Thank you for editing Command Line Magic. Your careful attention to detail is much appreciated.
Command Line Magic
Most of these came from http://rubytune.com/cheat
Process Basics
- All processes, with params + Hierarchy:
ps auxww
- Show all ruby-related PIDs and processes:
pgrep -fl ruby
- What is a process doing:
strace -f -p $PID
- What files does a process have open:
lsof -p $PID
pkill <name of process>
- Keep an eye on a process:
watch 'ps aux|grep <proc name>'
Tips N Tricks
- Change to last working dir:
cd -
- Run forever:
while true;do foo; sleep 1;done
- List PCI devices:
lspci
- List USB devices:
lsusb
- Open a serial console at device/file = /dev/ttyS0 and baudrate = 115200
- Using Minicom (only newer versions support -D and -b): minicom -D /dev/ttyS0 -b 115200
- When in Minicom, "Ctrl-a e" to turn on local echo
- Using Screen:
screen /dev/ttyS0 115200
- When in Screen, "Ctrl-a esc" to enter the copy/scroll mode, which will enable page-up/down among other things
- Repeat the last command, but with sudo:
sudo !!
- grep with or :
grep 'pattern1\|pattern2' filename
Get kernel and release info:
- Kernel version:
uname -a
- Detailed kernel:
cat /proc/version
- Ubuntu version:
lsb_release -a
- partition info:
sudo fdisk -l
- Kernel version:
- Find out if CPU is 32 or 64 bit:
sudo lshw
Redirection (using '<', '>', '&>', '>>', etc):
standard file descriptors for use with these operators:
- 0 = stdin (input to program from command line or pipe)
- 1 = stdout (regular output of program)
- 2 = stderr (error outputs of program)
- redirect stderr to stdout, and then both to a file:
command > file-name 2>&1
- redirect stderr to stdout, and then both piped to a 2nd command:
find /usr/home -name .profile 2>&1 | more
- redirect output to a file, but append to the file instead of overwriting:
command >> file-name
- Much more sophisticated examples here
Memory
- How much mem is free:
free -m
- Learn how to read output:
cat /proc/meminfo
- Are we swapping (First line is avg since boot):
vmstat 1
- Top 10 memory hogs:
ps aux|head -1 && ps aux|sort -k 4 -nr | head
- Detect OOM other bad things:
for i in messages kern.log syslog; do egrep -i "sie?g|oo(m|ps)" /var/log/$i{,.0}; done
- Disable OOM killer for a process:
echo -17 > /proc/$PID/oom_adj
Disk/Files
- Check reads/writes per disk:
iostat -xnk 5
- Files (often logs) marked for deletion but not yet deleted:
lsof | grep delete
- Overview of all disks:
df -hs
- Usage of this dir and all subdirs:
du -hs
- List disk partitions, including types (NTFS, ext4, etc):
fdisk -l /dev/sdx
, wheresdx
is sda, sdb, etc. Using the
find
command:- Find files over 100MB:
find ./ -size +100000000c -print
- Find files created in the last 7 days:
find ./ -mtime 2 -o -ctime 2
- Find file older than 14 days:
find *.gz -mtime +14 -type f;
- Find and grep files (equiv to one grep command per find):
find . -type f -exec grep foo {} \;
- Find and grep files (equiv to one grep command with all found files):
find . -type f -exec grep foo {} +
- Delete (or other action) on files older than 14 days:
find *.gz -mtime +14 -type f -exec rm {} \;
- Find files over 100MB:
To find a file by name, there are several options (see man pages for more complete descriptions):
- Search through the filesystem, in real time:
find . -name "foo"
- locate the binary, source, and manual page files for a command:
whereis foo
- Search through the
PATH
environment variable, for executable files:which foo
- Search through a database maintained by the OS - Ubuntu does this by default:
locate foo
- Search through the filesystem, in real time:
- Generate a large file (count * bs = total bytes):
dd if=/dev/zero of=file.txt count=1024 bs=102
Mounting to ocelot: There are 2 basic approaches. Either do it with a script, calling
mount
, or automount it via/etc/fstab
- m.sh:
#!/bin/bash
#Note $1 is the directory
user={$2:-'foo'} # default second argument to 'foo', and put it in the variable user
pass=($3:-'bar'} # default third argument to 'bar', and put it in the variable pass
sudo mount -t cifs -o username=$user,password=$pass -o uid=test,dir_mode=0777,file_mode=0777,rw -o gid=$user //192.168.221.10/$1 /home/$1
Then, callm.sh
from another script for each mount point (mount_ocelot.sh):
#!/bin/bash
/path/to/m.sh Manufacturing
/path/to/m.sh Engineering
/path/to/m.sh Public
- Alternatively, add a line like the one below, with [user] and [password] replaced as appropriate, to
/etc/fstab
:
//192.168.221.10/public /home/Public cifs username=[user],password=[password],uid=[user],dirmode=0777,file_mode=0777,gid=[user],nounix,noserverino,rw
- m.sh:
Dealing with tar, tar.gz, tgz, and tar.bz2 archives:
- tar does not have compression. Use the same command examples below, but without the -z argument
- tar.gz uses gzip compression on top of a tar file (-z option).
- tgz is the same as tar.gz
- tar.bz2 is like a tar.gz, but uses a different compression algorithm, and 'j' instead of a 'z' in the commands below.
- To list files:
tar -ztvf file.tar.gz
- To extract files:
tar -zxvf tar.gz
- To create an archive:
tar -zcvf archive.tgz dir/of/files/ some_other_file.txt
Networking (wired or wireless)
- TCP sockets in use
lsof -nPi tcp
netstat -lnp
- Get IP/Ethernet Info:
ip addr
,ifconfig
- Set extra IP address on same interface (as eth0):
sudo ifconfig eth0:1 <ip_addr>
- Remove extra IP address from an interface:
sudo ifconfig eth0:1 down
- host <=> IP resolution:
host <ip_addr>;, host <hostname>
- Find hosts that are ping-able within a range of IP addresses:
fping -g 10.3.16.41 10.3.16.250 2>1|grep alive
- Curl, display headers (I), follow redirects (L):
curl -LI http://google.com
- Traceroute with stats over time (top for traceroute) Requires install:
mtr google.com
- Traceroute using TCP to avoid ICMP blockage:
tcptraceroute google.com
- Firewall/iptables
- List any IP blocks/rules with packet counts:
iptables -vnL
- List any IP blocks/rules with packet counts, but for NAT tables:
iptables -vnL -t nat
- Drop any network requests from IP:
iptables -I INPUT -s 66.75.84.220
- List any IP blocks/rules with packet counts:
- Show traffic by port:
iftop
- Show all ports listening with process PID:
netstat -tlnp
- Connect to GPSd stream:
nc <host> 2947
- Other uses for netcat (nc): http://mylinuxbook.com/linux-netcat-command/
- Copy SSH key from localhost to server
cat /.ssh/id_rsa.pub | ssh user@hostname 'cat >> .ssh/authorized_keys'
(assumes that the key pair has already been generated)ssh-copy-id -i /.ssh/id_dsa.pub user@hostname
- If copying to an OpenWRT machine, then also run
mv /root/.ssh/authorized_keys /etc/dropbear/
, from within an ssh session on the remote host.
- tcpdump on client bridge
- Grab the first 1500 bytes of packets on the the wlan0 interface, dump to file:
tcpdump -i wlan0 -s 1500 -w /tmp/foo.pcap
- Don't convert addresses (i.e., host addresses, port numbers, etc.) to names :
-n
- Grab packets to or from port 80 on the wlan0 interface :
port 80
- Only grab packets involving 192.168.2.10:
tcpdump -i eth0 ip host 192.168.2.10
- Note: tcpdump will always use one interface, if you do not specify, it will choose for you.
- Grab the first 1500 bytes of packets on the the wlan0 interface, dump to file:
- Mount a remote directory with sshfs
sshfs user@host: mountpoint
- To install:
#apt-get install fuse-utils sshfs; modprobe fuse
- list bridges:
brctl show
- smcroute is the eCone daemon for multicast (manpage):
smcroute < options > < commands > options -d - start daemon -v - verbose output commands - common -h - print help -k - kill daemon commands - multicast routing related -a <InputIntf> <OriginIpAdr> <McGroupAdr> <OutputIntf> [<OutputIntf>] ... - add route -r <InputIntf> <OriginIpAdr> <McGroupAdr> - remove route commands - multicast signaling related -j <InputIntf> <McGroupAdr> - join MC group -l <InputIntf> <McGroupAdr> - leave MC group
WIFI
- Check wireless interface status and set channel:
iwconfig
- Check attached Wifi clients
- Client Bridge with Repeater SW (or PPM?):
iw dev wlan1 station dump
- Phocus:
wlanconfig ath0 list sta
- Client Bridge with Repeater SW (or PPM?):
- Check on what AP is used from client bridge:
iw dev wlan0 link
- Check on AP stats from client bridge:
iw dev wlan0 station dump
- Have an AP tell a client to dissassociate:
iwpriv ath0 kickmac 00:02:6f:01:02:03
(use mac address of client) - Check if radio card is working
dmesg
, then look through the output for evidence of a wifi card.lspci -k
, then look for use of a wifi driver (ath5k on client bridge) (Note: not available on client bridge for releases 2.3.0 and earlier).- Note: brief testing with
lsmod
, showed identical results with and without a radio card on a client bridge (Version 2.3.0). - See more at the Client Bridge page.
- Temporarily change the ESSID:
iwconfig ath0 essid new_ssid
(ath0 for Phocus array, probably wlan0 for eCone) - Force a scan of available access points (from a client):
iw dev wlan0 scan
- List the results from the last scan of available access points (from a client), without forcing a new scan
iw dev wlan0 scan dump
wpa_cli -p /var/run/wpa_supplicant-wlan0 scan_results
(The report from this command is more compact than the one above)
wpa_cli -p /var/run/wpa_supplicant-wlan0 status
Connect to a wireless network, via the command line, from ghacks.net:
- (if necessary)
ifconfig wlan0 up
iwconfig wlan0 essid NETWORK_ID key WIRELESS_KEY
, if no password, then skip thekey WIRELESS_KEY
part.
- (if necessary)
Virtual Networks (under Linux)
- vpnc: Usually there will be a config file (name.conf), To run, change to the directory with the name.conf file, and then
vpnc ./name
. Notice the missing ".conf<code" and the opening "
, with an appropriate IP address for the remote location../<code". To Verify that it started, run <code>ifconfig
, and look for something like <code>tun0 - openconnect is an open source version of Cisco's AnyConnect?, see more instructions at Yusen Terminals Long Beach. Ubuntu has it available via apt-get. Unlike vpnc, openconnect seems to require manually setting up routes with the
ip route add
command.
Package Management
- Install a package:
sudo apt-get install XXX
- Search for a package
apt-cache search XXX
, for an exact package nameapt-cache search "XXX"
, for a package name with wildcardsaptitude show XXX
aptitude show ~nXXX
for the equivalent of apt-get with "XXX"
- Search the the install log:
grep install /var/log/dpkg.log
- List all installed packages:
dpkg -l
- List all files provided by an installed package:
dpkg -L package
- List all files provided by an *un*installed package:
apt-file list package
. Note, you may need toapt-get install apt-file
andsudo apt-file update
, before this will work. - More at Debian Package Management Cheat Sheet
- More on apt logs
- Save/Restore the list of installed packages
dpkg --get-selections > packages.txt
sudo dpkg --clear-selections
sudo dpkg --set-selections < packages.txt
- See also:http://askubuntu.com/questions/17823/how-to-list-all-installed-packages
- See also: http://wiki.mediatemple.net/w/%28ve%29:Backup_and_Restore_Installed_Packages
- Install Debian package files (.deb)
- A single file:
dpkg -i package-name-here.deb
- A directory of deb files (recursively):
dpkg -i -R /path/to/dir/name/with/lots/of/dot-deb-files/
- A single file:
Subversion
- commit (checkin changes):
svn ci -m "commit message"
- update (make sure local/working copy has the latest):
svn up
- revert (loose changes in local/working copy): <code svn revert</code>
rollback a directory to a previous version (ie from rev 20 back to rev 17): </code>svn up; svn merge -r 20:17 .; svn ci -m "rollback commit message"</code>
- for more see stackoverflow
- List conflicted files:
svn status | grep -P '^(?=.{0,6}C)'
- To revert a file to an old version in your working copy:
svn up -r 147 myfile.py
- More at Subversion Tips
Kernel Modules
lsmod
: list kernel modules that are loadedmodprobe xxx
: attempt to load kernel module xxx
Bash (Scripting)
To increment a counter: Note: the second version does not work under busybox (ash).
COUNTER=$(($COUNTER + 1))
COUNTER=$[COUNTER + 1]
- To print then environment variables
printenv
,env
- Add a message to the syslog:
logger message
Check logs. Note: different unix systems use different logging mechanisms.
dmesg
cat /var/log/syslog
or generally, anything in/var/log
or/tmp/log
or on some embedded systems, even just/tmp
.- See Ask Ubuntu and Stackoverflow for more info.
Perfomance Analysis Tools: (from this slidedeck)
- Basic: uptime, top, htop, mtop, iostat, vmstat, free, nicstat, dstat
- Intermediate: sar, netastat, pidstat, strace, tcpdump, blktrace, iotop, slabtop, sysctl, /proc
- Advanced: perf, dtrace
Restart a locked Linux Box
Ctrl + Alt + Print Scrn + reisub
- Just to make it clear. You need to press and hold
Ctrl, Alt and Print Scrn (Sys Rq)
buttons, and while holding them, you need to pressr, e, i, s, u, b
- From Jovica Ilic, or wikipedia