Top 20 Linux commands you should know


Let’s not talk about basic commands like ls,cd, rm, mkdir, touch, vi etc. There are several important linux commands which are very useful and we will try to cover some of them in this page.

1. find

find command is used to find files, dirs etc in any directory (which can have subdirectories). I use it all the time because of various options available.

When to use find?

  • If you are searching for a certain text in complex dir. structure
  • If you want to find list of files which are older than x days etc
  • if you want to find files having a certain pattern.

Some examples:

[root@bitarray lib]# find . -type f  -name "*k.xml"
./firewalld/zones/block.xml
./firewalld/zones/work.xml
[root@bitarray lib]# 



find files (*.conf) recursively which have “centos” in their content

[root@bitarray etc]# find . -name "*.conf" |xargs grep centos
./yum.conf:bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum
./yum.conf:distroverpkg=centos-release
./chrony.conf:server 0.centos.pool.ntp.org iburst
./chrony.conf:server 1.centos.pool.ntp.org iburst
./chrony.conf:server 2.centos.pool.ntp.org iburst
./chrony.conf:server 3.centos.pool.ntp.org iburst

you can use mtime (modified time), ctime (change time) options they are very useful.


2. netstat/ss

Do you want to see all connections (incoming and outgoing) from your server? How about interface details/stats?

“Replacement for netstat is ss. Replacement for netstat -r is ip route. Replacement for netstat -i is ip -s link. Replacement for netstat -g is ip maddr.”

netstat has tons of options, let’s see some basic usage.

Details of interface stats.

[root@localhost Downloads]# netstat -i
Kernel Interface table
Iface      MTU    RX-OK RX-ERR RX-DRP RX-OVR    TX-OK TX-ERR TX-DRP TX-OVR Flg
lo       65536   119123      0      0 0        119123      0      0      0 LRU
virbr0    1500        0      0      0 0             0      0      0      0 BMU
wlo1      1500  9018486      0      0 0       4749273      0      0      0 BMRU
[root@localhost Downloads]# 

incoming and outgoing connections

[root@localhost Downloads]# netstat -an
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN     
tcp        0      0 192.168.122.1:53        0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.1:25            0.0.0.0:*               LISTEN     
tcp        0      1 192.168.86.119:38500    74.125.22.188:5228      FIN_WAIT1  
tcp       69      0 192.168.86.119:39832    74.125.22.157:443       ESTABLISHED
tcp        0      1 192.168.86.119:35286    52.84.26.53:443         FIN_WAIT1  
tcp        0      0 192.168.86.119:36734    172.217.10.4:80         ESTABLISHED
tcp        0      1 192.168.86.119:46988    172.217.11.6:443        FIN_WAIT1  
tcp        0      0 192.168.86.119:56982    52.207.46.4:443         ESTABLISHED
tcp        0      0 192.168.86.119:36640    52.84.32.61:443         ESTABLISHED
tcp        0      1 192.168.86.119:34090    192.0.77.32:443         FIN_WAIT1  
tcp        0      1 192.168.86.119:47528    172.217.11.14:443       FIN_WAIT1  
tcp        0      1 192.168.86.119:41214    81.52.133.57:80         FIN_WAIT1  
tcp        0      0 192.168.86.119:54362    34.231.94.204:443       ESTABLISHED
tcp        0      0 192.168.86.119:41598    172.217.3.100:443       ESTABLISHED
tcp        0      1 192.168.86.119:39784    172.217.7.3:80          FIN_WAIT1  
tcp        0      1 192.168.86.119:43052    172.217.11.2:80         FIN_WAIT1  
tcp        0      1 192.168.86.119:43202    199.16.156.73:443       FIN_WAIT1  
tcp        0      0 192.168.86.119:39830    74.125.22.157:443       ESTABLISHED
tcp        0      1 192.168.86.119:52080    23.21.229.230:443       FIN_WAIT1  
tcp        0      0 192.168.86.119:57230    172.217.6.227:443       ESTABLISHED
tcp        1      1 192.168.86.119:38262    104.20.2.47:80          LAST_ACK   
tcp        0      1 192.168.86.119:42770    172.217.11.3:443        FIN_WAIT1  
tcp        0      1 192.168.86.119:37758    104.16.204.165:443      FIN_WAIT1  
tcp        0      1 192.168.86.119:50932    23.194.120.35:80        FIN_WAIT1  
tcp        0      1 192.168.86.119:34804    172.217.7.10:80         FIN_WAIT1  
tcp        0      0 192.168.86.119:58552    52.205.217.39:443       ESTABLISHED
tcp        0      1 192.168.86.119:36088    172.217.10.68:80        FIN_WAIT1  

you can add -p option to get pids!

ss -s (will give you summary)

[root@localhost bin]# ss -s
Total: 978 (kernel 1153)
TCP:   40 (estab 27, closed 2, orphaned 0, synrecv 0, timewait 1/0), ports 0

Transport Total     IP        IPv6
*	  1153      -         -        
RAW	  1         0         1        
UDP	  11        8         3        
TCP	  38        34        4        
INET	  50        42        8        
FRAG	  0         0         0        

 


3. ps

ps is very useful command and is heavily used to get details of a running process, it has tons of options

ps -ef — to get list of processes running

ps auxwww — wide format

ps -eo rss,pid,lstart,cmd — ps to get rss (memory utilization), pid, lstart( time when process was started), command

to view all thereads?

#ps -eLf
UID        PID  PPID   LWP  C NLWP STIME TTY          TIME CMD
mysql    31140     1  6849  0   36 Nov01 ?        00:00:05 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
mysql    31140     1  6851  0   36 Nov01 ?        00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
mysql    31140     1  6855  0   36 Nov01 ?        00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
mysql    31140     1  6857  0   36 Nov01 ?        00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
mysql    31140     1  6865  0   36 Nov01 ?        00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid
...

 


4. rsync

rsync is used to sync files and directories on two different storage locations. rsync has various options and can get complicated. It has many options (it can wipe out source location if options are not set properly). For copying critical data always run/test it (especially if you are trying any new options). It checks/compares source and target destinations based on size and modification time (these options are by default and can be changed to checksum using -c option).

-a  archive mode

-n dry run

-v verbose

rsync -avz source_host:src/dir /tmp

above command will sync dir on source_host to /tmp on current host.

A trailing slash on a source as means “copy the contents of this directory” as opposed to “copy the directory by name”


5. chgrp, chown

To change ownership of files. Very useful. Lot of times we unknowingly create files with the wrong userid and original userid cannot read/write.

#chgrp root <filename> # to change group ownership
#chown root <filename> # to change file ownership

-R can be used to change group/file ownership

 


6. scp

you can scp to copy files between two machines (you will need public/private keys setup for passwordless scp)

example

#scp /path/to/file userid@xyx.com:/path/to/copy

user -r for recursively copying dir.

 


7. tar

Widely used to create tarball –  create packages, backups etc

create trarball from a directory:

#tar -cvzf error.tar.gz  httpd/error_log*

uncompress tarball:

#tar -xvzf error.tar.gz

 


8. free

To check free memory available in box.

[root@localhost bin]# free -g
              total        used        free      shared  buff/cache   available
Mem:              31          28          0           0           2           2
Swap:             7           0           7
[root@localhost bin]# 

 


9. ifconfig/ip

[root@bitarray httpd]# ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether d6:73:e1:40:0b:16 brd ff:ff:ff:ff:ff:ff
[root@bitarray httpd]# 


[root@bitarray httpd]# ip  route
default via 45.55.32.1 dev eth0 
10.17.0.0/16 dev eth0  proto kernel  scope link  src 10.17.0.6 
45.55.32.0/19 dev eth0  proto kernel  scope link  src 45.55.35.71 
169.254.0.0/16 dev eth0  scope link  metric 1002 

[root@bitarray httpd]# ifconfig -a
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 45.55.35.71  netmask 255.255.224.0  broadcast 45.55.63.255
        inet6 fe80::d473:e1ff:fe40:b16  prefixlen 64  scopeid 0x20<link>
        ether d6:73:e1:40:0b:16  txqueuelen 1000  (Ethernet)
        RX packets 2728904  bytes 731745080 (697.8 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 2650564  bytes 1571949416 (1.4 GiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 33098  bytes 7122003 (6.7 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 33098  bytes 7122003 (6.7 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

[root@bitarray httpd]# 

To check interfaces and their stats, IP to interface mapping, packet drops etc

 


10. tee

tee is very useful, sometimes we need to run a command or script and we would like to see output on screen as well as we would like to save it to a file (at the same time)

#python abc.py | tee /tmp/out

above command will run script abc.py and display output on screen (it will also write to /tmp/out simultaneously)

 


11. nohup

You might have noticed that your command is sometimes stopped when you log off the machine (like when you logout of ssh session, even if you spawned the command in background).

#nohup command &
#exit

if you run above the command will continue to run even if you log off the box.

 


12. ping

ping <hostname>

[root@localhost /]#   ping google.com
PING google.com (172.217.6.206) 56(84) bytes of data.
64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=1 ttl=56 time=14.1 ms
64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=2 ttl=56 time=12.7 ms
64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=3 ttl=56 time=10.4 ms
64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=4 ttl=56 time=8.99 ms
^C
--- google.com ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3005ms

with -c option you can specify to stop after receiving the number of ECHO request packets

 


13. traceroute

[root@localhost /]# traceroute google.com
traceroute to google.com (172.217.12.142), 30 hops max, 60 byte packets
 1  gateway (192.168.1.1)  3.394 ms  3.410 ms  6.556 ms
 2  lo0-100.NWRKNJ-VFTTP-365.verizon-gni.net (96.242.220.1)  14.748 ms  19.509 ms  22.694 ms
 3  B3365.NWRKNJ-LCR-21.verizon-gni.net (100.41.206.198)  24.925 ms  27.265 ms  27.703 ms
 4  * * *
 5  0.et-10-0-2.GW11.EWR6.ALTER.NET (140.222.0.239)  32.342 ms 0.et-10-1-2.GW11.EWR6.ALTER.NET (140.222.0.241)  32.832 ms  32.824 ms
 6  74.125.147.14 (74.125.147.14)  34.393 ms  7.664 ms  11.656 ms
 7  * * *
 8  108.170.227.211 (108.170.227.211)  14.231 ms  15.116 ms 108.170.227.209 (108.170.227.209)  15.282 ms
 9  lga34s19-in-f14.1e100.net (172.217.12.142)  17.026 ms  16.554 ms  16.957 ms
[root@localhost /]# 

 


14. df

df can be used to show disk space usage on all mounted filesystems on your box

df -Ph #human readable

df -a # all filesystems

[root@localhost bin]# df -a
Filesystem          1K-blocks     Used Available Use% Mounted on
rootfs                      -        -         -    - /
sysfs                       0        0         0    - /sys
proc                        0        0         0    - /proc
devtmpfs              3942360        0   3942360   0% /dev
securityfs                  0        0         0    - /sys/kernel/security
tmpfs                 3958248    59920   3898328   2% /dev/shm
devpts                      0        0         0    - /dev/pts
tmpfs                 3958248    25692   3932556   1% /run
tmpfs                 3958248        0   3958248   0% /sys/fs/cgroup
cgroup                      0        0         0    - /sys/fs/cgroup/systemd
pstore                      0        0         0    - /sys/fs/pstore
efivarfs                    0        0         0    - /sys/firmware/efi/efivars
cgroup                      0        0         0    - /sys/fs/cgroup/devices
cgroup                      0        0         0    - /sys/fs/cgroup/cpu,cpuacct
cgroup                      0        0         0    - /sys/fs/cgroup/hugetlb
cgroup                      0        0         0    - /sys/fs/cgroup/pids
cgroup                      0        0         0    - /sys/fs/cgroup/net_cls,net_prio
cgroup                      0        0         0    - /sys/fs/cgroup/perf_event
cgroup                      0        0         0    - /sys/fs/cgroup/blkio
cgroup                      0        0         0    - /sys/fs/cgroup/freezer
cgroup                      0        0         0    - /sys/fs/cgroup/cpuset
cgroup                      0        0         0    - /sys/fs/cgroup/memory
configfs                    0        0         0    - /sys/kernel/config
/dev/mapper/cl-root  52403200  9139940  43263260  18% /
selinuxfs                   0        0         0    - /sys/fs/selinux
systemd-1                   -        -         -    - /proc/sys/fs/binfmt_misc
mqueue                      0        0         0    - /dev/mqueue
debugfs                     0        0         0    - /sys/kernel/debug
hugetlbfs                   0        0         0    - /dev/hugepages
nfsd                        0        0         0    - /proc/fs/nfsd
/dev/sda2             1038336   284188    754148  28% /boot
/dev/sda1              204580     9688    194892   5% /boot/efi
/dev/mapper/cl-home 188152052 18038172 170113880  10% /home
sunrpc                      0        0         0    - /var/lib/nfs/rpc_pipefs
binfmt_misc                 0        0         0    - /proc/sys/fs/binfmt_misc
tmpfs                  791652       40    791612   1% /run/user/1000
gvfsd-fuse                  0        0         0    - /run/user/1000/gvfs
fusectl                     0        0         0    - /sys/fs/fuse/connections

 


15. ssh

probably first thing you do to login to a machine …

ssh userid@ip to login to other machine ‘ip’
ssh-keygen can be used to generate public/private keys


16. iostat

iostat provides CPU statistics and devices/storage numbers

[abhishekjdl@localhost ~]$ iostat
Linux 3.10.0-514.21.2.el7.x86_64 (localhost.localdomain) 	09/29/2017 	_x86_64_	(4 CPU)

avg-cpu:  %user   %nice %system %iowait  %steal   %idle
          19.72    0.10    4.07    0.69    0.00   75.43

Device:            tps    kB_read/s    kB_wrtn/s    kB_read    kB_wrtn
sda               3.81        18.76        49.56   14557595   38453503
dm-0              0.36        10.95         3.95    8492097    3060882
dm-1              0.20         0.09         0.72      72640     560668
dm-2              3.45         7.69        44.89    5964185   34829825

It’s very useful to check latency and load on your devices, it will not provide stats for NFS shares(for that you can use nfsiostat)

what is dm-0,dm-1…? you can use lvdisplay to find which device corresponds to which partition.

lsblk is also very useful:

[root@localhost Downloads]# lsblk
NAME        MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
sda           8:0    0 238.5G  0 disk 
├─sda1        8:1    0   200M  0 part /boot/efi
├─sda2        8:2    0     1G  0 part /boot
└─sda3        8:3    0 237.3G  0 part 
  ├─cl-root 253:0    0    50G  0 lvm  /
  ├─cl-swap 253:1    0   7.8G  0 lvm  [SWAP]
  └─cl-home 253:2    0 179.5G  0 lvm  /home
[root@localhost Downloads]# 

 


17. lsof

list of open files. Quite an important command. How will you find which files are opened by a process? Like if you see a processes running and you would like to check where are the log files? Do..

#lsof -p <pid>

there is a good chance one of the entries from above output is a log file. Or you can do the reverse  (to check if a file is used by any process). just run lsof and grep for file (remember if you are non-root you may not see entire output unless setuid is set to root).

 


18. nslookup

nameserver lookup is used to find ip/domain mapping (DNS record)

[root@bitarray ~]# nslookup google.com
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
Name:	google.com
Address: 172.217.12.142

nslookup can provide mapping of DNS name to IP.

Remember reverse lookup is not always true

[root@bitarray ~]# nslookup 172.217.12.142
Server:		67.207.67.3
Address:	67.207.67.3#53

Non-authoritative answer:
142.12.217.172.in-addr.arpa	name = lga34s19-in-f14.1e100.net.

 


19. telnet

telnet can be used to communicate with another IP, process on another machine etc using telnet protocol.

Telnet is not secure and it’s sends unencrypted login information, so use it in local environment only.

[root@localhost ~]$ telnet bitarray.io 80
Trying 45.55.35.71...
Connected to bitarray.io.
Escape character is '^]'.
GET /
<!DOCTYPE html>
<!--[if lt IE 7]>

telnet is widely used to check if a process is listening on a given port, just do

#telnet <IP> <port>

fi you get Escape character is ‘^]’. that means remote process is up on that IP:Port.


20. lscpu

Display information on CPU architecture

[root@localhost abhishekjdl]# lscpu
Architecture:          x86_64
CPU op-mode(s):        32-bit, 64-bit
Byte Order:            Little Endian
CPU(s):                4
On-line CPU(s) list:   0-3
Thread(s) per core:    2
Core(s) per socket:    2
Socket(s):             1
NUMA node(s):          1
Vendor ID:             GenuineIntel
CPU family:            6
Model:                 61
Model name:            Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz
Stepping:              4
CPU MHz:               1200.093
BogoMIPS:              4788.52
Virtualization:        VT-x
L1d cache:             32K
L1i cache:             32K
L2 cache:              256K
L3 cache:              4096K
NUMA node0 CPU(s):     0-3

see threads per core is 2. You can check if hyperthreading is turned On or Not?

+ There are no comments

Add yours