Saved: Command Line Magic

Command Line Magic

Most of these came from http://rubytune.com/cheat

Process Basics

• All processes, with params + Hierarchy: ps auxww
• Show all ruby-related PIDs and processes: pgrep -fl ruby
• What is a process doing: strace -f -p $PID
• What files does a process have open: lsof -p $PID
• pkill <name of process>
• Keep an eye on a process: watch 'ps aux|grep <proc name>'

Tips N Tricks

• Change to last working dir: cd -
• Run forever: while true;do foo; sleep 1;done
• List PCI devices: lspci
• List USB devices: lsusb

• Open a serial console at device/file = /dev/ttyS0 and baudrate = 115200

  • Using Minicom (only newer versions support -D and -b): minicom -D /dev/ttyS0 -b 115200
  • When in Minicom, "Ctrl-a e" to turn on local echo
  • Using Screen: screen /dev/ttyS0 115200
  • When in Screen, "Ctrl-a esc" to enter the copy/scroll mode, which will enable page-up/down among other things

• Repeat the last command, but with sudo: sudo !!
• grep with or : grep 'pattern1\|pattern2' filename

• Get kernel and release info:

  • Kernel version: uname -a
  • Detailed kernel: cat /proc/version
  • Ubuntu version: lsb_release -a
  • partition info: sudo fdisk -l
• Find out if CPU is 32 or 64 bit: sudo lshw

• Redirection (using '<', '>', '&>', '>>', etc):

  • standard file descriptors for use with these operators:

    • 0 = stdin (input to program from command line or pipe)
    • 1 = stdout (regular output of program)
    • 2 = stderr (error outputs of program)
  • redirect stderr to stdout, and then both to a file: command > file-name 2>&1
  • redirect stderr to stdout, and then both piped to a 2nd command: find /usr/home -name .profile 2>&1 | more
  • redirect output to a file, but append to the file instead of overwriting: command >> file-name
  • Much more sophisticated examples here

Memory

• How much mem is free: free -m
• Learn how to read output: cat /proc/meminfo
• Are we swapping (First line is avg since boot): vmstat 1
• Top 10 memory hogs: ps aux|head -1 && ps aux|sort -k 4 -nr | head
• Detect OOM other bad things: for i in messages kern.log syslog; do egrep -i "sie?g|oo(m|ps)" /var/log/$i{,.0}; done
• Disable OOM killer for a process: echo -17 > /proc/$PID/oom_adj

Disk/Files

• Check reads/writes per disk: iostat -xnk 5
• Files (often logs) marked for deletion but not yet deleted: lsof | grep delete
• Overview of all disks: df -hs
• Usage of this dir and all subdirs: du -hs
• List disk partitions, including types (NTFS, ext4, etc): fdisk -l /dev/sdx, where sdx is sda, sdb, etc.

• Using the find command:

  • Find files over 100MB: find ./ -size +100000000c -print
  • Find files created in the last 7 days: find ./ -mtime 2 -o -ctime 2
  • Find file older than 14 days: find *.gz -mtime +14 -type f;
  • Find and grep files (equiv to one grep command per find): find . -type f -exec grep foo {} \;
  • Find and grep files (equiv to one grep command with all found files): find . -type f -exec grep foo {} +
  • Delete (or other action) on files older than 14 days: find *.gz -mtime +14 -type f -exec rm {} \;

• To find a file by name, there are several options (see man pages for more complete descriptions):

  • Search through the filesystem, in real time: find . -name "foo"
  • locate the binary, source, and manual page files for a command: whereis foo
  • Search through the PATH environment variable, for executable files: which foo
  • Search through a database maintained by the OS - Ubuntu does this by default: locate foo
• Generate a large file (count * bs = total bytes): dd if=/dev/zero of=file.txt count=1024 bs=102

• Mounting to ocelot: There are 2 basic approaches. Either do it with a script, calling mount, or automount it via /etc/fstab

  • m.sh:
    #!/bin/bash
#Note $1 is the directory
user={$2:-'foo'} # default second argument to 'foo', and put it in the variable user
pass=($3:-'bar'} # default third argument to 'bar', and put it in the variable pass
sudo mount -t cifs -o username=$user,password=$pass -o uid=test,dir_mode=0777,file_mode=0777,rw -o gid=$user //192.168.221.10/$1 /home/$1
    
    Then, call m.sh from another script for each mount point (mount_ocelot.sh):
    #!/bin/bash
/path/to/m.sh Manufacturing
/path/to/m.sh Engineering
/path/to/m.sh Public
    
  • Alternatively, add a line like the one below, with [user] and [password] replaced as appropriate, to /etc/fstab:
    //192.168.221.10/public /home/Public cifs username=[user],password=[password],uid=[user],dirmode=0777,file_mode=0777,gid=[user],nounix,noserverino,rw

• Dealing with tar, tar.gz, tgz, and tar.bz2 archives:

  • tar does not have compression. Use the same command examples below, but without the -z argument
  • tar.gz uses gzip compression on top of a tar file (-z option).
  • tgz is the same as tar.gz
  • tar.bz2 is like a tar.gz, but uses a different compression algorithm, and 'j' instead of a 'z' in the commands below.
  • To list files: tar -ztvf file.tar.gz
  • To extract files: tar -zxvf tar.gz
  • To create an archive: tar -zcvf archive.tgz dir/of/files/ some_other_file.txt

Networking (wired or wireless)

• TCP sockets in use

  • lsof -nPi tcp
  • netstat -lnp

• Get IP/Ethernet Info: ip addr, ifconfig
• Set extra IP address on same interface (as eth0): sudo ifconfig eth0:1 <ip_addr>
• Remove extra IP address from an interface: sudo ifconfig eth0:1 down
• host <=> IP resolution: host <ip_addr>;, host <hostname>
• Find hosts that are ping-able within a range of IP addresses: fping -g 10.3.16.41 10.3.16.250 2>1|grep alive
• Curl, display headers (I), follow redirects (L): curl -LI http://google.com
• Traceroute with stats over time (top for traceroute) Requires install: mtr google.com
• Traceroute using TCP to avoid ICMP blockage: tcptraceroute google.com

• Firewall/iptables

  • List any IP blocks/rules with packet counts: iptables -vnL
  • List any IP blocks/rules with packet counts, but for NAT tables: iptables -vnL -t nat
  • Drop any network requests from IP: iptables -I INPUT -s 66.75.84.220

• Show traffic by port: iftop
• Show all ports listening with process PID: netstat -tlnp
• Connect to GPSd stream: nc <host> 2947
• Other uses for netcat (nc): http://mylinuxbook.com/linux-netcat-command/

• Copy SSH key from localhost to server

  • cat /.ssh/id_rsa.pub | ssh user@hostname 'cat >> .ssh/authorized_keys' (assumes that the key pair has already been generated)
  • ssh-copy-id -i /.ssh/id_dsa.pub user@hostname
  • If copying to an OpenWRT machine, then also run mv /root/.ssh/authorized_keys /etc/dropbear/, from within an ssh session on the remote host.

• tcpdump on client bridge

  • Grab the first 1500 bytes of packets on the the wlan0 interface, dump to file: tcpdump -i wlan0 -s 1500 -w /tmp/foo.pcap
  • Don't convert addresses (i.e., host addresses, port numbers, etc.) to names : -n
  • Grab packets to or from port 80 on the wlan0 interface : port 80
  • Only grab packets involving 192.168.2.10: tcpdump -i eth0 ip host 192.168.2.10
  • Note: tcpdump will always use one interface, if you do not specify, it will choose for you.

• Mount a remote directory with sshfs

  • sshfs user@host: mountpoint
  • To install: #apt-get install fuse-utils sshfs; modprobe fuse

• list bridges: brctl show
• smcroute is the eCone daemon for multicast (manpage):

    smcroute < options > < commands >

    options
        -d - start daemon
        -v - verbose output

    commands - common
        -h - print help
        -k - kill daemon

    commands - multicast routing related
        -a <InputIntf> <OriginIpAdr> <McGroupAdr> <OutputIntf> [<OutputIntf>] ... - add route
        -r <InputIntf> <OriginIpAdr> <McGroupAdr> - remove route

    commands - multicast signaling related
        -j <InputIntf> <McGroupAdr> - join MC group
        -l <InputIntf> <McGroupAdr> - leave MC group

WIFI

• Check wireless interface status and set channel: iwconfig

• Check attached Wifi clients

  • Client Bridge with Repeater SW (or PPM?): iw dev wlan1 station dump
  • Phocus: wlanconfig ath0 list sta

• Check on what AP is used from client bridge: iw dev wlan0 link
• Check on AP stats from client bridge: iw dev wlan0 station dump
• Have an AP tell a client to dissassociate: iwpriv ath0 kickmac 00:02:6f:01:02:03 (use mac address of client)

• Check if radio card is working

  • dmesg, then look through the output for evidence of a wifi card.
  • lspci -k, then look for use of a wifi driver (ath5k on client bridge) (Note: not available on client bridge for releases 2.3.0 and earlier).
  • Note: brief testing with lsmod, showed identical results with and without a radio card on a client bridge (Version 2.3.0).
  • See more at the Client Bridge page.

• Temporarily change the ESSID: iwconfig ath0 essid new_ssid (ath0 for Phocus array, probably wlan0 for eCone)
• Force a scan of available access points (from a client): iw dev wlan0 scan

• List the results from the last scan of available access points (from a client), without forcing a new scan

  • iw dev wlan0 scan dump
  • wpa_cli -p /var/run/wpa_supplicant-wlan0 scan_results (The report from this command is more compact than the one above)

• wpa_cli -p /var/run/wpa_supplicant-wlan0 status

• Connect to a wireless network, via the command line, from ghacks.net:

  • (if necessary) ifconfig wlan0 up
  • iwconfig wlan0 essid NETWORK_ID key WIRELESS_KEY, if no password, then skip the key WIRELESS_KEY part.

Virtual Networks (under Linux)

• vpnc: Usually there will be a config file (name.conf), To run, change to the directory with the name.conf file, and then vpnc ./name. Notice the missing ".conf<code" and the opening "./<code". To Verify that it started, run <code>ifconfig, and look for something like <code>tun0, with an appropriate IP address for the remote location.
• openconnect is an open source version of Cisco's AnyConnect?, see more instructions at Yusen Terminals Long Beach. Ubuntu has it available via apt-get. Unlike vpnc, openconnect seems to require manually setting up routes with the ip route add command.

Package Management

• Install a package: sudo apt-get install XXX

• Search for a package

  • apt-cache search XXX, for an exact package name
  • apt-cache search "XXX", for a package name with wildcards
  • aptitude show XXX
  • aptitude show ~nXXX for the equivalent of apt-get with "XXX"

• Search the the install log: grep install /var/log/dpkg.log
• List all installed packages: dpkg -l
• List all files provided by an installed package: dpkg -L package
• List all files provided by an *un*installed package: apt-file list package. Note, you may need to apt-get install apt-file and sudo apt-file update, before this will work.
• More at Debian Package Management Cheat Sheet
• More on apt logs

• Save/Restore the list of installed packages

  • dpkg --get-selections > packages.txt
  • sudo dpkg --clear-selections
  • sudo dpkg --set-selections < packages.txt
  • See also:http://askubuntu.com/questions/17823/how-to-list-all-installed-packages
  • See also: http://wiki.mediatemple.net/w/%28ve%29:Backup_and_Restore_Installed_Packages

• Install Debian package files (.deb)

  • A single file: dpkg -i package-name-here.deb
  • A directory of deb files (recursively): dpkg -i -R /path/to/dir/name/with/lots/of/dot-deb-files/

Subversion

• commit (checkin changes): svn ci -m "commit message"
• update (make sure local/working copy has the latest): svn up
• revert (loose changes in local/working copy): <code svn revert</code>

• rollback a directory to a previous version (ie from rev 20 back to rev 17): </code>svn up; svn merge -r 20:17 .; svn ci -m "rollback commit message"</code>

  • for more see stackoverflow
• List conflicted files: svn status | grep -P '^(?=.{0,6}C)'
• To revert a file to an old version in your working copy: svn up -r 147 myfile.py
• More at Subversion Tips

Kernel Modules

• lsmod : list kernel modules that are loaded
• modprobe xxx: attempt to load kernel module xxx

Bash (Scripting)

• To increment a counter: Note: the second version does not work under busybox (ash).

  • COUNTER=$(($COUNTER + 1))
  • COUNTER=$[COUNTER + 1]
• To print then environment variables printenv, env
• Add a message to the syslog: logger message

• Check logs. Note: different unix systems use different logging mechanisms.

  • dmesg
  • cat /var/log/syslog or generally, anything in /var/log or /tmp/log or on some embedded systems, even just /tmp.
  • See Ask Ubuntu and Stackoverflow for more info.

Perfomance Analysis Tools: (from this slidedeck)

• Basic: uptime, top, htop, mtop, iostat, vmstat, free, nicstat, dstat
• Intermediate: sar, netastat, pidstat, strace, tcpdump, blktrace, iotop, slabtop, sysctl, /proc
• Advanced: perf, dtrace

Restart a locked Linux Box

• Ctrl + Alt + Print Scrn + reisub
• Just to make it clear. You need to press and hold Ctrl, Alt and Print Scrn (Sys Rq) buttons, and while holding them, you need to press r, e, i, s, u, b
• From Jovica Ilic, or wikipedia

Misc Links

• Phocus Arrays
• Command Line Management of Phocus Arrays or Client Bridges