Essential Linux commands
Important shell commands for linux administration
✔️ General commands :
$ uname -a # prints system information
$ id # prints user and group informations for logged in user
$ time <command> # executes <command> and prints execution time afterwards
# --> real: total cpu time
# --> user: user mode (process standard instructions)
# --> sys: system mode (kernel executing process system calls)
$ sudo runuser -c '<command>' -P --login <user> # runs <command> as <user> without asking for password
# starts the new shell as a login shell with an environment
# relevant to <user>, in a new pseudo terminal
# simple quote <command> to prevent variable expansion by
# current shell when using <user>'s environment✔️ Boot related commands :
$ man "bootup(7)" # detailed boot sequence description
# (UEFI/GRUB/kernel/initramfs/systemd)
$ man "systemd.special(7)" # detailed system target units description
$ ls -lAh /etc/rc* | less # view all run levels (/etc/rd* content, obsolete)
$ who -r # view current system run level (obsolete)
$ ps --pid 1 -f # view the init/systemd process
$ systemd-analyze time # prints boot sequence duration, step by step✔️ Kernel :
$ sudo dmesg -kHxL=always | less # prints kernel messages since last boot
$ sysctl -a # prints all available kernel variables
$ sysctl <variable>=<value> # sets kernel <variable> to <value> (see /proc/sys/.) - CAUTION ✔️ Systemd:
$ man "systemd.unit(5)" # configuration units guide
$ man systemd.service # service units design guide
$ systemctl get-default # gets default system target unit
$ systemctl list-unit-files # prints all installed configuration units
$ systemctl list-units --type=target # prints all target configuration units
$ systemctl list-units --type=service # prints all service configuration units
$ systemctl list-dependencies <unit> # prints configuration units dependencies tree for <unit>
# (--all to print the whole system tree)
$ systemctl status <unit/process/device> # prints summary and logs for the unit/process/device state
$ systemctl show-environment # shows default environment variables for all systemd spawned processes
$ systemd-analyze blame # shows all running configuration units
$ systemd-analyze verify <file> # checks if configuration unit <file> is valid
$ sudo systemctl edit --force --full <unit> # creates configuration unit <unit>
$ sudo systemctl edit --full <unit> # edits configuration unit <unit>
$ sudo systemctl enable <unit> # enables configuration unit <unit> - creates the relevant set of
# symlinks in /etc/systemd/system according to the [Install] directives
$ sudo systemctl disable <unit> # disables configuration unit <unit> - removes symlinks from
# /etc/systemd/system and /etc/systemd/system/<unit>.wants
# both enable and disable reload systemd configuration but do not
# start/stop relevant units except when using --now✔️ Journald :
# view all available syslog facilities
$ journalctl --facility=help
# count journal entries for systemd unit <unit> since last boot
$ sudo journalctl -b -u <unit> | wc -l
# view syslog journal entries for : daemons & services / scheduled tasks / login / root commands
$ sudo journalctl -b -o short-monotonic --no-hostname --facility=daemon | less
$ sudo journalctl -b -o short-monotonic --no-hostname --facility=cron | less
$ sudo journalctl -b -o short-monotonic --no-hostname --facility=auth | less
$ sudo journalctl -b -o short-monotonic --no-hostname --facility=authpriv | less✔️ Manual :
$ man <file> # formats and display man <file> (usually gzip archive)
$ man -k <expr> <expr> # regexp search of <expr> list in manpages descriptions (apropos)
$ man -f <cmd> <cmd> ... # prints short descriptions of commands list (whatis)
$ man -a <cmd> # prints all man pages for <cmd> one after the other
# (press q to display pages scrolling menu)✔️ Alternatives
$ sudo update-alternatives --display <name> # prints symlink, alternatives, best and current value for <name>
$ sudo update-alternatives --config <name> # changes alternative configuration for <name> (auto/manual, system wide)
$ sudo update-alternatives --install <l> <n> <p> <i> # installs alternative <p> with priority <i> for name <n> and link <l>
$ sudo update-alternatives --remove <name> <path> # removes <path> as an alternative for <name>'s symlink✔️ Devices/partitions/file systems :
$ sudo fdisk -lo +UUID <device> # display device information for device <device>
# (partition table, size, sectors, UUID, start, end, size, type, UUID)
$ lsblk -fmo +TYPE <device> # display filesystem information for device <device>
# (partition, name, type, UUID, usage, mountpoint, etc...)
$ sudo dumpe2fs <device> | grep -F Filesystem # display filesystem details for <device>
$ sudo blkid -p <device> | sed -r "s/\s/\n/g" # display partition details for <device>
$ df -h <path> <path> # display information on the file system containing each passed <path>
$ findmnt -A --fstab --evaluate # display information about fstab mounts
$ sudo hostnamectl --<options> command # display/set system hostname informations✔️ Root commands :
$ sudo EDITOR=<editor> visudo # edit sudoers file
$ sudo -k # removes current sudo session timestamp
$ sudo cat /etc/shadow | sort - | column -ts ":" # view shadowed users accounts file
$ sudo cat /etc/gshadow | sort - | column -ts ":" # view shadowed groups accounts file
$ cat /etc/passwd | sort - | column -ts ":" # view all users accounts
$ cat /etc/group | sort - | column -ts ":" # view all groups accounts✔️ Groups management :
$ man gshadow # description of shadowed groups accounts file
$ sudo groupadd -f <group> # create a new group (user or system group) using /etc/login.defs options
$ sudo groupmod -n NAME <group> # changes group name to NAME (see man for other options)
$ sudo groupdel <group> # deletes group
$ sudo gpasswd -a <user> <group> # add user to group
$ sudo gpasswd -d <user> <group> # add user to group
$ sudo gpasswd -M <user1> <user2>... <group> # set list of group members✔️ Users management :
$ man shadow # description of shadowed users accounts file
$ sudo adduser <user> --shell /bin/bash # creates user
$ sudo deluser <user> # remove user
$ sudo usermod -a -G <group> <user> # add user to group
$ write <user> <terminal> # opens an invite to write text to <user> logged on <terminal>
$ wall <message> # sends a message to every connected user's terminals
$ who -u # lists logged in users
# (name, terminal, login time, shell PID, hostname)
$ w # lists logged in users
# (name, terminal, hostname, login time, idle time, JCPU, PCPU, command)
# JCPU: CPU time used by all processes attached to the terminal
# PCPU: CPU time used by the current process (command)✔️ Files :
$ man hier # complete description of the file system hierarchy (NO COMMAND !)
$ man inode # complete description of the inode structure
$ file <path> # display file type for file at <path>
$ stat <path> # display inode metadata for file at <path>
$ find <path> -name <name> -exec <cmd> {} \; # finds files named <name> in <path> (recursive) and runs <cmd> on them
$ ln -s <file> <link> # creates a symbolic link <link> to <file>
$ umask <mode> # sets current user's file creation mode mask (displays it no <mode>)
$ chmod <mode> <file> # change <file> permissions
$ chown <user> <file> # sets <file> Uid to <user>
# (append colon to <user> to set Gid to user's primary group)
$ chgrp <group> <file> # sets <file> Gid to <group>
$ chmod o+t <directory> # sets sticky bit on <directory>✔️ Processes :
$ <command> & # start <command> as a job
$ jobs # lists the active jobs
$ bg <job> # resumes suspended job <job>
$ fg <job> # brings <job> in the foreground
$ sleep <n> # waits <n> seconds before resuming execution
$ sleep <n> && <command> & # delays <command> execution in the background by <n> seconds
# (<command> will spawn a non interactive process)
$ top -u <pid|user> # display only processes matching PID <pid> or username <user>
$ ps -fU <user> # lists processes whose RUID matches <user>
$ ps -fp <pid> # display details on process with PID <pid>
$ ps -aux # lists all processes on the system, by user
$ pstree -puTn # displays current processes tree
# (options : show PID, show RUID, hide processes threads, sort by PPID)
$ nice -n <n> <command> # runs <command> and adds <n> to its niceness
# (niceness ranges from -20 highest to 19 lowest
$ renice -n <n> -p <pid> # alters process <pid>'s niceness by <n>
# (changes all other processes's priorities as well)
# DO NOT USE NICE OR RENICE ON FOREGROUND PROCESSES✔️ File access monitoring :
$ sudo lsof -u <user> # list files opened by processes owned by <user>
$ sudo lsof -i tcp@0.0.0.0:ssh # list network sockets matching specific internet addresses
# an address is : protocol + hostname/address + port/service
$ sudo lsof -c bash # list files opened by processes running a specific command
$ sudo lsof -c "/^b.*$/x" -c0 # same as above using regex + do not truncate command
$ sudo lsof -a -u <user> -c bash # combine multiple options with -a ...
$ sudo lsof -a -u root -i tcp@0.0.0.0:ssh -n -P | grep ESTABLISHED # list established ssh connections on all interfaces
# prevent hostname and service resolution in output
$ sudo lsof -a -u ^root -i TCP -s TCP:ESTABLISHED -n -P # same as above using tcp state (no filtering on service)
# exclude user processes by negating user name with ^
$ sudo lsof -a -p 7874,7875 -d ^mem -o # use PIDs to list files opened by specific processes
# exclude memory-mapped files, display file offset only
$ sudo lsof -aop 7874,7875 -d ^mem # alternative form using grouped options
$ sudo lsof -t .testfile.swp # list processes that are currently accessing a specific file
$ sudo lsof -a -u <user> +D /dev/pts/. -R # list interactive processes for a specific user, display PPID
$ vi /usr/share/doc/lsof/00QUICKSTART.gz # view quickstart guide with plenty additional examples ...✔️ Commands history :
$ history -a # append the history buffer's content to user's .bash_history
$ history -c # clears history buffer✔️ Cron :
$ man "crontab(5)" # details on crontab files formatting
# (system-wide crontab files can be edited directly)
$ crontab -l # print current user's crontab file
$ crontab -e # edits current users's crontab using /usr/bin/editor
$ crontab -r # removes current user's crontab✔️ Apt :
$ apt list <packagename> <packagename> # check whether packages are installed
$ apt list --installed # lists all installed packages
$ sudo apt-get install <packagename>=<version> # install a specific version of a package✔️ Shell authentication :
$ newgrp <group> # log in current user to <group> : changes gid (primary group) value
$ passwd # change password for current user✔️ Tar :
$ tar --list -f <archive> # list <archive> contents
$ tar -cvf <archive> <path> # tar <path> contents into <archive>
$ tar -xvf <archive> # extracts <archive> contents into the current path✔️ GNU locate :
$ man locatedb # locate database format details
$ man updatedb # locate database setup, options and update
$ locate -S # prints locatedb detailed statistics (default format is LOCATGE02)
$ locate -d <db> -i -b <expr> # searches <db> for file names matching <expr> (shell wildcards + case insensitive)
$ locate -d <db> -i -r R posix-extended <expr> # searches <db> for paths matching <expr> (regex, case insensitive, BROKEN)✔️ Policy kit :
$ man polkit # general concepts about the policy kit framework - an authority
# managing access for unprivileged programs (clients) to privileged
# ones (mechanisms), used for shell interactions with systemctl/systemd
# instead of sudo ...