Linux System Administration Commands tutorials

 

Linux System Administration Commands Explained with Examples

This tutorial explains basic Linux system administration commands in detail. Learn essential Linux commands for system administration through practical examples.

Listing the currently logged-in users

When a user logged-in, Linux stores his information in the /var/run/utmp file. This information includes his username, terminal number and login time. This information is stored in raw text format. To read this file, we can use the following command.

#cat /var/run/utmp

Since information is stored in raw text format and by default, when displaying text, the cat command does not change the format of text, the output of this command may look messy. To view the properly formatted output, you can use the following two commands.

#who
#who am i

Both commands work in similar fashion. Both commands read raw text from the /var/run/utmp file and properly format that before displaying on the command prompt. The only difference between both commands is that the who command displays information about all users while the who am i command displays information only about the user who executes it.

Following image shows an example of all three commands.

Knowing the last successful login, failed login attempts and system reboot time

Just like keeping track of active users, Linux also keeps the record of previous successful login sessions, failed login attempts and last system reboots. It stores information about previous successful login sessions in the file /var/log/wtmp. To store information about the failed login attempts, it uses the file /var/log/btmp.

You can read these files directly or can use the following commands.

#last
#last reboot
#lastb

The last command prints the list of users who had successfully accessed the system. This command does not tell you what user did after login. It only tells you that which user logged-in at what time on which terminal and how many time he stayed login.

The last reboot command prints the last reboot time of the system. Through this command, you can know when the system was restarted or rebooted last time.

The lastb command prints the list of failed login attempts. Through this command, you can know which user account was used with the wrong password to login on which terminal and what time.

Following image shows example of above commands.

Getting detailed information about active users

If you need more detailed information about active users including what they are doing, you can use the w command. The w command provides two types of information; System specific and User specific.

System specific information

• Current time of day
• System uptime
• Total number of active users (currently logged in)
• Average load (number of jobs in run queue)

User specific information

• User login name
• Terminal number from which user is logged in
• Host name (Name of system where user is logged in)
• Login session time (the time the user stayed logged-in)
• Last activity time (the time since the user last typed anything)
• JCPU time (the time taken by all process excluding past background jobs.)
• PCPU time (the time taken by current process)
• Current process

Following image shows a practical example of the w command.

Knowing the system uptime

To know how long the system has been up, you can use the uptime command. Besides system’s uptime, it also provides the following information:-

Current system time, number of currently logged-in users, system load average for past 1, 5 and 15 minutes respectively.

As explained above, same information can also be obtained from the w command. The difference between both commands is that the w command provides this information along with the information of active users.

If you want to obtain both types of information, use the w command. If you want to get system specific information only, use the uptime command.

Following image shows both commands with output.

Viewing login name/username

To view the login name, you can use either the logname command or the whoami command. Both commands display the username. The difference between both commands is that the logname command displays the username of that user account which was used to login while the whoami command displays the username of the current user account.

Let’s take a simple example to understand the difference between both commands. Login from a user account and use both commands to print the username. Both commands will display the same result.

Now, change user account through the su command and run both commands again. This time the whoami command will display the username of new user account while the logname command will still display the old login name.

Now logout from the new account and run both commands again. This time both commands will display the same result again.

Following image shows this exercise.

Knowing hostname, kernel version number, processor type and hardware architecture

You can use the uname command to view the basic system information such as hostname, operating system name, hardware platform and kernel information (name, version, built etc.) Without any option, this command only displays the operating system name. To view other information, you have to use the related option. Following table lists some common options with description.

Option	Description
-s	kernel name
-n	node name
-r	kernel release
-v	kernel build date
-m	hardware name
-p	processor type
-i	hardware platform
-o	OS name
-a	all above information

Following image shows two examples of the uname command.

Viewing and setting the hostname

You can view the hostname of system through two commands; the hostname and hostnamectl. To view the hostname only, use the hostname command. To view the detailed information about hostname along with the hardware information, use the hostnamectl command.

The hostnamectl command also allows us to set the hostname. To change the hostname, use the set-hostname option with this command.

Following image shows how to use both commands practically.

Viewing and setting the date and time

To view or set the date and time, we have two commands; date and timedatectl. Without any option, both commands display the current date and time. The date command provides basic information while the timedatectl provides detailed information.

To change the date and time from the date command, use the date command as explained below.

# date --set "YYYY-MM-DD HH:MM:SS"

To change the date and time from the timedatectl command, use the timedatectl command as explained below.

# timedatectl set-time YYYY-MM-DD
# timedatectl set-time HH:MM:SS

Following image shows both commands with examples.

Finding the command location

Every command in Linux has an associated script file. When we type a command at command prompt and hit the Enter key, Shell finds the related script file and executes it. To know the location of any command’s associated script file, you can use the which command.

Following image shows an example of the which command.

Counting the lines, words and characters

To count the lines, words and characters of a file, you can use the wc command. The wc command counts and displays the number of lines, words and characters of the supplied file.

Viewing all running processes in the system

The ps –ef command lists all running processes in the system. To figure out whether a particular process is running or not, you can filter the output of this command through the grep command. For example to figure out whether the Firefox is running or not, you can use the following command.

#ps -ef |grep firefox

Terminating a halted process

Linux assigns a unique process ID to each running process. You can use this process ID to terminate a halted process. To know the process ID of halted process, use the following command.

#ps -ef |grep [name of halted process]

Once you know the process ID of halted process, use it with the kill command to terminate that process.

Following image illustrates the finding and killing process of the Firefox web browser process.

Viewing the real time usage of hardware resources

To view the real time hardware usage, you can use the top command. The top command displays the real time usage of hardware resources such as CPU and memory.

Following image displays the use of the top command.

To terminate the command, press the q key.

Getting detailed hardware information

To get the detailed hardware information, you can use the lspci, lsscsi, lsusb and lscpu commands.

lspci :- This command provides information about the pci buses and their attached devices.

lsscsi :- This command provides information about the scsi devices.

lsusb :- This command displays information about the USB ports and attached devices.

lscpu :- This command displays information about the CPU.

Following image shows all above commands with output.

That’s all for this tutorial. If you like this tutorial, please don’t forget to share it friends through you favorite social network.

Read More

Basic Linux Commands for Network Testing tutorials

 

Basic Linux Commands for Network Testing

This tutorial explains basic Linux networking commands in detail through practical examples. Learn the essential Linux networking commands used for network testing and troubleshooting.

Viewing the IP addresses and MAC addresses of interfaces

The "ip addr show" command displays the current configuration and status of all network interfaces. This command is used to know or view the following information.

Current status: - whether the interface is up or down.

Mac address: - physical address of the interface.

IPv4 address: - IPv4 address of the interface.

IPv6 address: - IPv6 address of the interface.

Following image shows how to read/view above information from the output of the "ip addr show" command.

This command supports auto completion feature. It means, you can also use this command in abbreviated from such as ip a, ip a s, ip addr, etc.

Knowing the state of interfaces

The "ip link show" command displays the current status of interfaces. Besides the IP configuration, this command provides exactly same information which the "ip addr show" provides.

Following image shows both commands with output.

If you are only interested in the link state information of interfaces or just want to know whether a particular interface is up or not, you can use this command.

Viewing information only about a specific interface

By default, both "ip addr show" and "ip link show" commands display information about all connected interfaces. To view information only about a specific interface, you can specify that interface’s name or ID with these commands. For example, following commands display information about the "eno" interface.

Removing or flushing the IP configuration from an interface

To remove or flush the existing IP configuration from an interface, you can use the following command.

#ip addr flush dev [device]

For example to remove IP configuration from the device/interface "eno16777736", use the following command.

#ip addr flush dev eno16777736

Following image shows an example of removing IP configuration from the interface.

Adding the IP configuration to an interface

To assign IP address to an interface, you can use the following command.

#ip addr add [IP address/netmask] dev [name]

For example, the following command sets the IP address 172.168.0.1/16 to the Ethernet eno16777736.

#ip addr add 172.168.0.1/16 dev eno16777736

Following image shows the above command with example.

Activating and deactivating an interface

To deactivate an interface, use the following command.

#ip link set dev [interface] down

To activate an interface, use the following command.

#ip link set dev [interface] up

Following image shows both commands with example.

Besides the ip command, you can also use the ifup and ifdown commands to activate and deactivate network adapters. To use these commands, use the following syntax.

#ifdown [adapter]
#ifup [adapter]

These commands deactivate and activate interface in more graceful manner. To shut down and start the interface, these commands call appropriate configuration files from the /etc/sysconfig/network-scripts directory.

Following image shows the use of ifup and ifdown commands.

Viewing ARP Table

ARP table contains hardware address (MAC address) and software address (IP address) of other systems available in LAN network. By default, a system builds and uses this table to connect with other systems in LAN network.

To view this table, you can use the ip neigh command.

#ip neigh

Following image shows this command with sample output.

In output: -

• First column shows the IP address of remote system.
• Second column shows the name of local interface to which the remote system is attached.
• Third column shows the hardware address of local interface to which the remote system is attached.
• Fourth column shows whether the remote system is reachable or not.

Basic Linux Commands for Network Testing

This tutorial explains basic Linux networking commands in detail through practical examples. Learn the essential Linux networking commands used for network testing and troubleshooting.

Viewing the IP addresses and MAC addresses of interfaces

The "ip addr show" command displays the current configuration and status of all network interfaces. This command is used to know or view the following information.

Current status: - whether the interface is up or down.

Mac address: - physical address of the interface.

IPv4 address: - IPv4 address of the interface.

IPv6 address: - IPv6 address of the interface.

Following image shows how to read/view above information from the output of the "ip addr show" command.

This command supports auto completion feature. It means, you can also use this command in abbreviated from such as ip a, ip a s, ip addr, etc.

Knowing the state of interfaces

The "ip link show" command displays the current status of interfaces. Besides the IP configuration, this command provides exactly same information which the "ip addr show" provides.

Following image shows both commands with output.

If you are only interested in the link state information of interfaces or just want to know whether a particular interface is up or not, you can use this command.

Viewing information only about a specific interface

By default, both "ip addr show" and "ip link show" commands display information about all connected interfaces. To view information only about a specific interface, you can specify that interface’s name or ID with these commands. For example, following commands display information about the "eno" interface.

Removing or flushing the IP configuration from an interface

To remove or flush the existing IP configuration from an interface, you can use the following command.

#ip addr flush dev [device]

For example to remove IP configuration from the device/interface "eno16777736", use the following command.

#ip addr flush dev eno16777736

Following image shows an example of removing IP configuration from the interface.

Adding the IP configuration to an interface

To assign IP address to an interface, you can use the following command.

#ip addr add [IP address/netmask] dev [name]

For example, the following command sets the IP address 172.168.0.1/16 to the Ethernet eno16777736.

#ip addr add 172.168.0.1/16 dev eno16777736

Following image shows the above command with example.

Activating and deactivating an interface

To deactivate an interface, use the following command.

#ip link set dev [interface] down

To activate an interface, use the following command.

#ip link set dev [interface] up

Following image shows both commands with example.

Besides the ip command, you can also use the ifup and ifdown commands to activate and deactivate network adapters. To use these commands, use the following syntax.

#ifdown [adapter]
#ifup [adapter]

These commands deactivate and activate interface in more graceful manner. To shut down and start the interface, these commands call appropriate configuration files from the /etc/sysconfig/network-scripts directory.

Following image shows the use of ifup and ifdown commands.

Viewing ARP Table

ARP table contains hardware address (MAC address) and software address (IP address) of other systems available in LAN network. By default, a system builds and uses this table to connect with other systems in LAN network.

To view this table, you can use the ip neigh command.

#ip neigh

Following image shows this command with sample output.

In output: -

• First column shows the IP address of remote system.
• Second column shows the name of local interface to which the remote system is attached.
• Third column shows the hardware address of local interface to which the remote system is attached.
• Fourth column shows whether the remote system is reachable or not.

Remote system is any other system of the local network.

Checking connectivity between two systems

To check connectivity between two computers, you can use the ping command. The ping command uses the following syntax.

#ping [ip address or name of remote system]

By default, the ping command works continuously. To stop this command, press the ctrl+c keys.

If you get reply from the remote system, both systems are connected.

Following image shows practical examples of the ping command.

Viewing or tracing the path

To view or track the route path to a destination, you can use the traceroute command. This command uses the following syntax.

#traceroute -n [ip address or hostname of remote system]

Following image shows the sample output of this command.

The trceroute command requires root privilege. If you do not have sufficient rights or permissions to execute this command, you can use the tracepath command. This command also serve the same purpose and does not require any special permission.

Viewing the default gateway IP

To view routing table or to view the IP address of default gateway, you can use the ip route command. This command uses the following syntax.

#ip route

This command prints routing table with the IP address of default gateway. Any data packets with a destination other than networks listed in routing table are sent to the default gateway.

Following image shows the ip route command with sample output.

Displaying open network connections

To view the currently opened network connections along with TCP and UDP sockets, you can use the following command.

#ss -tupna

Following image shows this command with sample output.

Compatibility with earlier versions

RedHat made significant changes in RHEL7. All commands explained above work only on RHEL 7 or higher version. If you have a previous version, use the appropriate command from the following table.

Task	From RHEL 7	Before RHEL 7
To view the IP address and link status information of all network interfaces	ip addr show ip [-s] link	ifconfig
To assign the IP address 192.168.1.1 and netmask 255.255.2555.0 to the eth0 interface	ip addr add 192.168.1.1/24 dev eth0	Ifconfig eth0 192.168.1.1 netmask 255.255.255.0
To view the ARP table	ip neigh	arp
To view the routing table	ip route	route netstat -r
To view all listening and non-listing sockets	ss -tupna	netstat –tulpna

Changes are temporary

Changes made in IP configuration through the ip command are temporary. To make these changes permanent, either you have to use a dedicated IP management tool (such as the nmcli) or have to make changes in related configuration files manually.

To learn about the network configuration files and the way in which they are modified or updated, check the next parts of this article.

That’s all for this part. In next part of this tutorial, we will learn how to configure or set IP configuration permanently. If you like this tutorial, please don’t forget to share it with friends through your favorite social network.

Read More