Linux Commands and Notes

From FactotumNW Wiki

Jump to: navigation, search

Linux commands and notes

Color Type Symbol Letter
Blue Directory / D
Red Compressed Archive
White Text file
Pink Images
Cyan Links @ L
Yellow Devices
Green Executables *
Flashing Red Broken Link

Other file types

Special file C
Socket = S
Named Pipe | P
Block Device B


Command Description
named –g –p 53 check DNS status
shutdown –r (reboot) –h (halt) –P (power off) –q (output errors only) –v (verbose) now
grep -i -a -B10 -A100 'myfilename' /dev/sda1 > MyRecoveredFile.txtRecover deleted file
grep grep cron = look at syslog and cat out all “cron” grep is like a filter
grep -i greylisted /var/log/mail.log check mail.log for all instances of word greylisted
grep <name> See what’s installed
grep “/home” | cut –d: -f1 List of users w/ /home directory
grep /bin/bash” | cut –d: -f1 List of users who may not have /home
mkdirMake directory
rmdirRemove empty directory
rmRemove (-vr) –f = force, -r = directory or folder
mvMove also used to rename a file or folder mv /var/stuff /var/stuff2
cp -pCopy and preserve attributes
ls -lList –l for full info, -la and –ld for more
ln -s <link from> <name of link>symbolic link one file to another location
whichFind executables
find / -gid 5000Searches if GID 5000 is in use (also UID can be used)
find . –name “*spam*” search for the name *spam* in folder – sub-folders
./<exec>&Launches executables
groupsDisplay groups current user is in
whoor just w Display who is logged in
lastList of who has logged in
kill (-l) and PIDkill any process
kill -9 PIDuse if just kill alone d/n work
kill –sighup PID= hang up, stop, and then clean up
pstree –p shows a tree of all SID’s running
apt-cache search <filename>
apt-get installInstall programs
apt-get –dDownload only
apt-get updateto update apps
apt-get upgradeto update system
apt-get dist-upgrade upgrade any new versions
apt-get remove <name> To remove installed programs
apt-get autoremove application to remove unused dependancies
aptitude install <name> To install programs
aptitude remove clamav-base To remove programs and their dependant programs
aptitude purge phpmyadmin to completely remove it
dpkg –list
dpkg-reconfigure To reconfigure hardware after hardware swapping or upgrades
dpkg –l see what’s installed and the version
datechange the date and time with for month, day, hour, minute, year, second (with a period before second)
tzconfig or tzselectconfigure timezone, steps you through selection
id <name>shows groups and SIDs for the <name> you select, i.e., id david shows all UID, GID's and their names associated with the name
df and df –h (human) Used disk space
du (disk usage) (-h for human display, -s for summarize, -c total) disk space used
cat Look at file w/o editing
service postfix startStart Postfix service, (dovecot, httpd)
chkconfig postfix onSets Postfix, (dovecot, httpd), to start automatically
tail –f /var/log/mail.log To look at last 10 lines of mail log interactively
tail –f /var/log/syslog To look at last 10 lines of the system log interactively
tail -n 20 /var/log/syslog To look at last 20 lines of the system log
postconf –dProvides DEFAULT config data
grep virtual_mailbox_limit list only looks at one piece in the config
postconf –nProvide CURRENT config data
postconf mail_version Give the Postfix version
postfix reloadreloads Postfix
postfix checkIf it returns nothing then it’s good
postfix flushFlushes Postfix queue
mailqShows what's in the email queue
newaliasesCommand to run after altering /etc/aliases file
mysqladmin root <newpassword> to change mysqladim password
mutt –f .To access emails
mutt -f imaps://
mutt -f imaps:// /MissedSpam
clamscan /usr/share/doc/clamav/examples/* will scan for viruses of all files.
whereis amavis will show where amavis is at
uname –ashows Linux kernel version
sudo !!will repeat last command except add the sudo prefix this time
sudo –i –u amanda will switch to amanda login (password asked is yours not amanda’s)
sudo su - (type user password), then passwd - (type new passwrd)
adduser username
deluser username does not delete their home folder
passwd –l username will lock the user account
passwd –u username will unlock the account
addgroup groupname
delgroup groupname
adduser username groupname will add a user to a specific group
adduser rodney admin adds rodney to admin group
chage –l usernamegive some info on user password
usermod -d /var/www/nevels4home geraldusermod modifies user acct, -d is directory, -p password, -L to lock
cat /etc/passwdshows all users on server
id richshows uid and gid and groups for user rich
perl -MMIME::Base64 –e 'print “passwd –l root” disables root account
encode_base64("rodney\\0rodney\\0<password>")';this creates a Base64 encryption of email and password
ps –axf (or aux) (Process Display) List programs running (see who else is logged in and doing)
ps fax lists running programs in tree format
ps –AList all processes running
fuser –m /dev/sda1 see what process (PID) has hold of USB drive
Dovecot –versionFind dovecot version number
amavis-new –V for version of Amavis
nmap –sV localhost runs check on open ports and which for service
nmap –p 1-1024 checks all ports open from 1 to 1024 on a certain IP
apcaccessAPC UPS status
openssl –vulnkey /path/to/certificate_or_key to check vulnerability of current SSL/TLS
less list of pci devices (:q to escape out) (cat /proc/modules = same thing)
lsusbfor usb types
noapic apic = Advanced Programmable Interrupt Controllers, to set interrupts on hardware
dmesgto print kernel messages and see hardware and how it booted up and saw the hardware -
mii-diagEthernet diagnostics
modprobe ov511 check to see if module is installed, (ie ov511 video driver)
nice –n 12 <process> This will set priority of a process to 12 (-20 to 19) low numbers = highest priority, used to control h/d and cpu intensive processes
renice ??
time To watch time it takes process to finish (need to research)
topText-based resource output - press h for help – press k to kill PID – press n for nice PID – press r to reschedule – press q to quit
htop(installed) top bar – cpu – blue=low priority, green=normal, red=kernel memory – green=used, blue=buffer, yellow=cache swap – red=used
iftopinstalled – network monitoring
ifconfig eth0:0 netmask upthis will create an IP to the exist NIC – BUT must add this in /etc/network/interfaces too.
ifconfig eth0 down take eth0 down or-
ifdown eth0
ifconfig eth0 upbrings it back up or-
ifup eth0
netstat –paln | grep 953 shows if Bind is listening on port 953
netstat –nat displays all network connections
netstat –tulpdisplays open ports
netstat –idisplays eth xfer stats
netstat –e, –te, –tue (t=tcp, u=udp, e=established) displays active/established connections only
free display free and used memory
watch reruns a command every 2 seconds “watch free”
vmstat 5 10memory, I/O, cpu stats every 5 seconds for 10 iterations
uptime time since last reboot and load averages (high numbers = high loads)
xosview –geometry 406x488 –font 8x16 +load +cpu +mem +swap +page +disk +int +net &
apachetop –f /var/www/apache2/factotumnw.access.logInstalled – real time apache access “-s 2” will only use 2-deep url paths and combine stats as 1
vmstat process and i/o status (i/o = bi bo)
ltracetrace calls a program executes (too much for me)
tar –xjfto uncompress bz2 file
apache2ctl restart restarts Apache
crontab –eto edit cron in nano editor
export EDITOR=nano to change default editor
echo $EDITORto see what default editor is (vi if not set)
echo $VISUALto check editor too.
routedisplays the routing table
lshw –C networklists all eth(x) info.
ethtool -i eth0displays drivers used for the eth0
ethtool eth0displays more eth0 info
ethtool –s duplex full eth3change duplex on eth3 to full
mii-tool eth0also gives info on eth0 can do eth settings too
mkfs.ext3formats the drive to ext3 format (dangerous!)
iptables-restore –c –n The –c is used to restore the couter info from and iptables-save –c command. The –n causes the restore not to destroy the rules already in the iptables.
iptables –L –v –nIPTables list
dmesg -n lused to view or manage kernel ring buffer (-n l - ??)
dmesg > boot.messages will output boot
dmesg by itself to see kernel ring
ip link set eth2 name eth0 to change eth name but will not hold after reboot
vim /etc/udev/rules.d/70-persistent-net.rules to change the eth(x) number for NICs
diff name name compare 2 files line by line
dhclient -r Renew DHCP IP address
sudo fdisk -l List the partition tables
sudo fdisk /dev/sdb create partition on drive sdb, p=primary, 83=type format for Linux, L=list, w=write, q=quit
partprobe /dev/sdb Update kernel with the changes to adding partition
sudo mkfs /dev/sdb1 -t ext4 Format the sdb1 partition
sudo mkdir /mnt/sdb1 Make mount point for the new drive
sudo chmod 777 /mnt/sdb1 make the mount point writable
sudo mount /dev/sdb1 /mnt/sdb1 -1 ext4 mount the drive
touch /mnt/sdb1/test.txt then ls /mnt/sdb1/* write a file and see if it's there.
sudo vim /etc/fstab edit filesystem tab file to add new mount point
Add - "/dev/sdb1 /mnt/sdb1 ext4 defaults 0 0" without quotes and then save it add this to bottom of fstab file
mount -a To mount all drives
sudo iotop -p 400 iotop will look at pid 400 0nly, also use -b batch, -n NUM for number of interations before quit, -a accumulated io

Useful things

Increase Nautilus Compact-View size:

Open up the run window (Alt+F2)
Type in gconf-editor
apps > nautilus > compact_view
uncheck the field all_columns_have_same_width

Active vs passive FTP

Active – FTP client sends server a port and IP address to connect to. Then the client opens the port and the server connects to that port from a random unpriviledged port >1024.
Passive – Client tells server it wants some data upon which the server replies with and IP and port to connect to. The client will then connect to that specific port from its own port 20.

lock ftp browsing

modify /etc/proftpd/proftpd.conf and un-remark DefaultRoot ~ to make it valid
set the home folder for the user where you want them to start from such as /var/www/nevel4home

man netstat

manual on the command netstat

man –k “delete directory”

for key-word search of manuals

whatis rm

info on the command rm

whatis netstat

info on netstat

Crontab syntax “* * * * * command to execute”

min (0-59), hour (0-23), day of month(1-31), month(1-12), day of week (0-6 Sunday=0)

LogRotate can send emails too

Check /var/lib/amavis/virusmails/ folders and clean it out now and again.


File used to auto-mount devices

Logs to view

syslog daemon.log

To mount USB drive

mkdir /mnt/usb
mount –t auto (or scsi-g3) /dev/sdb1 /mnt/usb
or mount /dev/sda1 /mnt/usb
Fat16 Fat32 NTFS ext2 ext3 reiserFS XFS
NTFS-3g = Ubuntu defaultF

To unmount

umount /mnt/usb

eject cdrom

To do just that

To change MySQL Root password

“mysql –p” (log in to mysql using root after entering old password)
mysql> “set password = password(‘newpassword’);”

Packages status and state in /var/lib/aptitude/pkgstates

Hold a package state = 2, Manual install = 1, Auto install = 3

Packages cached in /var/cache/apt/archives/


vim /root/.spamassassin/user_prefs whitelist_from *
vim /etc/postgrey/whitelist_clients


lots of instances in ps. May be removed – allows multiple users to have access to devices.


IP traffic on NIC monitoring

VIM Commands

Precede commands with a colon
q - Quit
w - Write file
x - Same as wq if made changes, no save if no changes
0 - To beginning of line
$ - To end of line
Esc - Exit mode and go to command mode
d - Delete current row, or dd
v - Start highlighting characters
V - Start highlighting lines
y - Yank the highlighted text
d - Delete highlighted text, or dd (in visual mode)
p - Put the text you yanked or deleted
P - Put characters before the cursor, put lines above the current line
u - Undo the last action
U - Undo changes done to current line
Ctrl + r - Redo
/pattern - Search for the pattern
n - Search for next search in same direction
N - Search for next search in opposite direction
rs/foo/bar/a - Substitute foo with bar. the r determines range and a determines the argument
r can be nothing (work on current line only) or number (work on line number given) or % (the whole file
a can be g replace all occurrences) i (ignore case) I (don't ignore cases) c (confirm each occurrence)
Examples -
452s/foo/bar/ - Replaces first occurrence of foo with bar on line 452
s/foo/bar/g - Replace every occurrence of foo with bar on current line
%s/foo/bar/g - Replace every occurrence of foo with bar in whole file
%s/foo/bar/gi - Same as above but ignore case
%s/foo/bar/gc - Confirm each occurrence


chown rodney:rodney <file>
chmod 662 /etc/<file> = -rw-rw--w-
chmod 713 = -rwx--x-wr
chmod 755 = -rwxr-xr-x
chmod u=rw,g=r,o= = -rw-r-----
chmod a-w removes write
chmod a+x adds execute

Who r(ead w(rite (e)x(ecutable)
u(ser) 4 2 1
g(roup) 4 2 1
o(ther) 4 2 1

user ls output owner -rwx------ group ----rwx--- other -------rwx

Website folder permissions = 755

Website file permissions = 644

Apt-get source file are listed in /etc/apt/sources.list

Postfix Stuff

PostGrey for spam prevention
Edit /etc/postfix/
#adding the postgrey policy
smtpd_recipient_restrictions =
check_policy_service inet:,

Edit /etc/default/postgrey to change default time server can try again

POSTGREY_OPTS="--inet= --delay=60"
#POSTGREY_TEXT="Your customized rejection message here"
Personal tools