The Systems Cheat Sheet

Systems programming introduces heavy concepts. If you ever feel lost in the terminology during the course, use this plain-English glossary to reorient yourself.

1. Cargo Quick Reference

Cargo is Rust's built-in manager. It downloads packages, compiles your code, and runs your programs.

cargo new my_project

Creates a brand new folder with a standard Rust template ready for you to code in.

cargo run

The command you will use the most. It translates your code into computer instructions and immediately launches the program.

cargo add serde

Downloads a third-party tool (called a "crate") from the internet and adds it to your project, much like installing an app on your phone.

cargo build --release

Takes longer to run, but applies heavy mathematics to optimize your code, creating a super-fast final version for the real world.

2. Rust Memory & Safety

Rust forces you to manage computer memory safely so your programs never crash unexpectedly.

Ownership

Every piece of data in Rust has exactly one owner. Think of it like holding the physical keys to a car. If you give the keys to another function (called "moving"), you no longer have the car. When the owner is finished, the car (the memory) is automatically destroyed.

Borrowing (&)

Instead of giving away your car keys permanently, you can let another function borrow the car to look at it. They can read the data, but they don't own it. Once they are done looking, you still have your car.

Lifetimes ('a)

The compiler's internal timer. If you lend your car to a friend, Lifetimes are the rule that guarantees your friend brings the car back before you sell it. It stops your program from trying to use data that has already been deleted.

The Arc<Mutex<T>> Pattern

Used in Volume 2 to safely share data between multiple background threads:
Mutex: A locked vault. Only one thread can step inside the vault to read or write the data at a time.
Arc: A bouncer that hands out maps to the vault. It counts exactly how many threads currently have a map, and only demolishes the vault when the count reaches zero.

3. Linux OS & eBPF

Concepts from Volume 3 dealing directly with the core of the Linux Operating System.

Namespaces

Imagine putting a program inside a totally soundproof, windowless room. The program thinks it is the only application running on the entire computer, completely blind to anything outside its room. This is the exact underlying magic that makes Docker containers work!

eBPF (Extended Berkeley Packet Filter)

A superpower built into modern Linux. It allows you to inject tiny, super-fast mini-programs deep into the core operating system (the Kernel) while it is running, without needing to reboot the computer or risk crashing the machine.

sys_execve

The master gateway of Linux. Every single time a user or an application tries to start a new program, the operating system forces it to walk through this specific, invisible door.

KProbes (Kernel Probes)

Security cameras you can attach to internal Linux doors (like sys_execve). Whenever the door opens, the KProbe takes a snapshot of exactly who opened it and what they are trying to run, sending that intelligence back to your Sentinel dashboard.

Return to Course Index