Commands for a System Administrator Part 3
Commands for a System Administrator, Part 1 Commands for a System Administrator, Part 2
diff is used to compare two files, line by line. The most common flags I use are -iyw, ‘i’ for ignored case differences, ‘y’ for a side by side comparison, and ‘w’ to ignore all whitespaces and ‘–suppress-common-lines’ does not show duplicate lines. There are many other options for diff, but these I find give the easiest output to read. If a line has “<” The line had some text but now has no text. If a line has “>” The line had no text but now has text on the line. If a line has “|” The text on the line has changed
[[email protected] ~]# diff -iyw --suppress-common-lines file1 file2 VidyoDesktop tcp 127.0.0.1:63457 < VidyoDesktop tcp6 ::1:63457 <
Used to mount and unmount filesystems and gather information on mounts. Appending the command with a filesystem will mount (or unmount) that particular filesystem. The ‘-a’ flag will mount anything in the /etc/fstab file.
[[email protected] ~]# mount /local [[email protected] ~]#
ip is the replacement for ifconfig and route. It can be used to add and delete IP addresses and the routing table. There are many options for this command, I would recommend the man pages and the documentation for your distribution.
[[email protected] ~]# ip address show [[email protected] ~]# ip address add 192.168.0.50 dev eth0
The netstat command show network information, such listening services and network connections. It can display more than this but its most common usage, is to determine what programs are listening on which ports and IP addresses. The common flags are ‘n’ for numbers, ‘t’ for tcp ‘l’ for listening services and ‘p’ for program names, removing the ‘l’ with show you connections, the state, the local addresses and where its connection from, a quick and easy way to see how many connections to a service.
[[email protected] ~]# netstat -ntlp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 3888/master tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 12740/nginx tcp 0 0 0.0.0.0:1989 0.0.0.0:* LISTEN 5357/sshd tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 1043/php-fpm tcp 0 0 127.0.0.1:6379 0.0.0.0:* LISTEN 10056/redis-server tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 12740/nginx tcp 0 0 ::1:25 :::* LISTEN 3888/master tcp 0 0 :::1989 :::* LISTEN 5357/sshd tcp 0 0 :::3306 :::* LISTEN 5855/mysqld
dig is the DNS query tool, it has a simple argument structure, simply ‘dig name type’, the default is an A record lookup, reverse lookups are done with -x flag then IP. A great option is @server so you can query specific DNS servers, which is great when checking record propagation issues. +short is another great option and is suppresses all the noisy output.
[[email protected] ~]# dig A aaron.mehar.me ; <<>> DiG 9.3.6-P1-SuSE-9.3.6-25.P1.el5_11.2 A aaron.mehar.me ;; global options: printcmd ;; Got answer: ;; ->>HEADER< ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;aaron.mehar.me. IN A ;; ANSWER SECTION: aaron.mehar.me. 300 IN A 220.127.116.11 aaron.mehar.me. 300 IN A 18.104.22.168 ;; Query time: 8 msec ;; SERVER: 22.214.171.124#53(126.96.36.199) ;; WHEN: Tue Jul 21 09:58:24 2015 ;; MSG SIZE rcvd: 64
Uptime gives a one line display of the following information. The current time, how long the system has been running, how many users are currently logged on, and the system load averages for the past 1, 5, and 15 minute
[[email protected] aaron.mehar.me]# uptime 20:24:54 up 122 days, 4:51, 2 users, load average: 0.09, 0.04, 0.01
wall broadcasts a message to the console of every logged in user, the command followed by a message is the simply way to send this, or execute the command on its own, type your message and then exit (usually control+d)
[[email protected] aaron.mehar.me]# wall "Hello other users" [[email protected] aaron.mehar.me]# Broadcast message from [email protected] (pts/0) (Thu Sep 10 20:31:48 2015): Hello other users
write is similar to the above but to specific users rather than everyone, its simple to use, just add the users [tty]
[[email protected] ~]# write root pts/0
w is great as it shows, who is logged in, where from, for how long what they are doing, although the ‘what’ in my opinion is pretty useless. The top line includes the output from uptime as well.
[[email protected] aaron.mehar.me]# w 20:42:27 up 122 days, 5:09, 2 users, load average: 0.09, 0.04, 0.01 USER TTY FROM [email protected] IDLE JCPU PCPU WHAT root tty1 - 17May15 116days 0.19s 0.19s -bash root pts/0 cpc20-slou1-2-0- 18:40 0.00s 0.25s 0.00s w
The top program provides a dynamic real-time view of a running system. It can display system summary information as well as a list of tasks currently being managed by the Linux kernel. The types of system summary information shown and the types, order and size of information displayed for tasks are all user configurable and that configuration can be made persistent across restarts. There are loads of options for top and ways to change it displays, most use cases you run ‘top’ and press ‘q’ to exit.
[[email protected] ]# top top - 15:58:17 up 146 days, 25 min, 2 users, load average: 0.00, 0.01, 0.01 Tasks: 160 total, 1 running, 159 sleeping, 0 stopped, 0 zombie Cpu(s): 0.1%us, 0.0%sy, 0.0%ni, 99.8%id, 0.0%wa, 0.0%hi, 0.0%si, 0.0%st Mem: 3922448k total, 2914120k used, 1008328k free, 217404k buffers Swap: 4063228k total, 4712k used, 4058516k free, 1926252k cached
mkfs is used to ‘make a filesystem’. You specify the type of filesystem with the -t flag and then the partition. This command asks for NO validation, so be sure you are formatting the disk you want.
[[email protected] ~]# mkfs -t ext4 /dev/xvdb1 mke2fs 1.42.9 (28-Dec-2013) Filesystem label= OS type: Linux Block size=4096 (log=2) ...... Allocating group tables: done Writing inode tables: done Creating journal (32768 blocks): done Writing superblocks and filesystem accounting information: done
vim, which is vi improved, is the an amazingly powerful tool, most commonly used as a text editor but it has many feature built in and it even supports plugins. Install vim and run vimtutor to learn how to use it. I think Vim needs its own post, so look out for that.
[[email protected] ~]# vimtutor =============================================================================== = W e l c o m e t o t h e V I M T u t o r - Version 1.7 = ================================================================================ [[email protected] ~]# vi your-file
free is used to display memory information, both free and used. Its a simple command with not many flags. The most used are generally, -k for kilobytes, -m for megabytes,-g for gigabytes, and -s to update the output every X seconds.
[[email protected] ~]# free -m total used free shared buff/cache available Mem: 16002 4670 2882 135 8449 10972 Swap: 8063 57 8006
mysqldump is a program to dump (backup) databases, either all databases or a specific one, into a file. The example below is great for daily backups, but there are a number of flags depending on the reason for the backup, ie –master-data if you are setting up a master/slave setup.
[[email protected] ~]# mysqldump -u[user] -p[password] [database] > database.sql --single-transaction
pwgen can generate a strong, random password. -c to include capital letters, -n to include numbers, -y to include symbols, and the last two numbers are the number of characters and number of passwords.
[[email protected] ~]# pwgen -cny 15 1
‘List of open files’ lsof is a huge tool, can even replace netstat and ps. In its most basic use, you can get a list of open files, useful if a mount point wont unmount. lsof will definitely need its on post but the most helpful will always be ‘+D directory’, just specifying a file or grepping for what you are looking for.
[[email protected] ~]# lsof +D /var/log/ COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME auditd 1182 root 5w REG 253,1 4423052 525077 /var/log/audit/audit.log rsyslogd 1202 root 1w REG 253,1 144 524835 /var/log/messages rsyslogd 1202 root 2w REG 253,1 3020 524591 /var/log/cron rsyslogd 1202 root 4w REG 253,1 929 525107 /var/log/secure php-fpm 5287 root 2w REG 253,1 7907262 524508 /var/log/php-fpm/error.log php-fpm 5287 root 3w REG 253,1 7907262 524508 /var/log/php-fpm/error.log nginx 12740 root 2w REG 253,1 0 524800 /var/log/nginx/error.log