and copy commands ``` Correct concept: ``` rsync is useful for efficient file synchronization and backups. tar creates archives. gzip, bzip2, and xz compress data. cp copies files. ``` Exam wording trap: ``` "Local backup of a large file or directory while preserving metadata" often points to rsync. "Create an archive" points to tar. "Compress data" points to gzip, bzip2, or xz. ``` Commands/files to remember: ``` rsync -avh SOURCE DEST rsync -avh --progress SOURCE DEST tar -cf archive.tar DIR tar -czf archive.tar.gz DIR tar -xvf archive.tar gzip bzip2 xz ``` Future lesson topic: ``` 122-backup-archive-sync-lesson.el 123-backup-archive-sync-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: File and Directory Operations Missed area: ``` Using ls -d, mv safety options, sort fields, and command selection ``` Correct concept: ``` ls -d shows the directory entry itself instead of listing its contents. mv can move or rename files. mv -i prompts before overwrite. mv -v shows operations. sort -k sorts by a field. sort -r reverses sort order. ``` Exam wording trap: ``` "Show metadata for the directory itself" points to ls -ld. "Sort by a specific column" points to sort -k. "Prompt before overwrite" points to -i. "Verbose output" points to -v. ``` Commands/files to remember: ``` ls -ld DIR mv -i OLD NEW mv -v OLD NEW sort FILE sort -k 2 FILE sort -k 2 -n FILE sort -r FILE ``` Future lesson topic: ``` Already partly covered by file-search and permissions topics. Add focused review only if needed. ``` Status: ``` Needs review ``` ## Weak Area: Process and CPU Fields Missed area: ``` Interpreting top CPU fields and process display output ``` Correct concept: ``` top shows CPU and process activity. %us or us is user CPU time. %sy or sy is system/kernel CPU time. %id or id is idle CPU time. %st or st is stolen CPU time in virtualized environments. ``` Exam wording trap: ``` "Stolen time" is associated with virtualization. "User CPU time" is not the same as system/kernel CPU time. ``` Commands/files to remember: ``` top ps aux ps -ef uptime free -h ``` Future lesson topic: ``` Already covered in 20-top-cpu-fields-lesson.el and 21-top-cpu-fields-quiz.el. Review if quiz score is weak. ``` Status: ``` Needs review ``` ## Weak Area: Logs and Authentication Missed area: ``` Security log locations and filtering log output ``` Correct concept: ``` Authentication and security events may appear in /var/log/secure on Red Hat-family systems. Debian-family systems often use /var/log/auth.log. journalctl queries the systemd journal. ``` Exam wording trap: ``` Distribution family matters for auth/security log file names. systemd journal questions often point to journalctl. ``` Commands/files to remember: ``` /var/log/secure /var/log/auth.log journalctl journalctl -u SERVICE journalctl -f grep awk sed tail -f ``` Future lesson topic: ``` Already covered in 30-auth-log-lesson.el, 31-auth-log-quiz.el, 80-log-filtering-lesson.el, and 81-log-filtering-quiz.el. Review if quiz score is weak. ``` Status: ``` Needs review ``` ## Weak Area: Package Management Missed area: ``` Package installation, dependency queries, and package manager recognition ``` Correct concept: ``` rpm installs and queries RPM packages directly. yum or dnf manage packages and dependencies on Red Hat-family systems. apt manages packages on Debian-family systems. yum deplist can show dependencies. ``` Exam wording trap: ``` rpm works directly with RPM packages but does not resolve dependencies like yum/dnf. Distribution family matters. ``` Commands/files to remember: ``` rpm -ivh PACKAGE.rpm rpm -qa rpm -qi PACKAGE yum deplist PACKAGE dnf install PACKAGE apt update apt install PACKAGE ``` Future lesson topic: ``` Already covered in 40-package-management-lesson.el and 41-package-management-quiz.el. Review if quiz score is weak. ``` Status: ``` Needs review ``` ## Weak Area: Mail Filtering and Redirection Missed area: ``` Automatic mail processing, filtering, and redirection ``` Correct concept: ``` Mail filters can automatically process, redirect, sort, or deliver incoming mail based on rules. Depending on the system, this may involve procmail, sieve, aliases, forwarding files, or MTA rules. ``` Exam wording trap: ``` "Automatically redirects incoming mail" points to a mail filter or mail-processing rule, not a user shell alias. ``` Commands/files to remember: ``` /etc/aliases ~/.forward procmail sieve postfix sendmail mailq newaliases ``` Future lesson topic: ``` 124-mail-filtering-redirection-lesson.el 125-mail-filtering-redirection-quiz.el ``` Status: ``` Needs lesson Needs quiz ``` ## Weak Area: Web Services and Load Balancing Missed area: ``` nginx service role recognition ``` Correct concept: ``` nginx can function as a web server, reverse proxy, and load balancer. ``` Exam wording trap: ``` Do not limit nginx to static web serving only. If the question mentions web serving plus load balancing or reverse proxying, nginx may be correct. ``` Commands/files to remember: ``` nginx systemctl status nginx /etc/nginx/nginx.conf /etc/nginx/conf.d/ ``` Future lesson topic: ``` 126-web-services-load-balancing-lesson.el 127-web-services-load-balancing-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Databases and Data Models Missed area: ``` MongoDB storage/data model recognition ``` Correct concept: ``` MongoDB is a document database. MongoDB uses JSON-style documents and stores data internally as BSON. ``` Exam wording trap: ``` MongoDB is not a traditional row/table-only relational database. Questions mentioning JSON-style documents or BSON likely point to MongoDB. ``` Commands/files to remember: ``` MongoDB JSON BSON document database ``` Future lesson topic: ``` 128-databases-data-models-lesson.el 129-databases-data-models-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Cloud Storage and Azure Blob Missed area: ``` Cloud object storage recognition ``` Correct concept: ``` Azure Blob Storage is object storage for unstructured data. ``` Exam wording trap: ``` "Object storage" and "unstructured data" may point to Azure Blob Storage in Azure-related questions. ``` Commands/files to remember: ``` Azure Blob Storage object storage unstructured data cloud storage ``` Future lesson topic: ``` 130-cloud-storage-lesson.el 131-cloud-storage-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Containers and Orchestration Missed area: ``` Container orchestration engine recognition ``` Correct concept: ``` Kubernetes is a container orchestration platform. Container orchestration manages deployment, scaling, scheduling, and operation of containers. ``` Exam wording trap: ``` "Container orchestration" often points to Kubernetes. ``` Commands/files to remember: ``` Kubernetes kubectl container orchestration pods deployments services ``` Future lesson topic: ``` 132-containers-orchestration-lesson.el 133-containers-orchestration-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Git Recognition Missed area: ``` Version control tool recognition ``` Correct concept: ``` Git is a distributed version control system. ``` Exam wording trap: ``` Questions asking about source code version control usually point to Git. ``` Commands/files to remember: ``` git status git add git commit git log git diff git clone git pull git push ``` Future lesson topic: ``` 134-git-version-control-lesson.el 135-git-version-control-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: /etc/securetty Missed area: ``` Root login terminal restrictions ``` Correct concept: ``` /etc/securetty controls which terminals root may log in from on systems that honor it. ``` Exam wording trap: ``` "Which terminals permit root login?" points to /etc/securetty. ``` Commands/files to remember: ``` /etc/securetty root login TTY console ``` Future lesson topic: ``` 136-login-security-lesson.el 137-login-security-quiz.el ``` Status: ``` Needs review ``` ## Weak Area: Shell Navigation Missed area: ``` Returning to the previous working directory ``` Correct concept: ``` cd - returns to the previous working directory. ``` Exam wording trap: ``` cd .. moves to the parent directory. cd - moves to the previous working directory. ``` Commands/files to remember: ``` pwd cd cd .. cd - cd ~ ``` Future lesson topic: ``` Can be included in a shell basics or file operations review lesson. ``` Status: ``` Needs review ``` ## Weak Area: Web Search/File Search Command Recognition Missed area: ``` Finding files, searching contents, and matching command to search task ``` Correct concept: ``` find searches by file attributes and paths. grep searches text contents. locate uses a database to find paths quickly. which finds commands in PATH. whereis locates binary, source, and manual page files. ``` Exam wording trap: ``` "Search inside files" points to grep. "Find files by name, size, time, owner, or permissions" points to find. "Fast path lookup from a database" points to locate. ``` Commands/files to remember: ``` find grep locate updatedb which whereis type ``` Future lesson topic: ``` Already covered in 90-file-search-lesson.el and 91-file-search-quiz.el. Review if quiz score is weak. ``` Status: ``` Needs review ``` ## Review Queue Use this queue when deciding future lesson order. Immediate next lesson: ``` 104-firewall-review-lesson.el 105-firewall-review-quiz.el ``` Recommended follow-up sequence: ``` 106-storage-lvm-quotas-lesson.el 107-storage-lvm-quotas-quiz.el 108-boot-grub-systemd-lesson.el 109-boot-grub-systemd-quiz.el 110-kernel-modules-hardware-lesson.el 111-kernel-modules-hardware-quiz.el 114-network-services-firewall-lesson.el 115-network-services-firewall-quiz.el 120-scheduled-tasks-cron-lesson.el 121-scheduled-tasks-cron-quiz.el 122-backup-archive-sync-lesson.el 123-backup-archive-sync-quiz.el 124-mail-filtering-redirection-lesson.el 125-mail-filtering-redirection-quiz.el 130-cloud-storage-lesson.el 131-cloud-storage-quiz.el 132-containers-orchestration-lesson.el 133-containers-orchestration-quiz.el ``` ## Quick Command Association Drill Review this section frequently. ``` repquota -a -> report quotas quotaon -a -> enable quotas quotaoff -a -> disable quotas edquota -> edit quotas quotacheck -> check/build quota files pvcreate -> create physical volume vgcreate -> create volume group lvcreate -> create logical volume pvs -> list physical volumes vgs -> list volume groups lvs -> list logical volumes lvextend -> extend logical volume df -h -> mounted filesystem usage du -sh PATH -> file/directory usage lsblk -> block devices blkid -> UUID/filesystem attributes findmnt -> mounted filesystems /etc/fstab -> persistent mount configuration ps -p 1 -> inspect PID 1 systemctl -> manage systemd services grub2-mkconfig -> generate GRUB2 configuration lsmod -> list loaded kernel modules modprobe -> load module with dependencies modprobe -r -> remove module with dependency handling modinfo -> show module information /etc/services -> service names to port/protocol mappings netfilter -> kernel packet filtering framework nftables -> modern packet filtering rules tool iptables -> older/common packet filtering rules tool getfacl -> view ACLs setfacl -> modify ACLs setfacl -b -> remove ACL entries firewall-cmd --runtime-to-permanent -> save firewalld runtime rules sudo ufw status numbered -> view numbered UFW rules sudo ufw deny 22/tcp -> block SSH with UFW /etc/hosts.deny -> DenyHosts/book IDS association crontab -e -> edit user cron jobs crontab -l -> list user cron jobs minute hour dom month dow command -> cron field order rsync -avh -> sync/backup while preserving metadata tar -> archive files gzip/bzip2/xz -> compress data nginx -> web server, reverse proxy, load balancer MongoDB -> JSON-style documents stored as BSON Azure Blob -> object storage for unstructured data Kubernetes -> container orchestration Git -> version control /etc/securetty -> root login terminal restrictions cd - -> previous working directory ``` ## Score/Status Notes Add quiz results here after completing topic quizzes. Example format: ``` Date: Lesson: Quiz: Score: Missed: Next action: ``` ## Current Notes ``` Date: Lesson: Quiz: Score: Missed: Next action: ``` ## Project maintenance note: file update helpers The project now includes an Emacs Lisp helper file for safe updates to existing project files: 07-linuxplus-update-files.el Use this when updating existing Markdown files such as `STUDY.md` and `RECOVERY.md`. Useful commands: M-x linuxplus-update-help M-x linuxplus-apply-firewall-score-update M-x linuxplus-update-replace-section-with-region M-x linuxplus-update-insert-region-before-heading The update helpers create numbered `.bak.N` backup files before writing changes. This is preferred over hand-written patch hunks for small project documentation updates.