How advanced linux commands are important for admin?
The task of a system administrator is to make sure that the system is working accurately. To perform administrative tasks such as troubleshooting, maintaining computer servers and networks, and monitoring the processes, you must know linux advanced commands.
As a prerequisite, you should also know the basic set of commands in Linux. You can learn them in one of the hands-on labs we have.
Advanced Linux commands
In this hands-on lab, you will learn the top most advanced Linux commands to help you understand the processes. So let's get started!
Linux Commands Cheatsheet
For quick reference, review the below table for advanced Linux commands.
| Index | command | Usage |
| 1 | systemctl | It is used to get all information and to manage services in the system. |
| 2 | Journalctl | It is used to collect log information. |
| 3 | dig | It is used to get DNS server information. |
| 4 | nslookup | It is used to get DNS server information. |
| 5 | zip/unzip/tar | It is used to compress or decompress the file. |
| 6 | lsblk | It is used to see the block device's information with their logical partition. |
| 7 | curl & wget | It is used to transfer data to or from a server, also used in connection-related troubleshooting. |
| 8 | free | It Keeps track of memory and displays free and used memory. |
| 9 | usermod | It is used to add and modify an existing user. |
| 10 | kill | It is used to terminate a process under a given ID |
| 11 | uptime | It is used to display for how long the system is running. |
| 12 | sed | It is a text editor used to perform a different operation on a file. |
| 13 | chmod | It is used to change file/directory permission. |
| 14 | chown | It is used to change file/directory ownership. |
| 15 | wall | It is used to write messages to all users. |
| 16 | df & du | Both commands are used to see disk space. Df-used to see free and used space on the mounted system.Du-used to see disk usage for all files and directories. |
| 17 | Ip or ifconfig | Both work the same to display and manipulate route & network interface. |
| 18 | traceroute | It is a network troubleshooting utility |
| 19 | mount & umount | 1)mount is used to attach (or mount) a filesystem to a specific directory in the file system hierarchy.2)umount is used to detach (or unmount) a mounted filesystem from its mount point. |
| 20 | fdisk | This command is used to see disk space.fdisk is especially used to display disk partitions, sizes, managing disk and types with the multiple commands under fdisk. |
| 21 | tcpdump | tcpdump tool is mostly used by the system administrator for troubleshooting connectivity-related issues in linux. |
| 22 | ping | To check connectivity between 2 nodes. |
| 23 | netstat | To get the network statistic/status information. |
| 24 | env | To see current environment variables and their associated values. |
| 25 | ufw | The ufw (uncomplicated firewall) command is used to configure and use the firewall. |
| 26 | awk | used for text processing and manipulation. |
Now, let's dive deep into all the commands mentioned in the cheat sheet above one by one.
systemctl command
systemctl [option(s)] <command name> In Linux, systemd is used as a service and system manager. The systemd provides a systemctl utility that helps you to get to know all active services running in the system. you can use the systemctl command to start and stop the service, to monitor the service status. With the help of systemctl, you can configure the service to run at the start of a system.
- To see active services running on a linux system
systemctlPress “q” to quit from the navigation window
| UNIT | The name of systemd unit |
| LOAD | Whether UNIT configurations are properly loaded into memory or not |
| ACTIVE | UNIT status, whether it is active or not |
| SUB | It provides more detailed information about UNIT, and values depend on unit type |
| DESCRIPTION | explain each unit and what it does |
- If you want to start/stop/enable/disable etc, any service
sudo systemctl status/start/stop <service name> For example, here, we can check the apache2 service. If it's not installed in the system, you can use the following command to install it.
sudo apt update && sudo apt install apache2 -yTo see the status you can use
sudo systemctl status apache2To start or to stop service we can use
sudo systemctl stop apache2sudo systemctl start apache2For more information and options, you can use the systemctl --help command.
journalctl command
journalctl [option(s)]Systemd collects all logs from the kernel,initrd, different services, etc. These logs are known as journals. systemd runs the systemd-journald.service, which stores these logs in journal form. The systemd-journald.service stores these logs in binary format, To read and display these logs in a readable format, the journalctl utility is used. By default, journalctl displays logs in order, with the oldest first. (basically, to display all logs, to access and manipulate these logs journalctl command is used)
- To get all logs
journalctl- To display priority-specific log entries.
journalctl -p warning- To see only today's log
journalctl --since todayFor more information and options, you can use the journalctl --help command.
dig command
dig [server] [Name] [type]| [server] | IP address or Hostname of the name server |
| [Name] | The name of the resource which is going to be searched |
| [Type] | type of query requested by dig command |
- To install dig for ubuntu-based linux system
sudo apt update && sudo apt install dnsutils -yThe dig(Domain Information Groper) command is used to get information about DNS name servers, also used to troubleshoot DNS problems. basically, this command is mostly used by the network administrator.
- To query the domain name
dig cloudyuga.guruIt gives information such as dig version, and statistics about the query.
- To get short information, use the
+shortoption.
dig cloudyuga.guru +shortIf no argument is specified with the dig command, It considers by default value as A(which stands for Address) and asks the DNS server to return the IP address associated with the domain name.
digFor more information and options, you can use the dig --help command.
nslookup command
nslookup [-option(s) ][ name|-][ server ]apt-get install dnsutils -y command.The nslookup command is used to get the information from the DNS server. This command is one of the most used commands by administrators for testing, getting domain names, IP addresses, and troubleshooting the DNS server.
The nslookup command can be worked in two modes such as interactive and non-interactive modes.
To use the nslookup command in interactive mode you can use the “nslookup” command on the terminal without passing any argument.
nslookupTo exit from interactive mode type “exit”
To use the nslookup command in the non-interactive mode, you have to pass the domain name or IP address of the domain.
The syntax for non-interactive mode -
nslookup <option(s)> [domain-name]- To get the IP address of the domain name.
nslookup google.com- To get domain information from IP
nslookup <ip-address>- To see the debugging information, use
debugflag.
nslookup -debug cloudyuga.guruFor more information about options, you can use the “man nslookup” command.
zip/unzip/tar commands
zip command
zip [option(s)] <archive name.zip> <files names separated by space>The zip command is simply used to compress the file size. The extension of a zip-compressed file is .zip
- You can use the following command when an error for zip occurs (zip: command not found)
sudo apt update && sudo apt install zip -y- To compress files using the zip command
zip <newfile_name.zip> <file/path> For more information and options, you can use the zip –help command.
unzip command
unzip [option(s)] <archive name>unzip command will simply list, test and extract files from a zip archive file.
- To extract a file using unzip command
unzip <file_name.zip>For more information and options, you can use the unzip --help command.
tar command
tar [options] [archive-file] [file or directory to be archived]tar(Tape Archive) command is used to create and extract archived files in linux. With the help of the tar command, we can extract multiple different archive files. The extension of the tar-compressed file is .tar .If you want better compression you can use gzip which gives a .tar.gz extension file.
- To create and archive a file, we use the
-cparameter.
tar -cvf <tar file name.tar> <file/dir path>- To extract an archived tar file
-xparameter is used.
tar -xvf <archive file name> Options -
| -c | To create an archive file this parameter is used |
| -x | To extract the archive file this command is used |
| -f | To create an archive file with the given name |
| -v | To display verbose information |
| -z | zip, tells tar command to create tar file using gzip |
For more information and options, you can use the tar --help command.
lsblk command
lsblk [option(s)] <device>The lsblk (list block device) is used to list all block devices of a system with their logical partition. The lsblk command reads the sysfs filesystem and udev db to get this information. Expect (RAM disks) This command lists all block devices in a tree-like format.
- To display block devices on your system.
lsblk- To display information about the device owner, group, and mode of the block device.
lsblk -m- To see the information about the specific device.
sudo lsblk /dev/vda1For more information and options, you can use the lsblk --help command.
curl and wget command
curl
curl [option(s)]<URL>Curl is a command-line tool is used to transfer data to or from the server and also used in connection-related troubleshooting. Curl command transfer data using different protocols(HTTP, FTP, IMAP, SMTP, SFTP, etc). curl uses the libcurl library
- To display the source code of the homepage for the domain. If we did not mention any protocol curl will interpret the content to HTTP.
curl https://cloudyuga.guru/You can also download files from a remote location with the curl command and different options like -
a) The -O option will save the remote file in the current working directory with the same file name as the remote.
curl -O https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpgb)The -o option will save the remote file at your specified location with a different file name as well.
curl -o tree.jpg https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpgFor more information and options, you can use the curl --help command.
wget
wget [option(s)]<URL>Wget(world wide web get) tool is similar to curl but wget downloads the files from the server even when a user has not logged into the system(i.e non-interactive). It can work in the background without delaying the current process. It supports HTTP, HTTPS, and FTP protocols. Due to a network problem if downloading failed wget will keep retrying until the whole file has been downloaded.
- To download the file in the background and also create and write output into the file.
wget -b https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpg- To view all possible options of the wget command with URL.
wget -h https://cdn.pixabay.com/photo/2015/04/23/22/00/tree-736885_960_720.jpgFor more information and options, you can use the wget --help command.
free command
free [option(s)]Free command is used to know the total amount of available free space, used space, and swap memory of a system. By default, it shows memory in kb (kilobytes). swap memory is part of a hard disk drive that acts like virtual RAM.
- To see available memory
free| Total | displays total installed memory(memory present in /proc/meminfo) |
| Used | It shows used memory |
| Free | it will display unused memory |
| Shared | it will display memory used by tmpfs(memory present in /proc/meminfo and it will display zero if it's not available ) |
| Buff | It will display memory used by the kernel buffer |
| Cache | display memory used by page cache and slabs |
| buff/cache | display the sum of buffer and cache |
| Available | it shows available space |
- To get data in a human-readable format
free -hThis command gives output in the shortest 3-digit format with their respective units like B(bytes), K(kilos), M(megas), G(gigas), and T(teras).
For more information and options, you can use the free --help command.
usermod command
Usermod [option(s)] <username>The usermod command is used to modify existing users. It can be used to modify attributes such as usernames, groups, permissions, etc. When we execute this command, it will make some changes in the file, which stores information about users.These files are:
| /etc/passwd | It contains information about the user accounts |
| /etc/group | It contains information about the groups |
| /etc/shadow | It contains secret information related to the user account such as password in encrypted form and can be accessed by the root user only |
| /etc/gshadow | It contains secret information related to the group, such as passwords in encrypted form, and can be accessed by the root user only |
| /etc/login.defs | define various settings related to the login process for users. It is a global configuration file that applies to all users on the system |
- To add information about the user by option
-c. You have to pass the user name after the usermod command in the example below: "ubuntu" is the user name.
sudo usermod -c "This is ubuntu user" ubuntugetent command is used to check the user-related entry in /etc/passwd.
- To change the user home directory using the
-doption.
sudo usermod -d [directory-location][username]For more information and options, you can use the usermod --help command.
kill command
kill [option(s)] PIDThe kill command is used to terminate the process. By sending a signal It will terminate the process single at a time with a given process ID.kill command sends SIGTERM signal to stop the process.
- To see all available locations of the kill command
type -a killWe can use options (or signal) with kill command in different ways like -
- By number (eg. -2)
- With SIG prefix(eg. -SIGTERM)
- Without SIG prefix (eg. -KILL)
The process behaves according to the signal sent by the kill command and if no signal is specified, the default signal is -15(-TERM).
- To know all signals available for the kill command
kill -lTo kill the unresponsive process with a number kill -9 <PID> or with signal kill -SIGKILL <PID>
kill -9 <PID>There are multiple methods to kill the process depending on whether you know only name, PID, or how long process has been running such as -
- killall <process name>
- pkill [option(s)] <pattern>
- Xkill <resource>
For more information and options, you can use the kill --help command.
uptime command
uptime [option(s)]uptime command is used to display the time for how long the system is running.
- To get the current system time, time for running state of the system, number of users logged in, and the load time for the past 1,5 and 15 minutes respectively.
uptime-sis used to get a specific starting time and date of the running process.
uptime -sFor more information and options, you can use the uptime --help command.
sed command
sed [option(s)] <script><inputfile>sed is a text stream editor used to perform lots of functions on files such as filtering, find and replace, insertion or deletion without opening a file. The most common use of the sed command is to find and replace the word.
- To replace/substitute string
sflag is used.
sed 's/old_string/new_string/' <file_name>cat << EOF > test.txt
hello
This is demo file
EOF
sed 's/demo/text/' test.txt Above command replaces only the first occurrence.
- To replace all occurrences, use the
gflag in last.
sed 's/old_string/new_string/g' <file_name>cat << EOF > sample.txt
hello John
How are you John?
EOFsed 's/John/Mr.bin/g' sample.txt - To delete a specific line use
#dwhere # is the number of lines
sed 1d <file_name>For more information and options, you can use the sed --help command.
awk command
awk 'pattern { action }' input_fileThe awk command is used for text processing and manipulation. It is a powerful scripting language used for text scripting .though this is a text processing command but also used to generate reports, analyze data, and more.
Though linux provide the sed command it has some restriction .where awk provide feature such as -
- It scans line by line from files
- It is also used to format the output
- It is used to build small-scale programs, reports, etc.
- It splits the input line into fields.
- It is used to transform data files and much more
- To print the content of the file.
awk '{print}' <file_name>cat test.txtawk '{print}' test.txt In the above example, no pattern is specified to the command, so the actions are applied to the whole file data.
- To print data from files that match the given pattern
awk '/<pattern>/{print}' file_nameawk '/demo/{print}' test.txt In the above example, the awk command prints all the line which matches the given pattern.
and also, To print data from files by sorting lines into fields. By default, the awk command splits the data delimited by whitespace characters and stores it into $n variables. suppose the line has 4 words in line then these words are stored in $1 to $4 variables respectively.$0 represents the whole line.
awk '{print $variable-range}' <file_name>awk '{print $1,$3}' test.txt In the above example, $1 & $4 represent the Name and Position fields respectively.
For more information about options, you can use the awk --help command.
chmod command
chmod [option(s)] <permission(s)> <file or directory>To change the file and directory permissions the chmod(i.e change mode) command is used. This command only required permission and file name.
Permission- Can be read, write, execute, or a combination of them. It takes permission in number format as well.
File or directory- name of file or directory for which permission can be changed.
There are some specific letters that are used to give permission for that specific user.
To add permission there are 2 modes-
- Symbolic mode- In this mode symbols are used like u,g, and o to show user, group, and others and permission as well like r,w,x.
- Absolute mode- In this mode, we assign permission in 3 digit number which has ranged from 0-7.
| Reference | Class | Description |
| u | owner | Owner of file |
| g | group | Users who are members files group. |
| o | others | These users are not part of the owner or group. |
| a | all | All three of the above same as u-g-o |
There are some operators which are used to give permission
| + | This operator is used to add permission to a file/directory |
| - | This operator is used to remove permission to file/directory |
| = | This operator is used to assign equal permission to file/directory |
Permission which is assigned to given classes
| r | Permission to read the file |
| w | Permission to write or delete the file |
| x | Permission to execute the file / directory |
- If you want to give executable permission to the owner (Symbolic mode)
chmod u+x <file_name> - If you want to give executable permission to the owner (absolute mode)
chmod 744 <file_name>For more information and options, you can use the chmod –help command.
chown command
chown <new owner/user name> <file/directory name>The ownership and permission of the file and directory ensure that the file and directory are secured. chown(change ownership) command is used to change the ownership of a file or directory.
For example to change the ownership
sudo chown root <file_name>It shows a message when a file change is made with -c option
sudo chown -c user_name <file_name>For more information and options, you can use the chown --help command.
wall command
wall [option(s)]<message/file>wall command is used to write a message to all users. This command displays the message and content of the file otherwise it takes a message as an argument and passes it as input to the wall.
- To display help message and exit
wall -h$wall -t command stops the write attempt to the terminal after a timeout Seconds, The default value is 300 seconds, and $wall -V shows the version
wall -VFor more information and options, you can use the wall --help command.
df and du command
df command
df [option(s)] <file name>df(disk free) command is used to know the total space and available space on a file system. If we did not mention the file name then it displays the space currently available on the mounted file system.
- To see the space amount drivers use, we can use the following command where
-his used to show output in a human-readable format(kilobyte, megabytes,& gigabytes).
df -h- To get file type you can use the
-Toption, and to get the grand total, use the--totaloption.
df -T --totalFor more information and options, you can use the df --help command.
du command
du [option(s)] <file/directory name>du(disk usage) command is used to know how much amount of space is used by a file or directory from disk. The du command estimate and display disk space used by files/directories.
- To see the disk used by the directory.
-hoption used to show output in human-readable format(kilobyte, megabytes,& gigabytes).
du -h /etc/apt/For more information and options, you can use the du --help command.
ip or ifconfig command
ip
ip [option(s)] object <command | help>Ip command is used to perform several network administrator tasks.ip command is used to perform tasks like assigning an address to a network interface or configuring network interface parameters, showing network information, manipulating routing devices and tunnels, setting up the ip address, etc.
- To see the private ip address of the machine
ip addr- To display and alter the routing table a
route(r)object can be used.
ip routelinkobject used to see link layer information for all available devices with the driver loaded.
ip linkFor more information and options, you can use the ip –help command.
Ifconfig
ifcofig [interface_name(optional)][arguments(optional)]Ifconfig is used to configure the network interfaces. ifconfig is a part of net-tools. The IP command work in a similar manner but ifconfig has limited capabilities compared to the IP command
In the newer version of linux distributions ifconfig command is not configured. So the user has to install
- For Debian, Ubuntu, and related Linux distributions, install it with the below command
sudo apt update && sudo apt install net-tools -y- To see all available interfaces
-a
ifconfig -a- To get interface information in short use
-s
ifconfig -sFor more information and options, you can use the ifconfig --help command.
traceroute command
traceroute [option(s)] HOSTTraceroute is a network troubleshooting utility. It is used to get the number of hops and the route of packets to reach the host(destination). This command is used when you want to know how the data is transmitted from the local machine(source) to the destination (host/remote machine). The traceroute command displays the routes, IP addresses, and hostnames of routers over the network.
IPv6)- To install traceroute in linux
sudo apt update && sudo apt install traceroute -y- To understand traceroute we are going to trace ubuntu.com as host(destination) using IPv4 protocol.
traceroute ubuntu.comHere,
- The 1st line displays the hostname and ip address(destination), the number of hops that are going to be attempted by the traceroute command, and packets size to be sent.
- The 2nd line shows the address of that hop. Then a three-space-separated time By default for each hop 3 packets sends that's why 3 response times(in milliseconds) are listed.
- These 3 responses mean the time taken by a packet to reach the hop.
- The ‘*’ symbol shows packet loss. this happens because of high traffic, network outage, etc.
- To set the initial value to attempt from a given hop number, we use
-f(first_ttl-time to live) hop(instead of 1)means it will attempt from a given hop number.
traceroute -f 12 ubuntu.comFor more information and options, you can use the traceroute --help command.
mount and umount command
mount
mount [type][device][dir]To attach additional devices to the file system mount command is used. The command passes the mount instruction to the kernel to complete the mount operation.
[type] is used to describe the file system type(EXT3, EXT4, BTRFS, XFS, HPFS, VFAT, etc.).If you did not mention the [dir] part of syntax its mount point is /etc/fstab (/etc/fstab contains information about which device needs to be mounted where)
- Use
-lto display information about file system mounted of a specific type-t
mount -l -t ext4- To mount file
sudo mount /dev/sda1 <dir_name>For more information and options, you can use the mount --help command.
umount
umount [device] or umount[dir]umount command is used to unmount(detach) the attached file system from the system tree. You can detach the file system by using the mount point or device name.
- To detach a file system by using directory
sudo umount <dir_name>For more information and options, you can use the umount --help command.
fdisk command
fdisk [option(s)] devicefdisk(format disk) command is used to create and manipulate the disk partition table. fdisk command is used to create, delete, resize, copy, view, and move partitions on a hard drive. fdisk allows a maximum of 4 primary partitions and depending on the size of the hard disk it will create a logical partition as well.
- To view all disk partitions
sudo fdisk -l- To view partitions on the specific disk.
sudo fdisk -l /dev/vda14- To view all commands under fdisk use
sudo fdisk /dev/vda For more information and options, you can use the fdisk --help command.
tcpdump command
tcpdump [option(s)]<expression>- Install tcpdump with below command
apt update && apt install tcpdump -y- To capture a packet of the current network interface
sudo tcpdump- To display all available interfaces
sudo tcpdump -D- To display information about the specific interface
-ioption is used
sudo tcpdump -i loFor more information and options, you can use the tcpdump --help command.
ping command
ping [option]<hostname/IP_address>- To install ping on Ubuntu/Debian
apt update && apt install inetutils-ping -y- To troubleshoot networking issues and check the connectivity the
pingcommand is used.
ping google.comFor more information and options, you can use the ping --help command.
netstat command
netstat [option(s)]- To install netstat on Ubuntu/Debian
apt-get install net-tools -yThe Netstat command is used to get the network statistic/status information. However, the netstat command finds network-related issues by specifying the amount of traffic on a network,open-closed ports, routing tables, interface records, etc.
When we use the netstat command without any option it gives information related to the network for example -
netstatHere,
- Proto - Gives information related to which protocol is used for connection like (TCP, and UDP).
- Recv-Q - Gives information related to received or ready-to-receive queue of bytes.
- Send-Q - Gives information related to the queue of bytes ready to be sent.
- Local address - Gives information related to the address and port of the local connection.
- Foreign address - Gives information related to the address and port of the remote connection.
- State - Gives information related to the state of the local socket like(ESTABLISHED, LISTENING, CLOSED or blank)
The second part shows information related to active UNIX domain sockets
Here,
- Proto - Gives information related to which protocol is used for connection (always UNIX)
- RefCnt - Gives information related to attached processes to the socket(by providing the reference number).
- Flags - Gives information related to flags. It is usually ACC or Blanks(note - SO_ACCEPTON is displayed as ACC which is used to show used on unconnected sockets if their related processes are waiting for connection request )
- Type - Gives information related to types of sockets.
- State - Gives information related to sockets like CONNECTED, LISTENING, or blank.
- I-Node - Gives information about the inode related to the socket.
- Path - Gives information related to the socket system path.
- For example to list all listening port
netstat -lFor more information about options, you can use the man netstat command.
env command
env [OPTION]...[-][NAME=VALUE]...[COMMAND [ARG]...]The env command is used to see current environment variables and their associated values. many times env command is used by shell scripts to launch the correct interpreter.
- To show all env variables without any argument.
env- To display version information and exit
env --versionFor more information about options, you can use the man env command.
ufw command
ufw <option(s)> [rule]- To install ping on Ubuntu/Debian
apt-get install ufw -yThe ufw (uncomplicated firewall) command is used to configure and use the firewall. ufw command uses the iptables. ufw command is used to set rules to allow or deny incoming and outgoing network traffic to and from their system., or to create an IPv4 or IPv6 host-based firewall, etc. Also, the ufw command is used to setting up firewall rules to protect their system from unauthorized access and malicious network traffic.
- To see the status of the firewall use ufw
sudo ufw status - You can see in the above example that the firewall is inactive to make active use following command.
sudo ufw enable- If you want to block a network connection from a specific IP address, you can run the following command.
sudo ufw deny from 203.0.113.100- To undo things like to allow you can use following command
sudo ufw allow from 203.0.113.100- To delete a rule you can use the following command to get the id and delete the rule using that id
sudo ufw status numbered- To delete the rule using the id
sudo ufw delete <id>For more information about options, you can use the man ufw command.
Conclusion
To perform linux administrative tasks you must have knowledge of the above commands. mastering advanced Linux commands is essential for improving productivity and streamlining workflows. Commands such as ping, awk, curl, journalctl, nslookup, etc. are powerful commands/tools for performing complex tasks, automating repetitive tasks, and troubleshooting issues efficiently.
Perform the above lab so the user can become more efficient and get a deeper understanding of Advanced linux commands.
There are lots of more helpful commands. If we have left something out, please let us know and share your favorite Advanced Linux commands in the comment section. Have Great learning!
