Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd please sign up again. Thanks!

Commands for System Administration

Discussion in 'Linux Beginner Tutorials' started by Rob, Jul 9, 2013.

  1. Rob

    Rob Administrator
    Staff Member

    Joined:
    Oct 27, 2011
    Messages:
    172
    Likes Received:
    469
    The following commands are frequently used by systems administrators to keep an eye on what's going on with their systems

    last

    The command last will show you the people who have logged into the computer today and the terminals they are/were using.

    If you type:

    Code:
    last
    You may get something like this:


    Code:
    fredtty6Thu Oct 516:55 - 20:05(3:10)
    bobtty1Thu Oct 5still logged in(3:10)
    roottty1Thu Oct 516:23 - 16:43(0:20)
    rebootsystem bootThu Oct 5 16:22

    As you can see, you worked as 'fred' for 3 hours and 10 mins. You are still working as 'bob'. You worked as 'root' for 20 minutes (probably some administration tasks) and you booted your computer at 4:22 PM.

    This is a good way to see who's been using the computer if it's networked. For example, if you saw a an entry for 'satan' and you hadn't given the Prince of Darkness permission to login, you could fire off a nasty e-mail to him about mis-use of your server. His address, by the way, is "[email protected]"

    df



    'df' is a command that you're going to use a lot if you're pressed for hard disk space. Once again, there are many programs that run graphically that will inform you of the space available on your Linux partition. But this is a very good, quick, non-graphic way to keep track of your hard disk space.

    If you type
    Code:
    df
    You may get something like this. (This is actually taken from a system I use for testing versions of Linux. My 'df' is going to be a bit confusing because I run a XenServer virtual machine attached to a SAN. Sorry!)


    Code:
    Filesystem          1K-blocks      Used Available Use% Mounted on
    /dev/mapper/VolGroup-lv_root
                          48964432  2838132  43639004  7% /
    tmpfs                  1987488        0  1987488  0% /dev/shm
    /dev/xvda1              495844    52160    418084  12% /boot
    /dev/mapper/VolGroup-lv_home
                          47626600    370604  44836696  1% /home
    If you start seeing a 'df' output like this, it's time to get down to your local computer shop and buy a new hard disk. Anyway, 'df' is a good way to keep track of this.

    free

    'free' is a command that you can use if you want to know how much RAM memory you have free on your system. By typing:

    Code:
    free
    and you will get something like this


    Code:
    totalusedfreesharedbufferscached
    Mem:1445213904548282084927312
    -/+ buffers/cache:61008352
    Swap:33260155631704

    This output isn't very friendly. Try converting things to Megabytes by typing

    Code:
    free -m
    Sometimes, if a program is running particularly slowly, you may find out that your memory usage is high using this command. Linux's memory management is quite good but a certain program may be "hogging" memory. You could exit that program and then type free again to see if it was the culprit.

    du

    'du' is the way to see how big files are. You can use it on a directory or on a particular file. This is another command I use a lot. It's probably best to use the option du -b (-b for bytes) and it will give you the exact figure in bytes. By default, 'du' shows the closest kilobyte figure. Let's look at a couple of examples:

    If I type:

    Code:
    du people_I_owe_money.note
    I may get an output like this: 193 people_I_owe_money.net

    But instead, if I type:

    Code:
    du -b people_I_owe_money.note
    I'll get: 197120 people_I_owe_money.note

    As you can see, it's a big file. I owe a lot of people money. On the other hand look at the output for 'people_who_owe_me_money.note':

    1 people_who_owe_me_money.note

    No, that's not the kilobyte figure. That's the byte figure!

    You can also use this on a directory, and it will list the files and subdirectories and give you the byte or kilobyte count, whichever you prefer

    If you turn out to be a human, then you may want to set the output to something even more friendly.

    Try this:

    Code:
    du -h
    top

    To show you the use of the 'top' command. Here you will see what processes are running 'top' is a good command to use when you want to see what your system's doing. 'top' is designed to show you how your CPU is being used. It will give you a pretty complete list of everything that's going on in your computer. Here's a sample output of the 'top' command:

    Code:
    top

    Code:
    top - 14:11:38 up 12 days, 22:38,  1 user,  load average: 0.00, 0.00, 0.00
    Tasks:  97 total,  1 running,  96 sleeping,  0 stopped,  0 zombie
    Cpu(s):  0.0%us,  0.0%sy,  0.0%ni,100.0%id,  0.0%wa,  0.0%hi,  0.0%si,  0.0%st
    Mem:  3974980k total,  3515800k used,  459180k free,  244404k buffers
    Swap:  6209528k total,        0k used,  6209528k free,  2684644k cached
     
      PID USER      PR  NI  VIRT  RES  SHR S %CPU %MEM    TIME+  COMMAND
        1 root      20  0 19204 1512 1220 S  0.0  0.0  0:01.84 init
        2 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kthreadd
        3 root      RT  0    0    0    0 S  0.0  0.0  0:00.00 migration/0
        4 root      20  0    0    0    0 S  0.0  0.0  0:00.55 ksoftirqd/0
        5 root      RT  0    0    0    0 S  0.0  0.0  0:00.00 migration/0
        6 root      RT  0    0    0    0 S  0.0  0.0  0:02.41 watchdog/0
        7 root      20  0    0    0    0 S  0.0  0.0  1:11.89 events/0
        8 root      20  0    0    0    0 S  0.0  0.0  0:00.00 cgroup
        9 root      20  0    0    0    0 S  0.0  0.0  0:00.00 khelper
      10 root      20  0    0    0    0 S  0.0  0.0  0:00.00 netns
      11 root      20  0    0    0    0 S  0.0  0.0  0:00.00 async/mgr
      12 root      20  0    0    0    0 S  0.0  0.0  0:00.00 pm
      13 root      20  0    0    0    0 S  0.0  0.0  0:00.00 xenwatch
      14 root      20  0    0    0    0 S  0.0  0.0  0:01.47 xenbus
      15 root      20  0    0    0    0 S  0.0  0.0  0:05.50 sync_supers
      16 root      20  0    0    0    0 S  0.0  0.0  0:05.87 bdi-default
      17 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kintegrityd/0
      18 root      20  0    0    0    0 S  0.0  0.0  0:03.82 kblockd/0
      19 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ata/0
      20 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ata_aux
      21 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ksuspend_usbd
      22 root      20  0    0    0    0 S  0.0  0.0  0:00.00 khubd
      23 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kseriod
      24 root      20  0    0    0    0 S  0.0  0.0  0:00.00 md/0
      25 root      20  0    0    0    0 S  0.0  0.0  0:00.00 md_misc/0
      26 root      20  0    0    0    0 S  0.0  0.0  0:00.33 khungtaskd
      27 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kswapd0
      28 root      25  5    0    0    0 S  0.0  0.0  0:00.00 ksmd
      29 root      20  0    0    0    0 S  0.0  0.0  0:00.00 aio/0
      30 root      20  0    0    0    0 S  0.0  0.0  0:00.00 crypto/0
      35 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kthrotld/0
      37 root      20  0    0    0    0 S  0.0  0.0  0:00.00 khvcd
      38 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kpsmoused
      39 root      20  0    0    0    0 S  0.0  0.0  0:00.00 usbhid_resumer
      69 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kstriped
      229 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kdmflush
      231 root      20  0    0    0    0 S  0.0  0.0  0:00.00 kdmflush
      250 root      20  0    0    0    0 S  0.0  0.0  0:13.44 jbd2/dm-0-8
      251 root      20  0    0    0    0 S  0.0  0.0  0:00.00 ext4-dio-unwrit

    ps

    'ps' will give you a list of the processes running on your system.

    Just typing ps will give you the processes you're running as a user. It may look like this:

    Code:
    ps

    Code:
    PID TTY          TIME CMD
    22987 pts/0    00:00:00 ps
    29552 pts/0    00:00:00 bash

    If you happen to forget what your name is, you can type ps u. This is the user mode and your user name will appear in the first column. Actually, there's more than that.

    There will be other columns about memory usage, the time you started running the processes and others.

    You can see other users processes if you type ps -au. If you're not using a networked computer, you will see yours and root's processes. If you're into detective work, you can type just ps -a and try to guess who's using the process.

    The information that you'll probably be most interested in is the column that shows the "process ID" or "PID". We'll get into why these are so important in the next part of the lesson.

    kill

    "kill" is a very explicit word. It implies 'death'. In the last part of this lesson we talked about process IDs or "PIDs". Well, with the command 'kill' plus a PID, you can terminate a program. In other words, you kill the program. You will probably only use this with troublesome processes; programs that may not let you exit regularly. A good example of this is when you try a new program that hasn't got all the bugs worked out of it yet. If the 'exit' button doesn't work, you can 'kill' it.

    To do this, first, you would type ps and you would get this output that we talked about before.


    Code:
    PIDTTYSTATTIMECOMMAND
    2932S0:00-bash
    4222S0:00sh /usr/X11R6/bin/startx
    4372S0:00tee /home/bob/.X.err
    4382S0:00xinit /home/bob/.xinitrc --
    4412S0:01/usr/X11R6/bin/evilaliens

    Let's say you're trying a new game that was just ported to Linux. The game is called "Evil and Nasty Alien Visitors". The name of the "binary" or program itself is called evilaliens. (the last one on my 'ps' example) Now you can't exit the program either. The aliens just took over Oklahoma and you swore you got them all. You're playing in your x-windows enviroment and you have an x-terminal open (probably the one you typed 'ps' into). You would just type:

    kill and the PID number, in my example, 441.

    That is:
    Code:
    kill 441
    and the program disappears, along with all those nasty aliens.

    Here's a little trick. If you don't want to do two steps, 'ps' and 'kill' and you know the name of the "binary" or program itself, as I mentioned before, you can just type:

    Code:
    killall evilaliens
    and that should also do the trick.

    Using 'kill' as root

    Remember that when you work as root, you are the all-powerful master of the universe. (or at least the computer). When you use 'kill' as root, you are the 007 on Her Majesty's Linux Service. You have license to 'kill' the process you desire. If you're working as 'root' and you need to use the 'kill' command, it's a good idea to run ps -au and look closely at your PIDs. You don't want to end up killing some process that you need.

    Another way to kill a process.

    Try typing this:
    Code:
    find *.
    (Kind of an absurd thing to do, but good as an example) It will just start finding everything. If you have done something like this by mistake, you can use the keys
    CTR+ C
    to stop the 'find' process. In these cases, there's no need to use the 'kill' command.
     
    TCRatius, AlienGod, Worldson and 12 others like this.
  2. JonyKotor

    JonyKotor New Member

    Joined:
    Oct 13, 2017
    Messages:
    1
    Likes Received:
    0
    One more useful command for "ps"
    example:

    > ps -oe user,pid,pcpu,command (it will show you only username,pid, cpu usage and command)
     
  3. wizardfromoz

    wizardfromoz Well-Known Member

    Joined:
    Apr 30, 2017
    Messages:
    232
    Likes Received:
    261
    Hi @JonyKotor and welcome to linux.org :)

    Just a heads up that the above command does not work for me (in a current Ubuntu at the moment), but

    Code:
    ps -eo user,pid,pcpu,comm
    ... does.

    Spoiler has my output for those whom enjoy watching paint dry, lol

    [email protected]:~$ ps -eo user,pid,pcpu,comm
    USER PID %CPU COMMAND
    root 1 0.0 systemd
    root 2 0.0 kthreadd
    root 3 0.0 kworker/0:0
    root 4 0.0 kworker/0:0H
    root 6 0.0 mm_percpu_wq
    root 7 0.0 ksoftirqd/0
    root 8 0.0 rcu_sched
    root 9 0.0 rcu_bh
    root 10 0.0 migration/0
    root 11 0.0 watchdog/0
    root 12 0.0 cpuhp/0
    root 13 0.0 cpuhp/1
    root 14 0.0 watchdog/1
    root 15 0.0 migration/1
    root 16 0.0 ksoftirqd/1
    root 18 0.0 kworker/1:0H
    root 19 0.0 cpuhp/2
    root 20 0.0 watchdog/2
    root 21 0.0 migration/2
    root 22 0.0 ksoftirqd/2
    root 24 0.0 kworker/2:0H
    root 25 0.0 cpuhp/3
    root 26 0.0 watchdog/3
    root 27 0.0 migration/3
    root 28 0.0 ksoftirqd/3
    root 30 0.0 kworker/3:0H
    root 31 0.0 cpuhp/4
    root 32 0.0 watchdog/4
    root 33 0.0 migration/4
    root 34 0.0 ksoftirqd/4
    root 36 0.0 kworker/4:0H
    root 37 0.0 cpuhp/5
    root 38 0.0 watchdog/5
    root 39 0.0 migration/5
    root 40 0.0 ksoftirqd/5
    root 42 0.0 kworker/5:0H
    root 43 0.0 cpuhp/6
    root 44 0.0 watchdog/6
    root 45 0.0 migration/6
    root 46 0.0 ksoftirqd/6
    root 48 0.0 kworker/6:0H
    root 49 0.0 cpuhp/7
    root 50 0.0 watchdog/7
    root 51 0.0 migration/7
    root 52 0.0 ksoftirqd/7
    root 54 0.0 kworker/7:0H
    root 55 0.0 kdevtmpfs
    root 56 0.0 netns
    root 57 0.0 kworker/0:1
    root 58 0.0 kworker/2:1
    root 59 0.0 kworker/4:1
    root 60 0.0 khungtaskd
    root 61 0.0 oom_reaper
    root 62 0.0 writeback
    root 63 0.0 kcompactd0
    root 64 0.0 ksmd
    root 65 0.0 khugepaged
    root 66 0.0 crypto
    root 67 0.0 kintegrityd
    root 68 0.0 kblockd
    root 69 0.0 kworker/6:1
    root 70 0.0 ata_sff
    root 71 0.0 md
    root 72 0.0 edac-poller
    root 73 0.0 devfreq_wq
    root 74 0.0 watchdogd
    root 76 0.0 kworker/1:1
    root 79 0.0 kauditd
    root 80 0.0 kswapd0
    root 81 0.0 ecryptfs-kthrea
    root 104 0.0 kworker/5:1
    root 123 0.0 kthrotld
    root 124 0.0 kworker/3:1
    root 125 0.0 kworker/7:1
    root 126 0.0 acpi_thermal_pm
    root 131 0.0 ipv6_addrconf
    root 156 0.0 charger_manager
    root 158 0.0 kworker/u16:4
    root 161 0.0 kworker/2:2
    root 217 0.0 scsi_eh_0
    root 218 0.0 scsi_tmf_0
    root 219 0.0 scsi_eh_1
    root 220 0.0 scsi_tmf_1
    root 221 0.0 scsi_eh_2
    root 222 0.0 scsi_tmf_2
    root 223 0.0 scsi_eh_3
    root 224 0.0 scsi_tmf_3
    root 225 0.0 scsi_eh_4
    root 226 0.0 scsi_tmf_4
    root 227 0.0 scsi_eh_5
    root 228 0.0 scsi_tmf_5
    root 232 0.0 nvkm-disp
    root 233 0.0 i915/signal:0
    root 234 0.0 i915/signal:1
    root 235 0.0 i915/signal:2
    root 236 0.0 i915/signal:4
    root 237 0.0 kworker/7:2
    root 241 0.0 kworker/0:1H
    root 244 0.0 kworker/7:1H
    root 245 0.0 kworker/3:1H
    root 246 0.0 kworker/4:1H
    root 247 0.0 kworker/6:1H
    root 248 0.0 ttm_swap
    root 319 0.0 jbd2/sda14-8
    root 320 0.0 ext4-rsv-conver
    root 335 0.0 kworker/1:1H
    root 349 0.0 kworker/2:1H
    root 352 0.0 systemd-journal
    root 370 0.0 kworker/4:2
    root 384 0.0 systemd-udevd
    root 394 0.0 kworker/5:1H
    root 423 0.0 kworker/3:2
    root 533 0.0 cfg80211
    root 538 0.0 irq/32-mei_me
    systemd+ 897 0.0 systemd-timesyn
    systemd+ 911 0.0 systemd-network
    root 992 0.0 snapd
    avahi 993 0.0 avahi-daemon
    root 1006 0.0 irqbalance
    root 1007 0.0 accounts-daemon
    avahi 1009 0.0 avahi-daemon
    root 1010 0.0 cron
    message+ 1014 0.0 dbus-daemon
    root 1049 0.0 NetworkManager
    root 1052 0.0 ModemManager
    root 1054 0.0 acpid
    root 1055 0.0 udisksd
    syslog 1056 0.0 rsyslogd
    root 1057 0.0 cupsd
    root 1058 0.0 cups-browsed
    root 1059 0.0 thermald
    root 1060 0.0 systemd-logind
    root 1090 0.0 polkitd
    root 1098 0.0 kworker/u17:0
    root 1099 0.0 kworker/u17:1
    root 1104 0.0 bluetoothd
    systemd+ 1122 0.0 systemd-resolve
    colord 1127 0.0 colord
    root 1137 0.0 ath9k-hwrng
    root 1139 0.0 wpa_supplicant
    root 1140 0.0 gdm3
    root 1141 0.0 sshd
    root 1152 0.0 gdm-session-wor
    gdm 1163 0.0 systemd
    gdm 1164 0.0 (sd-pam)
    gdm 1169 0.0 gdm-x-session
    gdm 1171 0.0 Xorg
    root 1188 0.0 dhclient
    gdm 1224 0.0 dbus-daemon
    whoopsie 1225 0.0 whoopsie
    kernoops 1229 0.0 kerneloops
    gdm 1235 0.0 gnome-session-b
    gdm 1237 0.0 at-spi-bus-laun
    gdm 1242 0.0 dbus-daemon
    gdm 1244 0.0 at-spi2-registr
    gdm 1260 0.0 gnome-shell
    root 1267 0.0 upowerd
    gdm 1298 0.0 pulseaudio
    rtkit 1299 0.0 rtkit-daemon
    gdm 1345 0.0 ibus-daemon
    gdm 1350 0.0 ibus-dconf
    gdm 1353 0.0 ibus-x11
    gdm 1366 0.0 gsd-wacom
    root 1367 0.0 packagekitd
    gdm 1374 0.0 gsd-xsettings
    gdm 1378 0.0 gsd-a11y-keyboa
    gdm 1381 0.0 gsd-a11y-settin
    gdm 1382 0.0 gsd-clipboard
    gdm 1384 0.0 gsd-color
    gdm 1390 0.0 gsd-datetime
    gdm 1391 0.0 gsd-housekeepin
    gdm 1392 0.0 gsd-keyboard
    gdm 1393 0.0 gsd-media-keys
    gdm 1405 0.0 gsd-mouse
    gdm 1406 0.0 gsd-power
    gdm 1411 0.0 gsd-print-notif
    gdm 1412 0.0 gsd-rfkill
    gdm 1413 0.0 gsd-screensaver
    gdm 1415 0.0 gsd-sharing
    gdm 1420 0.0 gsd-smartcard
    gdm 1429 0.0 gsd-sound
    gdm 1458 0.0 ibus-engine-sim
    gdm 1460 0.0 dconf-service
    root 1483 0.0 gdm-session-wor
    chris 1489 0.0 systemd
    chris 1490 0.0 (sd-pam)
    chris 1497 0.0 gnome-keyring-d
    chris 1501 0.0 gdm-x-session
    chris 1503 2.0 Xorg
    chris 1507 0.0 dbus-daemon
    chris 1510 0.0 gnome-session-b
    chris 1601 0.0 ssh-agent
    chris 1603 0.0 at-spi-bus-laun
    chris 1608 0.0 dbus-daemon
    chris 1610 0.0 at-spi2-registr
    chris 1623 0.0 gvfsd
    chris 1628 0.0 gvfsd-fuse
    chris 1646 4.5 gnome-shell
    chris 1655 0.0 pulseaudio
    root 1659 0.0 krfcommd
    chris 1676 0.0 gnome-shell-cal
    chris 1677 0.0 ibus-daemon
    chris 1683 0.0 ibus-dconf
    chris 1685 0.0 ibus-x11
    chris 1701 0.0 evolution-sourc
    chris 1702 0.0 gvfs-udisks2-vo
    chris 1709 0.0 gvfs-mtp-volume
    chris 1713 0.0 gvfs-gphoto2-vo
    chris 1717 0.0 gvfs-goa-volume
    chris 1720 0.0 goa-daemon
    chris 1734 0.0 goa-identity-se
    chris 1736 0.0 gvfs-afc-volume
    chris 1744 0.0 gsd-mouse
    chris 1746 0.0 gsd-power
    chris 1747 0.0 gsd-print-notif
    chris 1749 0.0 gsd-rfkill
    chris 1751 0.0 gsd-screensaver
    chris 1760 0.0 gsd-sharing
    chris 1761 0.0 gsd-wacom
    chris 1762 0.0 gsd-xsettings
    chris 1763 0.0 gsd-smartcard
    chris 1764 0.0 gsd-sound
    chris 1788 0.0 gsd-a11y-keyboa
    chris 1789 0.0 gsd-a11y-settin
    chris 1790 0.0 gsd-clipboard
    chris 1791 0.0 gsd-color
    chris 1793 0.0 gsd-datetime
    chris 1795 0.0 gsd-housekeepin
    chris 1796 0.0 gsd-keyboard
    chris 1797 0.0 gsd-media-keys
    chris 1848 0.0 gnome-software
    chris 1851 0.0 gsd-disk-utilit
    chris 1852 0.0 kerneloops-appl
    chris 1856 0.0 nautilus-deskto
    chris 1857 0.0 evolution-calen
    chris 1859 0.0 dconf-service
    chris 1869 0.0 ibus-engine-sim
    chris 1885 0.0 gsd-printer
    root 1893 0.0 fwupd
    chris 1898 0.0 gvfsd-trash
    chris 1915 0.0 evolution-calen
    chris 1927 0.0 evolution-calen
    chris 1938 0.0 evolution-addre
    chris 1948 0.0 evolution-addre
    chris 1971 0.0 update-notifier
    chris 1987 0.0 deja-dup-monito
    root 2027 0.0 kworker/6:0
    chris 2174 0.0 gconfd-2
    root 2199 0.1 kworker/u16:3
    chris 2218 47.0 firefox
    chris 2348 0.0 gvfsd-network
    chris 2363 0.0 gvfsd-dnssd
    root 2371 0.0 kworker/5:0
    root 2405 0.0 kworker/u16:2
    root 2407 0.0 kworker/1:2
    root 2424 0.1 kworker/u16:0
    chris 2479 0.2 gnome-terminal-
    chris 2488 0.0 bash
    chris 2553 0.0 ps

    If your syntax is correct for you, perhaps you can specify (for the benefit of The Viewers) what environment you are operating in? A simple edit to your Post above would suffice.

    Cheers and

    avagudweegend

    Wizard

    BTW I am guessing that that is a BSD syntax, is that so?

    Edited - added BTW
     
    #3 wizardfromoz, Oct 14, 2017 at 3:49 AM
    Last edited: Oct 14, 2017 at 4:05 AM
    atanere likes this.
  4. atanere

    atanere Moderator
    Gold Supporter

    Joined:
    Apr 6, 2017
    Messages:
    333
    Likes Received:
    298
    Ah, I'm slow tonight (which is why I like beer). It took me awhile to notice the difference between -oe and -eo, but I finally got it. :confused::D
     
    wizardfromoz likes this.

Share This Page