Commands for Linux System Administration

Know These Commands

These are the commands that a Linux system administrator needs to know. There is no way to fully explain how to use all of these commands on one page, but I can show you a few examples and jog your memory.

Remember that there are many ways to solve most any problem on the UNIX family of operating systems. So these might be the more obvious tools, or maybe the easiest to use, but there will always be other ways of accomplishing these tasks.

Are you really ready?

You have no business trying to do system administration unless you are comfortable using that operating system from its command line. Otherwise you are just asking for big trouble!

See the dedicated page of Linux/Unix commands and its suggestions for further reading in order to prepare yourself.

Booting

Boot in Unusual Ways

Stop the GRUB boot process by pressing <Escape> during the brief time before it boots the default kernel in the default way. Then you can:

Boot an alternative kernel by highlighting your choice with the arrow keys and then pressing <Enter>.

Modify the select kernel booting method by pressing <E> to edit the kernel. You can then add or change paramenters by adding these to the boot command:

systemd.unit=rescue.target
(s is deprecated)
Boot to single-user mode — root on the console with no networking. You can also use upper-case S or the digit 1 or the word single or Single.

selinux=0
Disable the NSA Security-Enhanced Linux policy enforcement if that's causing you trouble.

enforcing=0
Leave the NSA Security-Enhanced Linux policy features enabled but don't enforce the policy, just log things that would have been prevented.

systemd.unit=multi-user.target
systemd.unit=graphical.target
Boot to full server or to graphical desktop state instead of whatever the default target is.
(numeric run levels like 1, 3, 5 are deprecated)

init=/bin/sh
Simply start a shell instead of starting systemd, the replacement for init. You will need to manually mount /proc and remount the root file system in read/write mode:
# mount /proc
# mount -o rw,remount /

From here on, everything is typed at the command prompt as root.

Query and Control the Run Level

Query the current run state. This looks a little odd, you can't run a command if the system isn't running! But the point is to get the report of how it's running, its current run state:
# systemctl is-system-running

Query the default run state:
# systemctl get-default

Change the default run state:
# systemctl set-default multi-user

Change the current run state:
# systemctl isolate rescue
# systemctl isolate emergency
# systemctl isolate multi-user
# systemctl reboot
# systemctl poweroff

All this changed with systemd in RHEL/CentOS 7. See the changes.

Micro-Star International motherboard with AMD Phenom II 4-core processor.

Control services

List the states of all services configured to attempt to start:
# systemctl

List all available services and whether they are enabled or not:
# systemctl list-unit-files

List details of two specific services, whether they configured to start at run time or not (enabled versus disabled), and their current states:
# systemctl status service1 service2

Start two specific services right now. This will not configure them to automatically start after the next boot:
# systemctl start service1 service2

Enable two specific services. They will automatically start after the next boot, but they will not start now:
# systemctl enable service1 service2

Find the order and dependencies of one service:
# cd /lib/systemd/system
# more service1.target
# ls service1.target.wants

Generate a graphical plot of system startup timing:
# systemd-analyze plot > /tmp/startup-timing.svg

Generate a graphical representation of the full graph of dependencies. This takes maybe 5 minutes to generate a multi-megabyte SVG image file, and will probably be far more information than you really want. View the enormous output plot file with a browser:
# systemd-analyze dot | dot -Tsvg > /tmp/dependencies.svg

All this changed with systemd in RHEL/CentOS 7. See the changes.

Process Monitoring, Control, and Logging

Measure Running Processes

# ps axuw
# ps -elf
# pstree
# pstree -au
# pgrep process-name

Monitor Running Processes

# top
# vmstat 10
# iostat -o 10
# iotop -o

What Files (and Sockets and Pipes and Devices) do Processes Have Open?

# lsof /var/log/*
# lsof -p PID
# lsof -i
# lsof -p $( pgrep sshd )

What Processes Are Using This File System?

# fuser -m /media/dvd

Send Signals to Processes

# kill -TERM PID
# kill -HUP $( pgrep httpd )
# pkill -TERM process-name
# pkill -HUP httpd

Log Events

The rsyslog logging daemon is configured by /etc/rsyslog.conf, /etc/rsyslog.d/*, and /etc/sysconfig/rsyslog.

The scheduled logwatch job (0400 nightly) mails "interesting" events to root and the scheduled logrotate job (0400 Sundays) rotates the log files.

Users and Groups

Defined in:

/etc/passwd /etc/shadow /etc/group

Created, modified, and deleted with:

# groupadd -g GID newgroup # groupmod -g new-GID -n new-name group # groupdel old-group # vim /etc/group # useradd -m -u UID -c "Real Name" new-user # usermod -c "Real Name" -e 2018-12-31 -a -G wheel,staff -s /bin/tcsh [....] user # userdel -r old-user # passwd username # chage username

Investigated with:

# id username # groups username

The PAM files in /etc/pam.d/* control authentication, using shared libraries in /lib*/security/*.

Storage and File Systems

Detect hot-plugged storage devices:

# for FILE in $( find /sys/devices -name scan ) > do > echo '- - -' > $FILE > done

Manipulate disk partitions or labels:

# fdisk /dev/sdX # parted /dev/sdX

Manipulate Logical Volume Management (LVM):

# pvcreate /dev/sdX # vgcreate name /dev/sdX /dev/sdY # lvcreate -l size-in-extents --name name volgroup # lvcreate -l 60%FREE --name name volgroup # lvcreate -l 60%VG --name name volgroup # lvcreate -L 500G --name name volgroup # vgextend name /dev/sdZ # lvextend -l newsize-in-extents name # lvextend -l +added-extents name # lvextend -l 80%FREE name # lvextend -l +10%FREE name # lvextend -L 600G name # lvextend -L +100G name

Investigate Logical Volume Management (LVM):

# pvscan # vgscan # lvscan # pvdisplay # vgdisplay # lvdisplay

Destroy Logical Volume Management (LVM):

# lvremove name # vgremove volgroup # pvremove /dev/sdX

Also see how to rescue a Linux system with an LVM root file system for more about logical volume management.

Create File Systems:

# mkfs.btrfs /dev/sdXN # mkfs.xfs /dev/sdXN # mkfs.ext4 /dev/sdXN # mkfs.ext4 -L label -U $( uuidgen ) /dev/sdXN # mkfs.ext3 /dev/sdXN # mkfs.ext2 /dev/sdXN # mkfs.ntfs /dev/sdXN # mkfs.vfat /dev/sdXN # mkfs.msdos /dev/sdXN

Investigate, Modify, and Repair Btrfs and XFS File Systems:

# xfs_admin -[lu] /dev/sdXN # xfs_admin -l newlabel /dev/sdXN # xfs_admin -u newuuid /dev/sdXN # xfs_repair /dev/sdXN # btrfs check /dev/sdXN # btrfs rescue /dev/sdXN

Investigate, Modify, and Repair Ext2/3/4 File Systems:

# dumpe2fs /dev/sdXN # tune2fs [ several parameters ] /dev/sdXN # fsck /dev/sdXN

Create and Use Swap:

# mkswap -L label /dev/sdXN # vim /etc/fstab # swapon -a # swapon -s

Use and Measure File Systems:

# mount /dev/sdXN /path/to/mount/point # vim /etc/fstab # mount -a # df -hT # du /var/log # du -h /var/log # du -s /var/log # du -sh /var/log