Commands for System Administration

Discussion in 'Beginner Tutorials' started by Rob, Jul 9, 2013.

  1. Rob

    Rob Administrator Staff Member

    Messages:
    575
    Likes Received:
    229
    Trophy Points:
    43
    The following commands are frequently used by systems administrators to keep an eye on what's going on with their systems

    last

    The command last will show you the people who have logged into the computer today and the terminals they are/were using.

    If you type:

    Code:
    last
    You may get something like this:


    Code:
    fredtty6Thu Oct 516:55 - 20:05(3:10)
    bobtty1Thu Oct 5still logged in(3:10)
    roottty1Thu Oct 516:23 - 16:43(0:20)
    rebootsystem bootThu Oct 5 16:22

    As you can see, you worked as 'fred' for 3 hours and 10 mins. You are still working as 'bob'. You worked as 'root' for 20 minutes (probably some administration tasks) and you booted your computer at 4:22 PM.

    This is a good way to see who's been using the computer if it's networked. For example, if you saw a an entry for 'satan' and you hadn't given the Prince of Darkness permission to login, you could fire off a nasty e-mail to him about mis-use of your server. His address, by the way, is "thedevil@hell.com"

    df

    'df' is a command that you're going to use a lot if you're pressed for hard disk space. Once again, there are many programs that run graphically that will inform you of the space available on your Linux partition. But this is a very good, quick, non-graphic way to keep track of your hard disk space.

    If you type
    Code:
    df
    You may get something like this. (This is actually taken from a system I use for testing versions of Linux. My 'df' is going to be a bit confusing because I run a XenServer virtual machine attached to a SAN. Sorry!)


    Code:
    Filesystem          1K-blocks      Used Available Use% Mounted on
    /dev/mapper/VolGroup-lv_root
                          48964432  2838132  43639004  7% /
    tmpfs                  1987488        0  1987488  0% /dev/shm
    /dev/xvda1              495844    52160    418084  12% /boot
    /dev/mapper/VolGroup-lv_home
                          47626600    370604  44836696  1% /home
    If you start seeing a 'df' output like this, it's time to get down to your local computer shop and buy a new hard disk. Anyway, 'df' is a good way to keep track of this.

    free

    'free' is a command that you can use if you want to know how much RAM memory you have free on your system. By typing:

    Code:
    free
    and you will get something like this


    Code:
    totalusedfreesharedbufferscached
    Mem:1445213904548282084927312
    -/+ buffers/cache:61008352
    Swap:33260155631704

    This output isn't very friendly. Try converting things to Megabytes by typing

    Code:
    free -m
    Sometimes, if a program is running particularly slowly, you may find out that your memory usage is high using this command. Linux's memory management is quite good but a certain program may be "hogging" memory. You could exit that program and then type free again to see if it was the culprit.

    du

    'du' is the way to see how big files are. You can use it on a directory or on a particular file. This is another command I use a lot. It's probably best to use the option du -b (-b for bytes) and it will give you the exact figure in bytes. By default, 'du' shows the closest kilobyte figure. Let's look at a couple of examples:

    If I type:

    Code:
    du people_I_owe_money.note
    I may get an output like this: 193 people_I_owe_money.net

    But instead, if I type:

    Code:
    du -b people_I_owe_money.note
    I'll get: 197120 people_I_owe_money.note

    As you can see, it's a big file. I owe a lot of people money. On the other hand look at the output for 'people_who_owe_me_money.note':

    1 people_who_owe_me_money.note

    No, that's not the kilobyte figure. That's the byte figure!

    You can also use this on a directory, and it will list the files and subdirectories and give you the byte or kilobyte count, whichever you prefer

    If you turn out to be a human, then you may want to set the output to something even more friendly.

    Try this:

    Code:
    du -h
    top

    To show you the use of the 'top' command. Here you will see what processes are running 'top' is a good command to use when you want to see what your system's doing. 'top' is designed to show you how your CPU is being used. It will give you a pretty complete list of everything that's going on in your computer. Here's a sample output of the 'top' command:

    Code:
    top

    Code:
    top - 14:11:38 up 12 days, 22:38,  1 user,  load average: 0.00, 0.00, 0.00
    Tasks:  97 total,  1 running,  96 sleeping,  0 stopped,  0 zombie
    Cpu(s):  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
    Mem:  3974980k total,  3515800k used,  459180k free,  244404k buffers
    Swap:  6209528k total,        0k used,  6209528k free,  2684644k cached
     
      PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
        1 root      20  0 19204 1512 1220 S  0.0  0.0  0:01.84 init
        2 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kthreadd
        3 root      RT  0    0    0    0 S  0.0  0.0  0:00.00 migration/0
        4 root      20  0    0    0    0 S  0.0  0.0  0:00.55 ksoftirqd/0
        5 root      RT  0    0    0    0 S  0.0  0.0  0:00.00 migration/0
        6 root      RT  0    0    0    0 S  0.0  0.0  0:02.41 watchdog/0
        7 root      20  0    0    0    0 S  0.0  0.0  1:11.89 events/0
        8 root      20  0    0    0    0 S  0.0  0.0  0:00.00 cgroup
        9 root      20  0    0    0    0 S  0.0  0.0  0:00.00 khelper
      10 root      20  0    0    0    0 S  0.0  0.0  0:00.00 netns
      11 root      20  0    0    0    0 S  0.0  0.0  0:00.00 async/mgr
      12 root      20  0    0    0    0 S  0.0  0.0  0:00.00 pm
      13 root      20  0    0    0    0 S  0.0  0.0  0:00.00 xenwatch
      14 root      20  0    0    0    0 S  0.0  0.0  0:01.47 xenbus
      15 root      20  0    0    0    0 S  0.0  0.0  0:05.50 sync_supers
      16 root      20  0    0    0    0 S  0.0  0.0  0:05.87 bdi-default
      17 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kintegrityd/0
      18 root      20  0    0    0    0 S  0.0  0.0  0:03.82 kblockd/0
      19 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ata/0
      20 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ata_aux
      21 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ksuspend_usbd
      22 root      20  0    0    0    0 S  0.0  0.0  0:00.00 khubd
      23 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kseriod
      24 root      20  0    0    0    0 S  0.0  0.0  0:00.00 md/0
      25 root      20  0    0    0    0 S  0.0  0.0  0:00.00 md_misc/0
      26 root      20  0    0    0    0 S  0.0  0.0  0:00.33 khungtaskd
      27 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kswapd0
      28 root      25  5    0    0    0 S  0.0  0.0  0:00.00 ksmd
      29 root      20  0    0    0    0 S  0.0  0.0  0:00.00 aio/0
      30 root      20  0    0    0    0 S  0.0  0.0  0:00.00 crypto/0
      35 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kthrotld/0
      37 root      20  0    0    0    0 S  0.0  0.0  0:00.00 khvcd
      38 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kpsmoused
      39 root      20  0    0    0    0 S  0.0  0.0  0:00.00 usbhid_resumer
      69 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kstriped
      229 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kdmflush
      231 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kdmflush
      250 root      20  0    0    0    0 S  0.0  0.0  0:13.44 jbd2/dm-0-8
      251 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ext4-dio-unwrit

    ps

    'ps' will give you a list of the processes running on your system.

    Just typing ps will give you the processes you're running as a user. It may look like this:

    Code:
    ps

    Code:
    PID TTY          TIME CMD
    22987 pts/0    00:00:00 ps
    29552 pts/0    00:00:00 bash

    If you happen to forget what your name is, you can type ps u. This is the user mode and your user name will appear in the first column. Actually, there's more than that.


    There will be other columns about memory usage, the time you started running the processes and others.

    You can see other users processes if you type ps -au. If you're not using a networked computer, you will see yours and root's processes. If you're into detective work, you can type just ps -a and try to guess who's using the process.

    The information that you'll probably be most interested in is the column that shows the "process ID" or "PID". We'll get into why these are so important in the next part of the lesson.

    kill

    "kill" is a very explicit word. It implies 'death'. In the last part of this lesson we talked about process IDs or "PIDs". Well, with the command 'kill' plus a PID, you can terminate a program. In other words, you kill the program. You will probably only use this with troublesome processes; programs that may not let you exit regularly. A good example of this is when you try a new program that hasn't got all the bugs worked out of it yet. If the 'exit' button doesn't work, you can 'kill' it.

    To do this, first, you would type ps and you would get this output that we talked about before.


    Code:
    PIDTTYSTATTIMECOMMAND
    2932S0:00-bash
    4222S0:00sh /usr/X11R6/bin/startx
    4372S0:00tee /home/bob/.X.err
    4382S0:00xinit /home/bob/.xinitrc --
    4412S0:01/usr/X11R6/bin/evilaliens

    Let's say you're trying a new game that was just ported to Linux. The game is called "Evil and Nasty Alien Visitors". The name of the "binary" or program itself is called evilaliens. (the last one on my 'ps' example) Now you can't exit the program either. The aliens just took over Oklahoma and you swore you got them all. You're playing in your x-windows enviroment and you have an x-terminal open (probably the one you typed 'ps' into). You would just type:

    kill and the PID number, in my example, 441.

    That is:
    Code:
    kill 441
    and the program disappears, along with all those nasty aliens.

    Here's a little trick. If you don't want to do two steps, 'ps' and 'kill' and you know the name of the "binary" or program itself, as I mentioned before, you can just type:

    Code:
    killall evilaliens
    and that should also do the trick.

    Using 'kill' as root

    Remember that when you work as root, you are the all-powerful master of the universe. (or at least the computer). When you use 'kill' as root, you are the 007 on Her Majesty's Linux Service. You have license to 'kill' the process you desire. If you're working as 'root' and you need to use the 'kill' command, it's a good idea to run ps -au and look closely at your PIDs. You don't want to end up killing some process that you need.

    Another way to kill a process.

    Try typing this:
    Code:
    find *.
    (Kind of an absurd thing to do, but good as an example) It will just start finding everything. If you have done something like this by mistake, you can use the keys
    CTR+ C
    to stop the 'find' process. In these cases, there's no need to use the 'kill' command.
  2. MES3OUD

    MES3OUD New Member

    Messages:
    6
    Likes Received:
    2
    Trophy Points:
    1
    I really enjoyed those commands, but I still cannot how it works "find .*" ..!
    jamesnik likes this.
  3. liuxocakn

    liuxocakn New Member

    Messages:
    2
    Likes Received:
    1
    Trophy Points:
    3
    I see the 'last' first time,so good.
    jamesnik likes this.
  4. pallav jain

    pallav jain New Member

    Messages:
    1
    Likes Received:
    1
    Trophy Points:
    3
    where to write all this codes?? i am new for linux
    jamesnik likes this.
  5. taha saeed khan

    taha saeed khan New Member

    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    just type ctrl+alt+t on desktop u wil get ur terminal openend
  6. B4RTZ4K

    B4RTZ4K New Member

    Messages:
    19
    Likes Received:
    13
    Trophy Points:
    3
    Hello I am also new but what i know I'll tell you.

    The find command is for to find anything in the directorys or to find directorys.
    What i have learned is that there are wildcards like the star * and the question mark ?.
    The star is for any character, lets say u know the second name of the file or directory. For example in the file or directory 'my.files' u forgot 'my'.
    Then u would type 'find *.files this will show u all the files with the second name .file so also 'firts.file' or 'second.file' or wifes.file'.

    The question mark ? represent only one character.
    for example u made a directory mp3 and a directory mp4, to find them u would type 'find mp?' this wil show all those directorys or files that u gave the name mp3,mp4,mp5,mp6 and so on.

    If u want to know more about the find command type 'man find', this wil show u the manual for find.

    If someone can correct me plz do so i am new and learn out of my self what is really hard. But i will not give up. good luck on you guys and on me ;)
  7. DevynCJohnson

    DevynCJohnson Well-Known Member Staff Member Staff Writer

    Messages:
    1,360
    Likes Received:
    1,084
    Trophy Points:
    113
    You are correct. However, the "second names" are called file extensions which indicate the type of file. GNU/Linux does not require extensions; it already knows what the file is by looking at the contents. Windows needs these extensions.
    Haider92 likes this.
  8. B4RTZ4K

    B4RTZ4K New Member

    Messages:
    19
    Likes Received:
    13
    Trophy Points:
    3
    Thanks for telling me, but i kept it simple for people like me. Think I am gonna learn alot here!
    I always look with the command 'file' wich file it is.
    Last edited: Jan 25, 2014
  9. Saptarshi Nag

    Saptarshi Nag Member

    Messages:
    42
    Likes Received:
    28
    Trophy Points:
    18
    can't understand 'find' command just printing the filename of the corresponding directory by giving $find <filename> :p
  10. Amol Patil

    Amol Patil New Member

    Messages:
    8
    Likes Received:
    5
    Trophy Points:
    3
    Thanks Rob.
    Can you post some more useful commands ? ?
    DevynCJohnson likes this.
  11. DevynCJohnson

    DevynCJohnson Well-Known Member Staff Member Staff Writer

    Messages:
    1,360
    Likes Received:
    1,084
    Trophy Points:
    113

Share This Page