Table of Contents

1. Basic Commands

man : manual
ls :List Directory Contents
pwd :print working directory
cd :change directory
mkdir :Make directory
cp :Copy
mv :Move
find and locate and whereis
kill
passwd :Password
md5sum :Compute and Check MD5 Message Digest
history :History (Event) Record。
sudo :(super user do)
touch :Update the access and modification times of each FILE to the current time
chmod :change file mode bits
chown :change file owner and group
apt :Advanced Package Tool
dd: Convert and Copy a file
       [email protected]:~# dd if=/home/user/Downloads/debian.iso of=/dev/sdb1 bs=512M; sync
tar : Tape Archive
cal : Calendar
cat : Concatenation. Concatenate (join) two or more plain file and/or print contents of a file on standard output.
grep : searches the given file for lines containing a match to the given strings or words
ps : (Process)
service : command controls the Starting, Stopping or Restarting of a ‘service‘
df : disk usages of file system
du : disk usages
cmp : compare
wget : a free utility for non-interactive (i.e., can work in background) download of files from the Web
mount
gcc : is the in-built compiler for ‘c‘ language in Linux Environment.
g++ is the in-built compiler for ‘C++‘ , the first object oriented programming language.
Java is one of the world’s highly used programming language and is considered fast, secure, and reliable. Most of the the web based service of today runs on java.



    2. Iptable firewalls

    2.1 Delete IPtable firewall rules

    [[email protected] ~]# /sbin/iptables -L -v -n
    Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination         
      74M   53G RH-Firewall-1-INPUT  all  —  *      *       0.0.0.0/0            0.0.0.0/0           

    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination         
        0     0 RH-Firewall-1-INPUT  all  —  *      *       0.0.0.0/0            0.0.0.0/0           

    Chain OUTPUT (policy ACCEPT 18M packets, 1069M bytes)
     pkts bytes target     prot opt in     out     source               destination         

    Chain RH-Firewall-1-INPUT (2 references)
     pkts bytes target     prot opt in     out     source               destination         
     5462  734K ACCEPT     all  —  lo     *       0.0.0.0/0            0.0.0.0/0           
    46700 2228K ACCEPT     icmp —  *      *       0.0.0.0/0            0.0.0.0/0           icmp type 255 
        0     0 ACCEPT     esp  —  *      *       0.0.0.0/0            0.0.0.0/0           
        0     0 ACCEPT     ah   —  *      *       0.0.0.0/0            0.0.0.0/0           
        0     0 ACCEPT     udp  —  *      *       0.0.0.0/0            224.0.0.251         udp dpt:5353 
        0     0 ACCEPT     udp  —  *      *       0.0.0.0/0            0.0.0.0/0           udp dpt:631 
      719 34592 ACCEPT     tcp  —  *      *       0.0.0.0/0            0.0.0.0/0           tcp dpt:631 
      63M   52G ACCEPT     all  —  *      *       0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
     3094  150K ACCEPT     tcp  —  *      *       0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
      10M 1029M REJECT     all  —  *      *       0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited

    [[email protected] ~]# /sbin/service iptables save
    Saving firewall rules to /etc/sysconfig/iptables: [  OK  ]
    [[email protected] ~]# /sbin/service iptables stop
    Flushing firewall rules: [  OK  ]
    Setting chains to policy ACCEPT: filter [  OK  ]
    Unloading iptables modules: [  OK  ]
    [[email protected] ~]# /sbin/iptables -L -v -n
    Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination      

    Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination      

    Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
     pkts bytes target     prot opt in     out     source               destination      
    [[email protected] ~]# /sbin/service iptables start
    Flushing firewall rules: [  OK  ]
    Setting chains to policy ACCEPT: filter [  OK  ]
    Unloading iptables modules: [  OK  ]
    Applying iptables firewall rules: [  OK  ]
    Loading additional iptables modules: ip_conntrack_netbios_ns [  OK  ]


    Or we can use the following command or script to stop the rules:


    #!/bin/sh
    echo “Saving current firewall rules at /root/current.firewall file…”
    iptables-save > /root/current.firewall
    echo “Stopping firewall and allowing everyone…”
    iptables -F
    iptables -X
    iptables -t nat -F
    iptables -t nat -X
    iptables -t mangle -F
    iptables -t mangle -X
    iptables -P INPUT ACCEPT
    iptables -P FORWARD ACCEPT
    iptables -P OUTPUT ACCEPT

    2.2. Changing Debian IPTABLES Rules To Survive Reboot
    2.2.1. iptables scripts to enhance the rules at /usr/local/scripts/rc.iptables during a reboot

    Linux1~# cat /etc/init.d/iptables
    #!/bin/sh
    #
    IPTABLES_CONFIG=/usr/local/scripts/rc.iptables
    PATH=/usr/bin:/bin:/sbin:/usr/sbin:/usr/local/bin:/usr/local/sbin

    if [ ! -x /sbin/iptables ]; then
            exit 0
    fi

    start() {
            if [ -f $IPTABLES_CONFIG ]; then
                iptables -F
                iptables -X
                echo $”Applying iptables firewall rules: “
                $IPTABLES_CONFIG
                echo
                touch /var/lock/subsys/iptables
            fi
    }

    stop() {
            iptables -P INPUT ACCEPT
            iptables -P OUTPUT ACCEPT
            iptables -P FORWARD ACCEPT
            iptables -F
            iptables -X
            echo
            rm -f /var/lock/subsys/iptables
    }

    case “$1” in
      start)
            start
            ;;

      stop)
            stop
            ;;

      restart)
            start
            ;;
      *)
            echo $”Usage: $0 {start|stop|restart}”
            exit 1
    esac

    exit 0

    Linux1~# vi /usr/local/scripts/rc.iptables

    Linux1~# /etc/init.d/iptables restart

    Linux1~#iptables -L -v -n | more



    2.2.2. using iptables-restore and iptables-save to edit iptables rules

    iptables-save > /etc/iptables.test.rule

    editor /etc/iptables.test.rule
    iptables-restore < /etc/iptables.test.rule
    iptables-save > /etc/iptables.up.rule
    editor /etc/network/if-pre-up.d/iptables


    Add these lines to iptables file:
                      #!/bin/sh
                      /sbin/iptables-restore < /etc/iptables.up.rule

    The iptables file under /etc/network/if-pre-up.d/ needs to be executable so change the permissions:

                        chmod +x /etc/network/if-pre-up.d/iptables


    Note: What I found is in some old Debian system, method b does not work. But method a works all the time.

    3. User and Group

    [[email protected] ~]# useradd test1
    [[email protected] ~]# passwd test1
    Changing password for user test1.
    New UNIX password:
    Retype new UNIX password:
    passwd: all authentication tokens updated successfully.

    [[email protected] ~]# usermod -a -G root test
    [[email protected] ~]# id test
    uid=501(test) gid=501(test) groups=501(test),0(root) context=root:system_r:unconfined_t:s0-s0:c0.c1023
    [[email protected] ~]# groups
    root bin daemon sys adm disk wheel
    [[email protected] ~]# users
    root root
    [[email protected] ~]# groupadd network

    [[email protected] ~]# groups
    root bin daemon sys adm disk wheel
    [[email protected] ~]# cat /etc/group
    root:x:0:root,test,test1
    test:x:501:
    test1:x:502:
    network:x:503:
    [[email protected] ~]# cat /etc/passwd
    root:x:0:0:root:/root:/bin/bash
    xfs:x:43:43:X Font Server:/etc/X11/fs:/sbin/nologin
    test1:x:502:502::/home/test1:/bin/bash


    4. Change Interface IP Address 

    • Temporary:
      • ifconfig eth1 192.168.2.50 netmask 255.255.255.0 up

    Restart the networking service, enter:
    # /etc/init.d/network restart

    5. Fold and Disk Commands

    [[email protected] var]# rm -r dbbackup/ -f
    [[email protected] var]# df -h
    Filesystem            Size  Used Avail Use% Mounted on
    /dev/hda3             7.6G  7.3G     0 100% /
    /dev/hda1             244M   12M  219M   6% /boot
    tmpfs                 504M     0  504M   0% /dev/shm
    /dev/hdb1             197G  197G     0 100% /data

    [[email protected] var]# du -s
    4779468 .

    6. Cron Job

    [[email protected] ~]$ sudo su –
    Password:
    [[email protected] ~]# crontab -l
    @daily scp -r find /var/netscreen/dbbackup/ -mtime -1 -type d -print [email protected]:/data
    @daily mv /root/CP_MGMT_*.tgz /data/backup/cp/

    [[email protected] ~]# crontab -e
    [[email protected] ~]# 

    There are 5 fields before the actual command:
    field                   allowed values
    —–                   ————–
    minute               0-59
    hour                  0-23
    day of month    1-31
    month               1-12 (or names)
    day of week      0-7 (0 or 7 is Sun, or use names)

    Run a command once/week scheduled Saturday morning at 6am:
    0 6 * * sat /path/to/command
    or
    0 6 * * 6 /path/to/command

    7. Create SSH Trust Relationship between two Linux Machines

    Become root:
    sudo su – 

    Change to user nsm:
    su nsm 
    Go to the /home/nsm directory:
    cd /home/nsm 
    Create the keys: (Path should be /home/nsm/.ssh/id_rsa. Leave the passphrase blank.)

      ssh-keygen -t rsa

      Secure copy the public key to the other server as the admin user: (use admin password)

        scp /home/nsm/.ssh/id_rsa.pub [email protected]<ipAddressOfOtherServer>:/home/admin/authorized_keys

        • or Go to the remote server. The command below will add the key that is in temp1 file to the end of the authorized_keys file.

        cat temp1 >> authorized_keys

        • Repeat steps 2-6 on  deviceB.   On deviceB, become root: (from user nsm, exit to root). Move the authorized_keys file that was copied to admin into nsm/.ssh:

        mv /home/admin/authorized_keys /home/nsm/.ssh/authorized_keys

        • Change ownership of authorized_keys: 

        chown nsm:nsm /home/nsm/.ssh/authorized_keys

        • At this point, you will be able to SSH between both servers without it asking for a password.

        ssh [email protected]

        8. Find Big Files in Linux File System 

        • find . -type f -size +10000 -exec ls -lh {} ; 
        • find . -type f -size +50000k -exec ls -lh {} ; | awk ‘{ print $9 “: ” $5 }’
        • Find large files (>10M) in current folder
        • find . -type f -size +10000k 

        9. Find Out My Linux Distribution Name and Version


        [[email protected] ~]# cat /etc/*-release
        Red Hat Enterprise Linux Server release 5.5 Beta (Tikanga)

        [[email protected] ~]# cat /proc/version
        Linux version 2.6.18-186.el5 ([email protected]) (gcc version 4.1.2 20080704 (Red Hat 4.1.2-46)) #1 SMP Wed Jan 27 18:14:15 EST 2010

        Linux1:~# cat /proc/version
        Linux version 2.6.26-2-amd64 (Debian 2.6.26-27) ([email protected]) (gcc version 4.1.3 20080704 (prerelease) (Debian 4.1.2-25)) #1 SMP Wed Sep 21 03:36:44 UTC 2011


        [[email protected] ~]# lsb_release -a
        LSB Version:    :core-3.1-ia32:core-3.1-noarch:graphics-3.1-ia32:graphics-3.1-noarch
        Distributor ID: RedHatEnterpriseServer
        Description:    Red Hat Enterprise Linux Server release 5.5 Beta (Tikanga)
        Release:        5.5
        Codename:       Tikanga

        Linux1:~# lsb_release -a
        No LSB modules are available.
        Distributor ID: Debian
        Description:    Debian GNU/Linux 5.0.9 (lenny)
        Release:        5.0.9
        Codename:       lenny

        uname = (Unix Name),

        [[email protected] ~]# uname -a
        Linux Linux01p 2.6.18-186.el5 #1 SMP Wed Jan 27 18:14:15 EST 2010 i686 i686 i386 GNU/Linux

        [[email protected] ~]# uname -mrs
        Linux 2.6.18-186.el5 i686



        10. Troubleshooting Linux System Issue with Vmstat Command


        [[email protected]:0]# vmstat 2 |awk ‘{now=strftime(“%Y-%m-%d %T “); print now $0}’
        2014-10-29 09:26:47 procs ———–memory———- —swap– —–io—- –system– —–cpu——
        2014-10-29 09:26:47  r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa st
        2014-10-29 09:26:47  1  0 448004  10748   1928 126520   10   13    53   581  118  155  8 11 81  1  0
        2014-10-29 09:26:49  1  0 448004  10748   1936 126520    0    0     0    84 1123 2197  5 10 84  0  0
        2014-10-29 09:26:51  1  0 448004  10780   1936 126520    0    0     0     0 1123 2145  3  6 92  0  0
        2014-10-29 09:26:53  1  0 448004  10500   1944 126512    0    0     0    82 1123 2204  6 13 82  0  0
        2014-10-29 09:26:55  1  0 448004  10500   1944 126520    0    0     0     0 1125 2139  6 11 84  0  0
        2014-10-29 09:26:58  3  0 448004  10484   1944 126520    0    0     0     0 1123 2112  6 10 84  0  0



        The ‘procs’ field has 2 columns:
            r – The number of processes waiting for run time.
            b – The number of processes in uninterruptible sleep (blocked processes).

        The ‘memory’ field has 4 columns: (see with vmstat -a)
            swpd – The amount of used swap space(virtual memory) used.
            free – The amount of idle memory(free RAM).
            inact – The amount of inactive memory.
            active – The amount of active memory.

        The ‘swap’ field has 2 columns:
            si – Amount of memory swapped in from disk (/s).
            so – Amount of memory swapped to disk (/s).

        The ‘io’ field has 2 columns:
            bi – Blocks received from a block device (blocks in).
            bo – Blocks sent to a block device (blocks out).

        The ‘system’ field has 2 columns:
            in – The number of interrupts per second, including the clock (System interrupts).
            cs – The number of context switches per second (Process context switches).

        The ‘cpu’ field has only 4 columns:
            us: Time spent running non-kernel code. (user time, including nice time).
            sy: Time spent running kernel code. (system time).
            id: Time spent idle.
            wa: Time spent waiting for IO.

        CPU slow1:
            r has numbers in it constantly, threads/tasks waiting to be processed by your gimp cpu
        CPU slow2:
            in is high, you are handling too many interrupts (likely from disk activity, but could be bad driver)
        Processes:
            us or sy is high? Some process is being a cpu hog, use top -n 1 to find it, and kill -9 the PID if needed
        Disk Subsystem Overloaded:
            wa is high? If you are waiting for IO then you need to upgrade your disk subsystem
        Not Enough RAM:
            si and so are high, swapping disk too much. You really shouldn’t swap at all for high performance. If these are high, in will be high too. Upgrade your RAM.
        Low Memory2:
            cs is high? The kernel is paging memory in and out of context. Likely you need more RAM, but it could be other issues too such as damaged hardware or pitiful software.
        Out of Memory:
            I ignore free, inact, active because it’s not as useful and understanding the actual reasons. Ie: if you are out of memory, you’ll know that, but unless you look at cs, so, si, etc you won’t know why. So it’s redundant.

        11. Check Your Public IP Address from CLI

        • curl -s checkip.dyndns.org|sed -e ‘s/.*Current IP Address: //’ -e ‘s/<.*$//’
        • curl icanhazip.com
        • telnet www.checkmyip.com 80 | grep confidence | grep -Eo ‘([0-9]{1,3}.){3}[0-9]{1,3}’
        • wget -O – -q icanhazip.com
        • wget http://ipinfo.io/ip -qO –

        12. PS command

        Display the top 5 processes consuming most of the cpu:

        [[email protected]]# ps aux –sort=-pcpu | head -5
        USER       PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
        admin     3935 14.9  1.0  33032 10344 ?        Ss   09:27   5:13 /bin/confd
        admin     3941  5.0 58.1 559724 556864 ?       Ss   09:27   1:46 /bin/monitord
        admin     4215  1.4  3.6 251040 35412 ?        Ssl  09:28   0:28 cpd

        admin     3937  0.7  0.2  26076  2808 ?        Ssl  09:27   0:15 /bin/searchd

        13. VI Command

        Cut and paste:

        • Position the cursor where you want to begin cutting.
        • Press v to select characters (or uppercase V to select whole lines).
        • Move the cursor to the end of what you want to cut.
        • Press d to cut (or y to copy).
        • Move to where you would like to paste.
        • Press P to paste before the cursor, or p to paste after.

        14. Check Hardware Info

        For CPU:
        $ cat /proc/cpuinfo
        $ lscpu

        For Memory :$ free -m (give you result by MB)
        $ cat /proc/meminfo

        For HDD:$ df -h (give you human readable result)
        $ sudo fdisk -l
        $ hdparm -i /dev/device (for example sda1, hda3…)



        15. Install a software on Linux


        For Red Hat/Fedora:
        $ yum install firefox

        If you are using Red Hat Enterprise Linux, it happens that the package you are looking for is in EPEL, so you can install that:
        sudo rpm -Uvh http://download.fedora.redhat.com/pub/epel/5/i386/epel-release-5-4.noarch.rpm

        and then you can:
        yum install ncdu.

        For Ubuntu ( run this as root ) :
        # apt-get install firefox

        For Debian/Ubuntu

        # aptitude install firefox


        Reference:



        By Jon

        Leave a Reply

        %d bloggers like this: