LAB-PKG-03 - Archiving with Tar & Zip

Part A: The Field Guide

---

🎯 What & Why

Not all software comes through apt or dnf. Often, a developer will just hand you a single file named app-v2.tar.gz and tell you to run it.

In Windows, you are used to .zip files. A ZIP file does two things simultaneously: it bundles 10 files into 1 file, and it squishes them to save space. In Linux, these two concepts—Archiving (bundling) and Compressing (squishing)—are historically separate programs.

The universal Linux archiver is tar (Tape Archive). It takes 100 files and bundles them into one massive archive.tar (historically meant to be written to a magnetic tape drive). It does not compress the data. To save space, that .tar file is then passed through a compressor like gzip, resulting in archive.tar.gz (often abbreviated as .tgz).

---

🧠 Mental Model: The Suitcase

Think of tar as an empty suitcase.

• tar takes your 10 shirts, 5 pants, and 3 pairs of shoes and puts them neatly into one single suitcase. They still weigh 20 lbs.
• gzip is a vacuum-seal bag. It takes the entire suitcase, sucks all the air out of it, and shrinks it to half its size.

Modern versions of tar have the vacuum-seal functionality built-in as a shortcut flag, so you rarely have to run gzip manually.

---

📖 Command Reference

Extracting (Opening the suitcase)

The most common thing you will do is extract software you downloaded from the internet. Remember the phrase: “Extract Ze F-ing Files” (-xzf).

Archiving (Packing the suitcase)

When creating a backup of a directory to send to someone else, use “Create Ze F-ing Archive” (-czf).

Peeking Inside (X-raying the suitcase)

Never extract a strange tarball without looking inside it first. Sometimes the creator didn’t put the files in a neat folder; they just dumped 1,000 files in the root of the archive. If you extract that, it “tarbombs” your current directory with 1,000 files!

---

🌍 Real Scenarios

Scenario 1: The Emergency Backup You are about to modify a critical web server configuration folder /etc/nginx. Before touching anything, you make a compressed snapshot of the entire folder. sudo tar -czf ~/nginx_backup.tar.gz /etc/nginx If your edits break the server, you can instantly wipe the broken folder and restore the backup: sudo rm -rf /etc/nginx && sudo tar -xzf ~/nginx_backup.tar.gz -C /

Scenario 2: The Zip File Linux does support standard .zip files, but the tools are often not installed by default. If someone hands you data.zip, you use the unzip command, NOT tar. sudo apt install unzip unzip data.zip

---

⚠️ Gotchas & Pitfalls

1. The Order of Flags The -f flag stands for “File”. The very next argument you type must be the filename. If you type tar -fxz my_archive.tar.gz, tar will try to create an archive named exactly xz, completely ignoring your actual file! Always put f last: -xzf file.tar.gz.
2. Absolute vs Relative Paths If you run tar -czf backup.tar.gz /var/log/, tar will automatically strip the leading / and make it var/log/. This is a safety feature! If it didn’t do this, extracting that backup later would instantly overwrite your live /var/log directory instead of safely extracting into your current folder.

---

Part B: The Drill Deck

Terminal Required: Open a Linux terminal to practice compression.

---

G

Guided Step by step - type exactly this and compare the result

>

Exercise G1: Creating the Suitcase

1. Create a staging area: mkdir ~/tar_lab && cd ~/tar_lab
2. Make a dummy directory with files to pack: mkdir vault && touch vault/secret1.txt vault/secret2.txt
3. Pack and compress the vault into a backup: tar -czf vault_backup.tar.gz vault/
4. Run ls -l. You should see both the original vault folder, and the new vault_backup.tar.gz file.

Exercise G2: The Tarbomb Check

Always look before you leap. Let’s see what is inside the backup we just made.

1. Run the List (-t) command: tar -tf vault_backup.tar.gz
2. You will see it neatly lists the vault/ directory and the two files inside it. This is a “safe” tarball because everything is contained in a single root folder.

Exercise G3: Restoring from Backup

1. Let’s pretend disaster strikes. Delete the original folder: rm -rf vault/
2. Run ls. The folder is gone. Only the .tar.gz remains.
3. Extract the backup to restore it: tar -xzf vault_backup.tar.gz
4. Run ls again. The vault/ folder has returned from the dead!

S

Solo Task described, hints available - figure it out

>

Exercise S1: Verbosity is Comforting

When extracting a 5-gigabyte archive, the terminal will just sit there frozen for 30 seconds. This is anxiety-inducing. You can add the -v (Verbose) flag to make tar rapidly print the name of every file it extracts to the screen, proving it hasn’t crashed.

1. Delete the restored vault again: rm -rf vault/
2. Extract the backup again, but this time inject the v into your flags (e.g., -xzvf).
3. Notice how it verbosely told you exactly what it was unpacking!

Exercise S2: Moving the Target

By default, tar extracts exactly where you are standing. If you want to put the extracted folder somewhere else, you use the uppercase -C (Change directory) flag after the filename.

1. Ensure the vault folder is currently deleted. (Keep the .tar.gz!).
2. Extract the backup so that the vault folder appears inside the /tmp/ directory, rather than your current directory.
3. Verify it worked: ls /tmp/vault

M

Mission Real scenario - no hints, combine multiple skills

>

Mission M1: The Log Rotator

You are a Junior Sysadmin. A senior engineer asks you to archive the entire /var/log/ directory because the disk is getting full. He tells you to place the archive in your home directory (~) and name it old_logs.tar.gz.

Your Mission:

1. Formulate the single command line needed to create a compressed archive of /var/log.
2. Ensure the resulting file is saved as ~/old_logs.tar.gz.
3. You will likely need sudo because many log files are restricted to the root user!

Note: As tar packs it, it will print a warning: tar: Removing leading '/' from member names. Remember The Gotchas? This is tar safely converting absolute paths to relative ones to protect you from accidentally overwriting your real logs upon extraction!