Limited Time Offer!

For Less Than the Cost of a Starbucks Coffee, Access All DevOpsSchool Videos on YouTube Unlimitedly.
Master DevOps, SRE, DevSecOps Skills!

Enroll Now

Linux Tutorials: Commands for Linux Administrator

linux-commands-administrators

Table of Contents

1. sudo – Execute commands with elevated privileges, a fundamental for system administration.

2. useradd – Create a new user account, essential for managing user access.

3. usermod – Modify a user account, useful for changing account properties.

4. userdel – Delete a user account, important for managing system access.

5. groupadd – Add a new group, crucial for managing group permissions.

6. groupmod – Modify a group, allows changing group attributes.

7. groupdel – Delete a group, used for removing group access.

8. chown – Change file owner and group, vital for managing file permissions.

9. chmod – Change file access permissions, key for securing system files.

10. chgrp – Change group ownership, important for managing group file access.

11. passwd – Update a user’s password, critical for account security.

12. adduser – Add a user account (more interactive than useradd).

13. deluser – Delete a user account (more user-friendly than userdel).

14. visudo – Edit the sudoers file, crucial for configuring sudo privileges.

15. systemctl – Control and manage systemd units, essential for managing services.


# 1. Start a service immediately
systemctl start serviceName.service

# 2. Stop a service immediately
systemctl stop serviceName.service

# 3. Restart a service
systemctl restart serviceName.service

# 4. Show the status of a service
systemctl status serviceName.service

# 5. Enable a service to start on boot
systemctl enable serviceName.service

# 6. Disable a service from starting on boot
systemctl disable serviceName.service

# 7. Check whether a service is enabled
systemctl is-enabled serviceName.service

# 8. Reload the service configuration without interrupting operations
systemctl reload serviceName.service

# 9. View all running services
systemctl list-units --type=service --state=running

# 10. Mask a service to prevent it from being started, manually or automatically
systemctl mask serviceName.service

16. journalctl – Query and display messages from the journal, used for system logging.


# 1. Display all log messages
journalctl

# 2. Display log messages from the current boot
journalctl -b

# 3. Display log messages from a previous boot
journalctl -b -1

# 4. Follow the journal live (similar to tail -f)
journalctl -f

# 5. Show kernel messages (similar to dmesg)
journalctl -k

# 6. Filter log messages by a specific unit
journalctl -u nginx.service

# 7. Filter log messages by priority (0=emerg to 7=debug)
journalctl -p err

# 8. Show log messages in a specific time range
journalctl --since "2023-01-01" --until "2023-01-02"

# 9. Show log messages for a specific process ID
journalctl _PID=1234

# 10. Combine filters, e.g., show error messages for a specific unit since yesterday
journalctl -u apache2.service -p err --since yesterday

17. top – Display task manager, important for monitoring system performance.


# Note: Most examples are intended to be used within top's interactive mode

# 1. Start top with a specific delay between updates in seconds
top -d 5

# 2. Display top for a specific user's processes
top -u username

18. htop – Interactive process viewer, an enhanced alternative to top.

19. df – Report file system disk space usage, crucial for monitoring disk usage.

20. du – Estimate file space usage, useful for managing disk space.

21. free – Display memory usage, important for memory management.

22. vmstat – Report virtual memory statistics, helpful for performance monitoring.


# 1. Basic usage - Display virtual memory statistics
vmstat

# 2. Display vmstat output with a specific interval and count
# This will display the report every 2 seconds, 5 times
vmstat 2 5

# 3. Show memory statistics in megabytes
vmstat -S M

# 4. Display additional information including slab info
vmstat -m

# 5. Display disk statistics
vmstat -d

# 6. Display partition statistics
vmstat -p /dev/sda1

# 7. Display event counter statistics
vmstat -s

# 8. Show CPU activity as an average since the last reboot
vmstat -a

# 9. Include timestamps in the output
vmstat -t

# 10. Display statistics with a delay and include timestamp
# This will show the report every 3 seconds with the timestamp included
vmstat 3 -t

23. iostat – Monitor system input/output device loading, used for diagnosing performance issues.


# 1. Basic usage - Display the CPU and device utilization report
iostat

# 2. Display the report at 2-second intervals
iostat 2

# 3. Display the extended statistics with more details
iostat -x

# 4. Display disk utilization report every 2 seconds, 3 times
iostat 2 3

# 5. Show only CPU statistics
iostat -c

# 6. Show only device utilization statistics
iostat -d

# 7. Display statistics in megabytes per second
iostat -m

# 8. Show extended statistics with device utilization, refreshing every 5 seconds indefinitely
iostat -dx 5

# 9. Display statistics for a specific device (e.g., sda)
iostat -d sda

# 10. Display persistent device names and extended statistics
iostat -Nx

24. netstat – Display network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.


# 1. List all ports (both listening and non-listening ports)
netstat -a

# 2. List all listening ports
netstat -l

# 3. Display TCP connections
netstat -t

# 4. Display UDP connections
netstat -u

# 5. Show statistics by protocol (e.g., TCP, UDP)
netstat -s

# 6. Display listening TCP ports with numeric addresses and don't resolve names
netstat -lnt

# 7. Display listening UDP ports with numeric addresses and don't resolve names
netstat -lnu

# 8. Show the routing table
netstat -r

# 9. Display all sockets, including listening and non-listening, without resolving names
netstat -an

# 10. Show which process is using a particular port
netstat -tulnp

25. ss – Another utility to investigate sockets, replaces netstat.

26. ip – Show / manipulate routing, devices, policy routing and tunnels, central for network configuration.

27. ifconfig – Configure a network interface, traditionally used before ip.

28. iptables – Administer IPv4 packet filtering and NAT, key for firewall management.


# 1. List all current iptables rules
iptables -L

# 2. Block traffic from a specific IP address
iptables -A INPUT -s 192.168.1.100 -j DROP

# 3. Allow SSH access from a specific IP address
iptables -A INPUT -p tcp -s 192.168.1.100 --dport 22 -j ACCEPT

# 4. Reject all incoming traffic but allow outgoing traffic
iptables -P INPUT REJECT
iptables -P OUTPUT ACCEPT

# 5. Allow traffic to a specific port (e.g., HTTP port 80)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT

# 6. Delete all rules in a specific chain (e.g., INPUT chain)
iptables -F INPUT

# 7. Block all traffic from a specific subnet
iptables -A INPUT -s 192.168.1.0/24 -j DROP

# 8. Allow all incoming traffic on a specific interface (e.g., eth0)
iptables -A INPUT -i eth0 -j ACCEPT

# 9. Log dropped packets
iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables dropped: " --log-level 7

# 10. Save iptables rules to be loaded on boot
iptables-save > /etc/iptables/rules.v4

29. firewalld – Dynamically manage firewall with support for network zones.


# 1. Start firewalld
sudo systemctl start firewalld

# 2. Enable firewalld to start at boot
sudo systemctl enable firewalld

# 3. Check the status of firewalld
sudo systemctl status firewalld

# 4. Reload firewalld rules without losing state
sudo firewall-cmd --reload

# 5. List all active zones
sudo firewall-cmd --get-active-zones

# 6. Set the default zone
sudo firewall-cmd --set-default-zone=public

# 7. Add a service to the default zone permanently
sudo firewall-cmd --permanent --add-service=http

# 8. Open a port in the default zone permanently
sudo firewall-cmd --permanent --add-port=8080/tcp

# 9. Remove a service from the default zone permanently
sudo firewall-cmd --permanent --remove-service=http

# 10. List all rules in the default zone
sudo firewall-cmd --list-all

30. nftables – Modern replacement for iptables, ip6tables, arptables, and ebtables.

31. crontab – Schedule periodic background jobs, essential for automating tasks.

32. rsync – Fast, versatile file copying tool, important for backups and synchronization.

33. tar – Archive utility, used for packing and unpacking archive files.

34. gzip / bzip2 – Compress or expand files, crucial for managing file sizes.

35. unzip / zip – Compress and decompress files in zip format.

36. mount – Mount a filesystem, important for attaching storage devices.

37. umount – Unmount file systems, counterpart to mount.

38. fsck – Check and repair a Linux filesystem, crucial for filesystem maintenance.

39. lvm – Logical Volume Manager, essential for managing disk storage.

40. ssh – Secure Shell, a protocol for secure remote login and other secure network services.

41. scp – Secure copy (remote file copy program), used for secure file transfer.

42. sftp – Secure File Transfer Program, another secure file transfer utility.

43. wget – Non-interactive network downloader, used for downloading files from the web.

44. curl – Tool to transfer data from or to a server, supports various protocols.


# 1. Download a file
curl -O http://example.com/file.txt

# 2. Save the downloaded file with a specific filename
curl -o newfilename.txt http://example.com/file.txt

# 3. Use curl with a user agent
curl -A "Mozilla/5.0" http://example.com

# 4. Send a GET request
curl -X GET http://example.com

# 5. Send a POST request with data
curl -X POST -d "data=example" http://example.com/post

# 6. Send a POST request with a file
curl -X POST -F "file=@localfile.txt" http://example.com/upload

# 7. Pass a header to the HTTP request
curl -H "X-Custom-Header: value" http://example.com

# 8. Follow HTTP redirects
curl -L http://example.com

# 9. Perform a basic HTTP authentication
curl -u username:password http://example.com

# 10. Use verbose mode to see request/response details
curl -v http://example.com

# 11. Make a request to an HTTPS site that has a self-signed cert
curl -k https://example.com

# 12. Resume a previous file transfer
curl -C - -O http://example.com/bigfile.zip

# 13. Limit the bandwidth for file download
curl --limit-rate 100K -O http://example.com/bigfile.zip

# 14. Use a proxy for the HTTP request
curl -x http://proxy-server:port http://example.com

# 15. Get the HTTP headers of a URL
curl -I http://example.com

# 16. Use cookies with your request
curl -b "name=value" http://example.com

# 17. Store server's response cookies into a file
curl -c cookies.txt http://example.com

# 18. Send a custom request method
curl -X PUT http://example.com

# 19. Use IPv6 for the request
curl -6 http://example.com

# 20. Include both request headers and response in the output
curl -i http://example.com

Rajesh Kumar
Follow me
Subscribe
Notify of
guest
0 Comments
Newest
Oldest Most Voted
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x