Top 20 Linux commands you should know
Let’s not talk about basic commands like ls,cd, rm, mkdir, touch, vi etc. There are several important linux commands which are very useful and we will try to cover some of them in this page.
1. find
find command is used to find files, dirs etc in any directory (which can have subdirectories). I use it all the time because of various options available.
When to use find?
- If you are searching for a certain text in complex dir. structure
- If you want to find list of files which are older than x days etc
- if you want to find files having a certain pattern.
Some examples:
[root@bitarray lib]# find . -type f -name "*k.xml" ./firewalld/zones/block.xml ./firewalld/zones/work.xml [root@bitarray lib]#
find files (*.conf) recursively which have “centos” in their content
[root@bitarray etc]# find . -name "*.conf" |xargs grep centos ./yum.conf:bugtracker_url=http://bugs.centos.org/set_project.php?project_id=23&ref=http://bugs.centos.org/bug_report_page.php?category=yum ./yum.conf:distroverpkg=centos-release ./chrony.conf:server 0.centos.pool.ntp.org iburst ./chrony.conf:server 1.centos.pool.ntp.org iburst ./chrony.conf:server 2.centos.pool.ntp.org iburst ./chrony.conf:server 3.centos.pool.ntp.org iburst
you can use mtime (modified time), ctime (change time) options they are very useful.
2. netstat/ss
Do you want to see all connections (incoming and outgoing) from your server? How about interface details/stats?
“Replacement for netstat is ss. Replacement for netstat -r is ip route. Replacement for netstat -i is ip -s link. Replacement for netstat -g is ip maddr.”
netstat has tons of options, let’s see some basic usage.
Details of interface stats.
[root@localhost Downloads]# netstat -i Kernel Interface table Iface MTU RX-OK RX-ERR RX-DRP RX-OVR TX-OK TX-ERR TX-DRP TX-OVR Flg lo 65536 119123 0 0 0 119123 0 0 0 LRU virbr0 1500 0 0 0 0 0 0 0 0 BMU wlo1 1500 9018486 0 0 0 4749273 0 0 0 BMRU [root@localhost Downloads]#
incoming and outgoing connections
[root@localhost Downloads]# netstat -an Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN tcp 0 0 192.168.122.1:53 0.0.0.0:* LISTEN tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN tcp 0 1 192.168.86.119:38500 74.125.22.188:5228 FIN_WAIT1 tcp 69 0 192.168.86.119:39832 74.125.22.157:443 ESTABLISHED tcp 0 1 192.168.86.119:35286 52.84.26.53:443 FIN_WAIT1 tcp 0 0 192.168.86.119:36734 172.217.10.4:80 ESTABLISHED tcp 0 1 192.168.86.119:46988 172.217.11.6:443 FIN_WAIT1 tcp 0 0 192.168.86.119:56982 52.207.46.4:443 ESTABLISHED tcp 0 0 192.168.86.119:36640 52.84.32.61:443 ESTABLISHED tcp 0 1 192.168.86.119:34090 192.0.77.32:443 FIN_WAIT1 tcp 0 1 192.168.86.119:47528 172.217.11.14:443 FIN_WAIT1 tcp 0 1 192.168.86.119:41214 81.52.133.57:80 FIN_WAIT1 tcp 0 0 192.168.86.119:54362 34.231.94.204:443 ESTABLISHED tcp 0 0 192.168.86.119:41598 172.217.3.100:443 ESTABLISHED tcp 0 1 192.168.86.119:39784 172.217.7.3:80 FIN_WAIT1 tcp 0 1 192.168.86.119:43052 172.217.11.2:80 FIN_WAIT1 tcp 0 1 192.168.86.119:43202 199.16.156.73:443 FIN_WAIT1 tcp 0 0 192.168.86.119:39830 74.125.22.157:443 ESTABLISHED tcp 0 1 192.168.86.119:52080 23.21.229.230:443 FIN_WAIT1 tcp 0 0 192.168.86.119:57230 172.217.6.227:443 ESTABLISHED tcp 1 1 192.168.86.119:38262 104.20.2.47:80 LAST_ACK tcp 0 1 192.168.86.119:42770 172.217.11.3:443 FIN_WAIT1 tcp 0 1 192.168.86.119:37758 104.16.204.165:443 FIN_WAIT1 tcp 0 1 192.168.86.119:50932 23.194.120.35:80 FIN_WAIT1 tcp 0 1 192.168.86.119:34804 172.217.7.10:80 FIN_WAIT1 tcp 0 0 192.168.86.119:58552 52.205.217.39:443 ESTABLISHED tcp 0 1 192.168.86.119:36088 172.217.10.68:80 FIN_WAIT1
you can add -p option to get pids!
ss -s (will give you summary)
[root@localhost bin]# ss -s Total: 978 (kernel 1153) TCP: 40 (estab 27, closed 2, orphaned 0, synrecv 0, timewait 1/0), ports 0 Transport Total IP IPv6 * 1153 - - RAW 1 0 1 UDP 11 8 3 TCP 38 34 4 INET 50 42 8 FRAG 0 0 0
3. ps
ps is very useful command and is heavily used to get details of a running process, it has tons of options
ps -ef — to get list of processes running
ps auxwww — wide format
ps -eo rss,pid,lstart,cmd — ps to get rss (memory utilization), pid, lstart( time when process was started), command
to view all thereads?
#ps -eLf UID PID PPID LWP C NLWP STIME TTY TIME CMD mysql 31140 1 6849 0 36 Nov01 ? 00:00:05 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid mysql 31140 1 6851 0 36 Nov01 ? 00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid mysql 31140 1 6855 0 36 Nov01 ? 00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid mysql 31140 1 6857 0 36 Nov01 ? 00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid mysql 31140 1 6865 0 36 Nov01 ? 00:00:04 /usr/sbin/mysqld --daemonize --pid-file=/var/run/mysqld/mysqld.pid ...
4. rsync
rsync is used to sync files and directories on two different storage locations. rsync has various options and can get complicated. It has many options (it can wipe out source location if options are not set properly). For copying critical data always run/test it (especially if you are trying any new options). It checks/compares source and target destinations based on size and modification time (these options are by default and can be changed to checksum using -c option).
-a archive mode
-n dry run
-v verbose
rsync -avz source_host:src/dir /tmp
above command will sync dir on source_host to /tmp on current host.
A trailing slash on a source as means “copy the contents of this directory” as opposed to “copy the directory by name”
5. chgrp, chown
To change ownership of files. Very useful. Lot of times we unknowingly create files with the wrong userid and original userid cannot read/write.
#chgrp root <filename> # to change group ownership #chown root <filename> # to change file ownership
-R can be used to change group/file ownership
6. scp
you can scp to copy files between two machines (you will need public/private keys setup for passwordless scp)
example
#scp /path/to/file userid@xyx.com:/path/to/copy
user -r for recursively copying dir.
7. tar
Widely used to create tarball – create packages, backups etc
create trarball from a directory:
#tar -cvzf error.tar.gz httpd/error_log*
uncompress tarball:
#tar -xvzf error.tar.gz
8. free
To check free memory available in box.
[root@localhost bin]# free -g total used free shared buff/cache available Mem: 31 28 0 0 2 2 Swap: 7 0 7 [root@localhost bin]#
9. ifconfig/ip
[root@bitarray httpd]# ip link 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000 link/ether d6:73:e1:40:0b:16 brd ff:ff:ff:ff:ff:ff [root@bitarray httpd]# [root@bitarray httpd]# ip route default via 45.55.32.1 dev eth0 10.17.0.0/16 dev eth0 proto kernel scope link src 10.17.0.6 45.55.32.0/19 dev eth0 proto kernel scope link src 45.55.35.71 169.254.0.0/16 dev eth0 scope link metric 1002
[root@bitarray httpd]# ifconfig -a eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 45.55.35.71 netmask 255.255.224.0 broadcast 45.55.63.255 inet6 fe80::d473:e1ff:fe40:b16 prefixlen 64 scopeid 0x20<link> ether d6:73:e1:40:0b:16 txqueuelen 1000 (Ethernet) RX packets 2728904 bytes 731745080 (697.8 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2650564 bytes 1571949416 (1.4 GiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1 (Local Loopback) RX packets 33098 bytes 7122003 (6.7 MiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 33098 bytes 7122003 (6.7 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 [root@bitarray httpd]#
To check interfaces and their stats, IP to interface mapping, packet drops etc
10. tee
tee is very useful, sometimes we need to run a command or script and we would like to see output on screen as well as we would like to save it to a file (at the same time)
#python abc.py | tee /tmp/out
above command will run script abc.py and display output on screen (it will also write to /tmp/out simultaneously)
11. nohup
You might have noticed that your command is sometimes stopped when you log off the machine (like when you logout of ssh session, even if you spawned the command in background).
#nohup command & #exit
if you run above the command will continue to run even if you log off the box.
12. ping
ping <hostname>
[root@localhost /]# ping google.com PING google.com (172.217.6.206) 56(84) bytes of data. 64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=1 ttl=56 time=14.1 ms 64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=2 ttl=56 time=12.7 ms 64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=3 ttl=56 time=10.4 ms 64 bytes from lga25s54-in-f14.1e100.net (172.217.6.206): icmp_seq=4 ttl=56 time=8.99 ms ^C --- google.com ping statistics --- 4 packets transmitted, 4 received, 0% packet loss, time 3005ms
with -c option you can specify to stop after receiving the number of ECHO request packets
13. traceroute
[root@localhost /]# traceroute google.com traceroute to google.com (172.217.12.142), 30 hops max, 60 byte packets 1 gateway (192.168.1.1) 3.394 ms 3.410 ms 6.556 ms 2 lo0-100.NWRKNJ-VFTTP-365.verizon-gni.net (96.242.220.1) 14.748 ms 19.509 ms 22.694 ms 3 B3365.NWRKNJ-LCR-21.verizon-gni.net (100.41.206.198) 24.925 ms 27.265 ms 27.703 ms 4 * * * 5 0.et-10-0-2.GW11.EWR6.ALTER.NET (140.222.0.239) 32.342 ms 0.et-10-1-2.GW11.EWR6.ALTER.NET (140.222.0.241) 32.832 ms 32.824 ms 6 74.125.147.14 (74.125.147.14) 34.393 ms 7.664 ms 11.656 ms 7 * * * 8 108.170.227.211 (108.170.227.211) 14.231 ms 15.116 ms 108.170.227.209 (108.170.227.209) 15.282 ms 9 lga34s19-in-f14.1e100.net (172.217.12.142) 17.026 ms 16.554 ms 16.957 ms [root@localhost /]#
14. df
df can be used to show disk space usage on all mounted filesystems on your box
df -Ph #human readable
df -a # all filesystems
[root@localhost bin]# df -a Filesystem 1K-blocks Used Available Use% Mounted on rootfs - - - - / sysfs 0 0 0 - /sys proc 0 0 0 - /proc devtmpfs 3942360 0 3942360 0% /dev securityfs 0 0 0 - /sys/kernel/security tmpfs 3958248 59920 3898328 2% /dev/shm devpts 0 0 0 - /dev/pts tmpfs 3958248 25692 3932556 1% /run tmpfs 3958248 0 3958248 0% /sys/fs/cgroup cgroup 0 0 0 - /sys/fs/cgroup/systemd pstore 0 0 0 - /sys/fs/pstore efivarfs 0 0 0 - /sys/firmware/efi/efivars cgroup 0 0 0 - /sys/fs/cgroup/devices cgroup 0 0 0 - /sys/fs/cgroup/cpu,cpuacct cgroup 0 0 0 - /sys/fs/cgroup/hugetlb cgroup 0 0 0 - /sys/fs/cgroup/pids cgroup 0 0 0 - /sys/fs/cgroup/net_cls,net_prio cgroup 0 0 0 - /sys/fs/cgroup/perf_event cgroup 0 0 0 - /sys/fs/cgroup/blkio cgroup 0 0 0 - /sys/fs/cgroup/freezer cgroup 0 0 0 - /sys/fs/cgroup/cpuset cgroup 0 0 0 - /sys/fs/cgroup/memory configfs 0 0 0 - /sys/kernel/config /dev/mapper/cl-root 52403200 9139940 43263260 18% / selinuxfs 0 0 0 - /sys/fs/selinux systemd-1 - - - - /proc/sys/fs/binfmt_misc mqueue 0 0 0 - /dev/mqueue debugfs 0 0 0 - /sys/kernel/debug hugetlbfs 0 0 0 - /dev/hugepages nfsd 0 0 0 - /proc/fs/nfsd /dev/sda2 1038336 284188 754148 28% /boot /dev/sda1 204580 9688 194892 5% /boot/efi /dev/mapper/cl-home 188152052 18038172 170113880 10% /home sunrpc 0 0 0 - /var/lib/nfs/rpc_pipefs binfmt_misc 0 0 0 - /proc/sys/fs/binfmt_misc tmpfs 791652 40 791612 1% /run/user/1000 gvfsd-fuse 0 0 0 - /run/user/1000/gvfs fusectl 0 0 0 - /sys/fs/fuse/connections
15. ssh
probably first thing you do to login to a machine …
ssh userid@ip to login to other machine ‘ip’
ssh-keygen can be used to generate public/private keys
16. iostat
iostat provides CPU statistics and devices/storage numbers
[abhishekjdl@localhost ~]$ iostat Linux 3.10.0-514.21.2.el7.x86_64 (localhost.localdomain) 09/29/2017 _x86_64_ (4 CPU) avg-cpu: %user %nice %system %iowait %steal %idle 19.72 0.10 4.07 0.69 0.00 75.43 Device: tps kB_read/s kB_wrtn/s kB_read kB_wrtn sda 3.81 18.76 49.56 14557595 38453503 dm-0 0.36 10.95 3.95 8492097 3060882 dm-1 0.20 0.09 0.72 72640 560668 dm-2 3.45 7.69 44.89 5964185 34829825
It’s very useful to check latency and load on your devices, it will not provide stats for NFS shares(for that you can use nfsiostat)
what is dm-0,dm-1…? you can use lvdisplay to find which device corresponds to which partition.
lsblk is also very useful:
[root@localhost Downloads]# lsblk NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINT sda 8:0 0 238.5G 0 disk ├─sda1 8:1 0 200M 0 part /boot/efi ├─sda2 8:2 0 1G 0 part /boot └─sda3 8:3 0 237.3G 0 part ├─cl-root 253:0 0 50G 0 lvm / ├─cl-swap 253:1 0 7.8G 0 lvm [SWAP] └─cl-home 253:2 0 179.5G 0 lvm /home [root@localhost Downloads]#
17. lsof
list of open files. Quite an important command. How will you find which files are opened by a process? Like if you see a processes running and you would like to check where are the log files? Do..
#lsof -p <pid>
there is a good chance one of the entries from above output is a log file. Or you can do the reverse (to check if a file is used by any process). just run lsof and grep for file (remember if you are non-root you may not see entire output unless setuid is set to root).
18. nslookup
nameserver lookup is used to find ip/domain mapping (DNS record)
[root@bitarray ~]# nslookup google.com Server: 67.207.67.3 Address: 67.207.67.3#53 Non-authoritative answer: Name: google.com Address: 172.217.12.142
nslookup can provide mapping of DNS name to IP.
Remember reverse lookup is not always true
[root@bitarray ~]# nslookup 172.217.12.142 Server: 67.207.67.3 Address: 67.207.67.3#53 Non-authoritative answer: 142.12.217.172.in-addr.arpa name = lga34s19-in-f14.1e100.net.
19. telnet
telnet can be used to communicate with another IP, process on another machine etc using telnet protocol.
Telnet is not secure and it’s sends unencrypted login information, so use it in local environment only.
[root@localhost ~]$ telnet bitarray.io 80 Trying 45.55.35.71... Connected to bitarray.io. Escape character is '^]'. GET / <!DOCTYPE html> <!--[if lt IE 7]>
telnet is widely used to check if a process is listening on a given port, just do
#telnet <IP> <port>
fi you get Escape character is ‘^]’. that means remote process is up on that IP:Port.
20. lscpu
Display information on CPU architecture
[root@localhost abhishekjdl]# lscpu Architecture: x86_64 CPU op-mode(s): 32-bit, 64-bit Byte Order: Little Endian CPU(s): 4 On-line CPU(s) list: 0-3 Thread(s) per core: 2 Core(s) per socket: 2 Socket(s): 1 NUMA node(s): 1 Vendor ID: GenuineIntel CPU family: 6 Model: 61 Model name: Intel(R) Core(TM) i7-5500U CPU @ 2.40GHz Stepping: 4 CPU MHz: 1200.093 BogoMIPS: 4788.52 Virtualization: VT-x L1d cache: 32K L1i cache: 32K L2 cache: 256K L3 cache: 4096K NUMA node0 CPU(s): 0-3
see threads per core is 2. You can check if hyperthreading is turned On or Not?
You must be logged in to post a comment.
+ There are no comments
Add yours