· Linux sysad

Commands for a System Administrator Part 3

Commands for a System Administrator, Part 1 Commands for a System Administrator, Part 2

1. diff

diff is used to compare two files, line by line. The most common flags I use are -iyw, ‘i’ for ignored case differences, ‘y’ for a side by side comparison, and ‘w’ to ignore all whitespaces and ‘–suppress-common-lines’ does not show duplicate lines. There are many other options for diff, but these I find give the easiest output to read. If a line has “<” The line had some text but now has no text. If a line has “>” The line had no text but now has text on the line. If a line has “|” The text on the line has changed

[[email protected] ~]# diff -iyw --suppress-common-lines file1 file2
VidyoDesktop tcp &lt;
VidyoDesktop tcp6 ::1:63457 &lt;

2. mount/umount

Used to mount and unmount filesystems and gather information on mounts. Appending the command with a filesystem will mount (or unmount) that particular filesystem. The ‘-a’ flag will mount anything in the /etc/fstab file.

[[email protected] ~]# mount /local
[[email protected] ~]#

3. ip

ip is the replacement for ifconfig and route. It can be used to add and delete IP addresses and the routing table. There are many options for this command, I would recommend the man pages and the documentation for your distribution.

[[email protected] ~]# ip address show
[[email protected] ~]# ip address add dev eth0

4. netstat

The netstat command show network information, such listening services and network connections. It can display more than this but its most common usage, is to determine what programs are listening on which ports and IP addresses. The common flags are ‘n’ for numbers, ‘t’ for tcp ‘l’ for listening services and ‘p’ for program names, removing the ‘l’ with show you connections, the state, the local addresses and where its connection from, a quick and easy way to see how many connections to a service.

[[email protected] ~]# netstat -ntlp
Active  Internet  connections  (only           servers)   
Proto   Recv-Q    Send-Q       Local Address    Foreign  Address             State    PID/Program  name
tcp     0         0  *                    LISTEN   3888/master
tcp     0         0  *                    LISTEN   12740/nginx
tcp     0         0  *                    LISTEN   5357/sshd
tcp     0         0  *                    LISTEN   1043/php-fpm
tcp     0         0  *                    LISTEN   10056/redis-server
tcp     0         0  *                    LISTEN   12740/nginx
tcp     0         0            ::1:25           :::*                         LISTEN   3888/master
tcp     0         0            :::1989          :::*                         LISTEN   5357/sshd
tcp     0         0            :::3306          :::*                         LISTEN   5855/mysqld

5. dig

dig is the DNS query tool, it has a simple argument structure, simply ‘dig name type’, the default is an A record lookup, reverse lookups are done with -x flag then IP. A great option is @server so you can query specific DNS servers, which is great when checking record propagation issues. +short is another great option and is suppresses all the noisy output.

[[email protected] ~]# dig A aaron.mehar.me
; &lt;&lt;&gt;&gt; DiG 9.3.6-P1-SuSE-9.3.6-25.P1.el5_11.2  A aaron.mehar.me
;; global options: printcmd
;; Got answer:
;; -&gt;&gt;HEADER&lt; ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;aaron.mehar.me. IN A

aaron.mehar.me. 300 IN A
aaron.mehar.me. 300 IN A

;; Query time: 8 msec
;; WHEN: Tue Jul 21 09:58:24 2015
;; MSG SIZE rcvd: 64

6. uptime

Uptime gives a one line display of the following information. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minute

[[email protected] aaron.mehar.me]# uptime
20:24:54 up 122 days, 4:51, 2 users, load average: 0.09, 0.04, 0.01

7. wall

wall broadcasts a message to the console of every logged in user, the command followed by a message is the simply way to send this, or execute the command on its own, type your message and then exit (usually control+d)

[[email protected] aaron.mehar.me]# wall "Hello other users"
[[email protected] aaron.mehar.me]#
Broadcast message from [email protected] (pts/0) (Thu Sep 10 20:31:48 2015):

Hello other users

8. write

write is similar to the above but to specific users rather than everyone, its simple to use, just add the users [tty]

[[email protected] ~]# write root pts/0

9. w

w is great as it shows, who is logged in, where from, for how long what they are doing, although the ‘what’ in my opinion is pretty useless. The top line includes the output from uptime as well.

[[email protected] aaron.mehar.me]# w
20:42:27 up 122 days, 5:09, 2 users, load average: 0.09, 0.04, 0.01
root tty1 - 17May15 116days 0.19s 0.19s -bash
root pts/0 cpc20-slou1-2-0- 18:40 0.00s 0.25s 0.00s w

10. top

The top program provides a dynamic real-time view of a running system. It can display system summary information as well as a list of tasks currently being managed by the Linux kernel. The types of system summary information shown and the types, order and size of information displayed for tasks are all user configurable and that configuration can be made persistent across restarts. There are loads of options for top and ways to change it displays, most use cases you run ‘top’ and press ‘q’ to exit.

[[email protected] ]# top
top - 15:58:17 up 146 days, 25 min,  2 users,  load average: 0.00, 0.01, 0.01
Tasks: 160 total,   1 running, 159 sleeping,   0 stopped,   0 zombie
Cpu(s):  0.1%us,  0.0%sy,  0.0%ni, 99.8%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
Mem:   3922448k total,  2914120k used,  1008328k free,   217404k buffers
Swap:  4063228k total,     4712k used,  4058516k free,  1926252k cached

11. mkfs

mkfs is used to ‘make a filesystem’. You specify the type of filesystem with the -t flag and then the partition. This command asks for NO validation, so be sure you are formatting the disk you want.

[[email protected] ~]# mkfs -t ext4 /dev/xvdb1
mke2fs 1.42.9 (28-Dec-2013)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Allocating group tables: done                            
Writing inode tables: done                            
Creating journal (32768 blocks): done
Writing superblocks and filesystem accounting information: done

12. vim

vim, which is vi improved, is the an amazingly powerful tool, most commonly used as a text editor but it has many feature built in and it even supports plugins. Install vim and run vimtutor to learn how to use it. I think Vim needs its own post, so look out for that.

[[email protected] ~]# vimtutor 
=    W e l c o m e   t o   t h e   V I M   T u t o r    -    Version 1.7      =
[[email protected] ~]# vi your-file

13. free

free is used to display memory information, both free and used. Its a simple command with not many flags. The most used are generally, -k for kilobytes, -m for megabytes,-g for gigabytes, and -s to update the output every X seconds.

[[email protected] ~]# free -m
              total        used        free      shared  buff/cache   available
Mem:          16002        4670        2882         135        8449       10972
Swap:          8063          57        8006

14. mysqldump

mysqldump is a program to dump (backup) databases, either all databases or a specific one, into a file. The example below is great for daily backups, but there are a number of flags depending on the reason for the backup, ie –master-data if you are setting up a master/slave setup.

[[email protected] ~]# mysqldump -u[user] -p[password] [database] &gt; database.sql --single-transaction

15. pwgen

pwgen can generate a strong, random password. -c to include capital letters, -n to include numbers, -y to include symbols, and the last two numbers are the number of characters and number of passwords.

[[email protected] ~]# pwgen -cny 15 1

16. lsof

‘List of open files’ lsof is a huge tool, can even replace netstat and ps. In its most basic use, you can get a list of open files, useful if a mount point wont unmount. lsof will definitely need its on post but the most helpful will always be ‘+D directory’, just specifying a file or grepping for what you are looking for.

[[email protected] ~]# lsof +D /var/log/
auditd    1182  root    5w   REG  253,1  4423052 525077 /var/log/audit/audit.log
rsyslogd  1202  root    1w   REG  253,1      144 524835 /var/log/messages
rsyslogd  1202  root    2w   REG  253,1     3020 524591 /var/log/cron
rsyslogd  1202  root    4w   REG  253,1      929 525107 /var/log/secure
php-fpm   5287  root    2w   REG  253,1  7907262 524508 /var/log/php-fpm/error.log
php-fpm   5287  root    3w   REG  253,1  7907262 524508 /var/log/php-fpm/error.log
nginx    12740  root    2w   REG  253,1        0 524800 /var/log/nginx/error.log
  • LinkedIn
  • Tumblr
  • Reddit

Aaron Mehar

Berkshire, UK