How can we remove every files in current directory?
// It is the number 1 ls -1 | xargs rm find -type f -delete
How can we determine the program that is listening on a particular port?
sudo lsof -i -P | grep -i "listen" netstat -anp
What are my favorite utilities?
How can we delete hard-to-delete files?
- Invoke emacs on the directory containing the file in question by CTRL-X CTRL-F
- Move the cursor to the file in question
- Enter d to mark the file for deletion, u to unmark, # to mark all auto-saved file and ~ to mark all backup files
- Enter x to delete all marked file
How to determine the version of the running OS?
uname -a cat /etc/issue cat /etc/fedora-release
Troubleshooting and logging
top - Prints a display of system processes that's continually updated until the user presses q.
dmesg - Prints the messages resulting from the most recent system boot.
dconf gather hardware and software snapshot for troubleshooting
apropos - find possible manual page entries
write username [tty]
/etc/motd .hushlogin // disable message of the day
pgrep / pkill
lspci list PCI devices
lsusb list USB devices
lsdev display information about installed hardware devices
w - See who is logged onto the system.
wall - Prints a message to each user except those who've disabled message reception. Type Ctrl-D to end the message.
dd and netcat
free - Displays the amount of used and free.
ping IP - Sends an echo request via TCP/IP to the specified host. A response confirms that the host is connected to the network.
traceroute IP - Uses echo requests to determine and print a network path to the host.
Ethereal / Wireshark
XAMPP / LAMPP
Private IP Addresses
Run Levels / Operating Modes
Installing Linux Without Touching MBR
/usr/local/sbin/pure-ftpd -e -i -R &
I've disabled the firewall on my desktop server, made a change to /etc/ssh/sshd_config
Can't open display: localhost:10.0
uadmin // equivalent of shutdown on SCO, Solaris, IRIX
/etc/savecore /var/adm/crash // copy the content of crash dump to a file
swapon -a // start paging
groups // display a list of available user group
groups harvey // list groups that user harvey belong to
newgrp graphics // On older SystemV, change active group
id // display userid and groupid
who -r // display current runlevel
crash // examine crash dump
pwck, grpck // perform syntax checking on /etc/passwd and /etc/group
kill -9 (KILL) -15 (TERM) -3 (QUIT) -2 (INT)
reboot -n // prevent sync
mknod name clb major minor
ups_mond // HPUX monitor system physical status
deliver // mail daemon on SCO
lpd // printing daemon on BSD
lpsched // printing daemon on System V and Solaris. Solaris also use sac and listen.
qdaemon // printing daemon on AIX
netls // license server, rely on Network Computing System (NCS)
// local and global location broker daemon, llbd and glbd
expreserve // recover editor files from vi, ed, and other ex-based editor
elvis -vi-clone elvprsv // available on Linux
How can we configure our Linux servers to send / forward / relay email through a relay server?
Most Linux distribution use sendmail. Check your distribution's documentation. For sendmail, go to the sendmail page and search for "relay".
How can we find the version of the installed operating system?
cat /etc/redhat-release uname -a
How can we use init to respawn a process that keep on dying unexpected?
ndo:345:respawn:/usr/local/nagios/bin/ndo2db -c /usr/local/nagios/etc/ndo2db.cfg
How can we find the current runlevel
How can we find the time of when the system was rebooted
How can we find the MAC address of a remote host given its IP address?
How can we determine if two hosts on a network have the same IP address?
How can we determine the cause of high IO wait:
- ps -auxww and look under the "Start" column to see what actual command has been running the longest.
- get the PID of that command and look for it in /proc
- cd /proc/"PID"
- watch 'ls -l fd' (Will actually show files being process in realtime)
I like to use watch instead of strace ( My eyes can't keep up with all the fast moving text. In a seperate xterm windows, run iostat -d 2 (disk) and iostat -c 2 (cpu). It will be cat and mouse for awhile but eventually you will find the culprit.
How can we make a Linux Live CD?
I NEED TO COMPLETE THIS.
What are the advantages of using a live CD (compare to having an image server and booting from network)?
I NEED TO COMPLETE THIS.
What is the graphical tool that we can use to reconfigure the network?
How can we reboot the machine from the command line?
shutdown -r now
What does ARP abbreviate for?
Address Resolution Protocol. When a host want to know the ethernet address corresponding to a certain IP, it send out a broadcast query for the IP address. Each receiving host compare it to its own IP address, and if it match, it returns an ARP reply to the inquiring host.
How can we monitor a process and automatically restart it via init if it fails?
Let says that we have a problematic process that need to be on life-support (for whatever reason, it keep crashing). Edit /etc/inittab:
After adding this entry, run /sbin/telinit q to get it to reload.
What is the name of the kernel executable image?
- vmlinuz: compressed
What is the purpose of the /etc/securesingle file?
On Linux systems, if the /etc/securesingle file exists, then password is required for single user mode.
How can we boot into single user mode?
At the boot prompt: specify linux single
What is the purpose of lilo?
I do not remember what lilo is. I think lilo is a boot loader. The /etc/lilo.conf:
other=/dev/hda4 label=dos table=/dev/hda
lilo -c /etc/lilo.conf
How can we password protect single user mode for Linux using lilo?
1. Edit /etc/lilo.conf:
boot=/dev/hda map=/boot/map install=/boot/boot.b prompt timeout=50 linear default=linux image=/boot/working label=working read-only root=/dev/hda8 restricted password=...
2. lilo (I NEED TO COMPLETE THIS)
How can we update the superblock of all filesystems?
- bdflush // on most system
- syncd // on AIX
- fsflush // on Solaris
- update, bdflush // on Linux
How can we monitor unsuccessfuly login attempts?
The shadow packages on some Linux system will log failures to the binary /var/adm/faillog file if enabled with FAILLOG_ENAB setting in /etc/login.defs. The command **faillog -p" can be used to view login failure.