Software and technical overview of Ubuntu 20.04 LTS server edition

Software

root@srv:~# dpkg-query -l|wc -l
582
root@srv:~# df -h /
Filesystem      Size  Used Avail Use% Mounted on
/dev/sdb2       117G   11G  100G  10% /

Security

1. Mandatory Access Control (MAC) system – AppArmor is in enforce mode.

   root@srv:~# apparmor_status 
   apparmor module is loaded.
   28 profiles are loaded.
   28 profiles are in enforce mode.
      /snap/snapd/7264/usr/lib/snapd/snap-confine
      /snap/snapd/7264/usr/lib/snapd/snap-confine//mount-namespace-capture-helper
      /usr/bin/man
      /usr/lib/NetworkManager/nm-dhcp-client.action
      /usr/lib/NetworkManager/nm-dhcp-helper
      /usr/lib/connman/scripts/dhclient-script
      /usr/lib/snapd/snap-confine
      /usr/lib/snapd/snap-confine//mount-namespace-capture-helper
      /usr/sbin/tcpdump
      /{,usr/}sbin/dhclient
      lsb_release
      man_filter
      man_groff
      nvidia_modprobe
      nvidia_modprobe//kmod
      snap-update-ns.lxd
      snap.lxd.activatemyserver
      snap.lxd.benchmark
      snap.lxd.buginfo
      snap.lxd.check-kernel
      snap.lxd.daemon
      snap.lxd.hook.configure
      snap.lxd.hook.install
      snap.lxd.hook.remove
      snap.lxd.lxc
      snap.lxd.lxc-to-lxd
      snap.lxd.lxd
      snap.lxd.migrate
   0 profiles are in complain mode.
   0 processes have profiles defined.
   0 processes are in enforce mode.
   0 processes are in complain mode.
   0 processes are unconfined but have a profile defined.
   

2. Network firewall – None. By default the iptables is installed with no rules and the firewalld is not installed.

Storage

Default installation on a single disk, which has only free space on you disk or you reclaimed all the occupied space during installation. Ubuntu 20.04 LTS needs arround 11G space for the default installation, so if you select a destination disk, which has less than 11G of space you should delete existing partitions to free up space or let Ubuntu 20.04 LTS installer to do default installation asking you to reclaim the disk space. We used the whole disk for the installation.
By default Ubuntu 20.04 LTS server uses.

1. ext4 – file system
2. 3 separate partitions – boot efi, swap and root.
3. root, home and swap partitions. No device mapper or LVM2.
4. /boot, root and home on the same partition.
5. vfat – boot efi partition.

Ubuntu server 20.04 LTS

1. Disk layout

   root@srv:~# parted -l
   Model: ATA KINGSTON SNV425S (scsi)
   Disk /dev/sda: 128GB
   Sector size (logical/physical): 512B/512B
   Partition Table: gpt
   Disk Flags: 
   
   Number  Start   End     Size    File system  Name                  Flags
    1      1049kB  630MB   629MB   fat32        EFI System Partition  boot, esp
    2      630MB   1704MB  1074MB  ext4
    3      1704MB  128GB   126GB
   

2. Mounted Partitions

   root@srv:~# df -h
   Filesystem      Size  Used Avail Use% Mounted on
   udev             12G     0   12G   0% /dev
   tmpfs           2.4G  1.9M  2.4G   1% /run
   /dev/sdb2       117G   11G  100G  10% /
   tmpfs            12G     0   12G   0% /dev/shm
   tmpfs           5.0M     0  5.0M   0% /run/lock
   tmpfs            12G     0   12G   0% /sys/fs/cgroup
   /dev/sdb1       511M  7.8M  504M   2% /boot/efi
   /dev/loop0       55M   55M     0 100% /snap/core18/1705
   /dev/loop1       28M   28M     0 100% /snap/snapd/7264
   /dev/loop2       69M   69M     0 100% /snap/lxd/14804
   /dev/loop3       55M   55M     0 100% /snap/core18/1754
   tmpfs           2.4G     0  2.4G   0% /run/user/1000
   /dev/loop4       70M   70M     0 100% /snap/lxd/15067
   

Partitions in configuration:

root@srv:~# cat /etc/fstab 
# /etc/fstab: static file system information.
#
# Use 'blkid' to print the universally unique identifier for a
# device; this mmyserveray be used with UUID= as a more robust way to name devices
# that works even if disks are added and removed. See fstab(5).
#
# <file system> <mount point>   <type>  <options>       <dump>  <pass>
# / was on /dev/sdb2 during curtin installation
/dev/disk/by-uuid/618296f2-84ee-4837-9f2a-a550c39a4001 / ext4 defaults 0 0
# /boot/efi was on /dev/sdb1 during curtin installation
/dev/disk/by-uuid/EDE7-EF2D /boot/efi vfat defaults 0 0
/swap.img       none    swap    sw      0       0

3. File system layout

   root@srv:~# ls -al /
   total 8388688
   drwxr-xr-x  20 root root       4096 May 15 13:55 .
   drwxr-xr-x  20 root root       4096 May 15 13:55 ..
   lrwxrwxrwx   1 root root          7 Apr 23 07:32 bin -> usr/bin
   drwxr-xr-x   4 root root       4096 May 20 06:34 boot
   drwxr-xr-x   2 root root       4096 May 15 13:54 cdrom
   drwxr-xr-x  21 root root       4820 May 19 18:55 dev
   drwxr-xr-x  93 root root       4096 May 20 06:35 etc
   drwxr-xr-x   3 root root       4096 May 15 14:00 home
   lrwxrwxrwx   1 root root          7 Apr 23 07:32 lib -> usr/lib
   lrwxrwxrwx   1 root root          9 Apr 23 07:32 lib32 -> usr/lib32
   lrwxrwxrwx   1 root root          9 Apr 23 07:32 lib64 -> usr/lib64
   lrwxrwxrwx   1 root root         10 Apr 23 07:32 libx32 -> usr/libx32
   drwx------   2 root root      16384 May 15 13:53 lost+found
   drwxr-xr-x   2 root root       4096 Apr 23 07:32 media
   drwxr-xr-x   2 root root       4096 Apr 23 07:32 mnt
   drwxr-xr-x   2 root root       4096 Apr 23 07:32 opt
   dr-xr-xr-x 447 root root          0 May 19 18:55 proc
   drwx------   4 root root       4096 May 15 14:01 root
   drwxr-xr-x  28 root root        940 May 20 10:41 run
   lrwxrwxrwx   1 root root          8 Apr 23 07:32 sbin -> usr/sbin
   drwxr-xr-x   6 root root       4096 May 15 14:00 snap
   drwxr-xr-x   2 root root       4096 Apr 23 07:32 srv
   -rw-------   1 root root 8589934592 May 15 13:55 swap.img
   dr-xr-xr-x  13 root root          0 May 19 18:55 sys
   drwxrwxrwt  11 root root       4096 May 20 10:47 tmp
   drwxr-xr-x  14 root root       4096 Apr 23 07:34 usr
   drwxr-xr-x  13 root root       4096 Apr 23 07:35 var