Linux operating systems offer countless sysadmin commands and utilities, which help users, developers, and engineers with system administration tasks. For example, sysadmin commands and packages can help users optimize or manage applications and provide valuable troubleshooting information to network admins or sysadmins.
These commands apply to Linux development environments, VMs, containers, and bare metal.
Top Linux commands for sysadmin
This article reviews some basic sysadmin commands frequently used for Linux system administration with some practical examples.
Curl is a command-line tool to transfer data from or to a server. It supports protocols such as FTP, FTPS, HTTP, HTTPS, IMAP, POP3, POP3S, RTMP, SMBS, SMTP, SMTPS, TELNET, etc. You can use it to test connectivity or an endpoint to another service such as a database.
Troubleshoot an HTTP 500 error:
$ curl -I -s my_app:5000
Include the -I option to show header information and the -s option to silence the response body.
Check database endpoint from your localhost:
$ curl -I -s my_database:27017 HTTP/1.0 200 OK
200 indicate that your connection seems okay.
$ curl my_database:27017 curl: (6) Couldn't resolve host 'database'
The error indicates that your app cannot resolve the database either because the database URL is unavailable or the host system, container, or VM does not have a nameserver to resolve the hostname.
Ls lists files in a directory, or it can help you to examine their permissions. You can also use it in a container infrastructure to determine your container image’s directory and files. If you can’t run your application because of a permissions issue, check the permissions using ls -l, then issue appropriate file permissions using chmod. You can also combine it with flags such as ls -a to list all files or ls -R to list files and directories recursively.
[tuts@fosslinux dist]$ ls -l -rwxr-xr-x. 1 tuts tuts 7292656 Jun 17 12:54 hello
[tuts@fosslinux hello]$ ls -R
Use the chmod command to set permissions to an application binary or a file. First, use the ls command to check your file permissions, then issue appropriate permissions.
Check file permissions with ls -l:
[tuts@fosslinux ~]$ ls -l -rw-rw-r--. 1 tuts tuts 6 Jun 24 18:05 dingdong.py
Issue execute permissions to the dingdong.py file to enable users to run.
[tuts@fosslinux ~]$ chmod +x dingdong.py [tuts@fosslinux ~] ls -l -rwxrwxr-x. 1 tuts tuts 6 Jun 24 18:05 dingdong.py
Tail displays the last contents of a file. It is helpful if you want to check logs of recent requests. For example, you tail the most recent logs to your server.
$ sudo tail -f /var/log/httpd/error_log
The -f option outputs the log lines as they are written to the file. It has a background script that accesses the endpoint every few seconds, and the log records the request. You can also tail a specific number of lines of the file with the -n option.
$ sudo tail -n 3 /var/log/httpd/error_log
You can use grep to search files to look for specific patterns and highlight the relevant lines in the output of another Linux command. For example, to search for the line “CRITICAL” in the /var/log/dnf.log:
[tuts@fosslinux ~]$ grep CRITICAL Error /var/log/dnf.log
Use * to search in all files in a directory and -r (recursive) flag to include search in subdirectories.
cd /var/log/ $ grep -r CRITICAL Error *
You can also isolate the output to the grep command by piping the outcome:
$ cat dnf.log | grep CRITICAL Error
The ps command is used to investigate process IDs and show the status of running processes. You can use this command to determine all running applications.
[tuts@fosslinux log]$ ps -ef
You can also combine it with pipe and grep commands
[tuts@fosslinux log]$ ps -ef | grep httpd
Use the -u flag to view all processes owned by user name:
[tuts@fosslinux log]$ ps -u username
Use the aux flag to view all processes with detailed information such as PID, percentage of CPU time the process is using (%CPU), percentage of RAM (%MEM), virtual memory being used(VSZ), physical memory (RSS), and so on.
The top command displays a continuously updated list of system processes in order of process activity. You can use it to determine which processes are running and how much memory and CPU they consume.
The display information consists of a system summary and the table of processes sorted by CPU activity. Some information includes system uptime, load average, process owner (USER), percentage of CPU time the process is using (%CPU), percentage of RAM process is using(%MEM), total CPU time used by the process (TIME[+]), and so on.
You can also issue several commands while the top command is running. For example, press h or ? to view which commands you can issue, k to kill a process, z for global colors, or q to quit top.
The env command is used to set or display your environment variables. Use env to check if a wrong environment is preventing your application from executing.
$ env PYTHON_PIP_VERSION=20.2.2 HOME=/root DB_NAME=my_database PATH=/usr/local/bin:/usr/local/sbin LANG=C.UTF-8 PYTHON_VERSION=3.9.5
netstat shows your system or infrastructure network status. You can use it to display network ports and incoming connections. You can combine it with other options such as protocol, port, or process to demonstrate the current ports your system applications are using.
# netstat -tulpn
10. ip/ ifconfig
The ip command replaces ifconfig in some Linux distros and can configure or display network interfaces and modify IP addresses, neighbor objects, and routes. You can also use it to verify your host or container’s IP address.
Use ‘ip a’ (address) to display information about all network interfaces:
[tuts@fosslinux]$ ip a
Use the ‘ip link set device_name’ command to bring an interface up or down:
[tuts@fosslinux]$ ip link set eth0 up #bring up [tuts@fosslinux]$ ip link set eth0 down #bring down
Use df (display free disk space) command to verify the filesystem’s size and troubleshoot disk space issues. It is helpful in scenarios when you receive an error message signaling a lack of free space in your system on a container host.
[tuts@fosslinux ~]$ df -h
The -h flag displays the information in a human-readable format (i.e., MB and GB). By default, the df command displays results for every user under the root directory. However, you can limit the display to a specific directory (i.e., df -h/tmp)
Use the -x flag to ignore any file system:
[tuts@fosslinux ]$ df -h -x tmpfs
Use the -t flag to list specific filesystem type only. For example, view-only btrfs filesystem:
[tuts@fosslinux ]$ df -h -t btrfs
Use the –total flag to show grand totals:
[tuts@fosslinux ]$ df -h -t btrfs --total
Use the du command to display detailed information about which files use the disk space in a directory. I find it helpful in determining which logs take up the most space. For example, run the du command with the -h (human-readable) and -s (summary) flag:
[tuts@fosslinux ~]$ sudo du -h /var/log
[tuts@fosslinux ~]$ sudo du -hs /var/log 1.5G /var/log
13. dig/ nslookup
dig is a great command-line tool to perform DNS queries. It is used in the following format :
dig <DNS server> <domain> <query-type>
The <DNS server> represents the DNS server name, <domain> is the domain name, and <query-type> is the record name (A, MX, NS SOA) you wish to know. You can also use the +short flag to suppress the verbose output.
To view the A record for bing.com:
[tuts@fosslinux ~]$ dig bing.com +short 18.104.22.168 22.214.171.124
To view the MX record of bing.com:
[tuts@fosslinux ~]$ dig bing.com MX +short 10 bing-com.mail.protection.outlook.com.
Firewall-cmd is a user-friendly front-end for nftables and ships with many distros. It allows users to set up rules to govern both outgoing and incoming network traffic to your computer. These rules can be grouped into zones that define network security trust levels of network interfaces, services, or connections. It works with IPv4, IPv6, IP sets, and ethernet bridges and features a straightforward and intuitive command syntax.
To view the current firewalld zone:
[tuts@fosslinux ~]$ sudo firewall-cmd --get-active-zones libvirt interfaces: virbr0
Add the –list-all flag to view what each zone permits:
[tuts@fosslinux ~]$ sudo firewall-cmd --zone libvirt --list-all
To add a service:
$ sudo firewall-cmd --add-service http --permanent $ sudo firewall-cmd –reload
If you are getting started with network security, you can read our comprehensive guide on managing network security with firewalld for more examples and tricks.
systemd is available in most Linux distributions, making the systemctl command available to manage systemd services and units.
To start a service:
[tuts@fosslinux ~]$ sudo systemctl start httpd
To stop a service:
[tuts@fosslinux ~]$ sudo systemctl stop httpd
To check service status.
16. kill and killall
You can use the kill and killall commands to terminate a runaway process or free some system resources. You can send either the SIGTERM (-15) or SIGKILL (-9) signal to a process to kill the process. SIGTERM (soft kill) allows a system process to complete before it is terminated. SIGKILL terminates the process immediately.
Use kill with the -l flag to show all the signals you can send to a process.
[tuts@fosslinux ~]$ kill -l
To kill a process, determine its process ID, then issue the kill command.
[tuts@fosslinux ~]$ ps aux|grep httpd
To kill the httpd process with process ID 1525:
[tuts@fosslinux ~]$ sudo kill -9 1525
Use killall to kill a program by name. It kills the parent process and all child processes.
[tuts@fosslinux ~]$ sudo killall httpd
Note: Use the kill and killall commands with caution as they might break or leave your system in an unstable state.
The history command shows a history of all the commands you have used in a session. For example, you can use it to log the commands you have used to troubleshoot an application or your system.
[tuts@fosslinux ~]$ history 790 sudo firewall-cmd --get-active-zones 791 sudo firewall-cmd --zone libvirt --list-all 792 history
Use ! with a command number to re-execute it without having to retype it.
[tuts@fosslinux ~]$ !790 sudo firewall-cmd --get-active-zones libvirt interfaces: virbr0
Understanding some basic sysadmin commands can help you troubleshoot applications, solve problems, keep systems running optimally, ensure system security or even help you communicate effectively with sysadmins to resolve issues in your infrastructure.
I hope these commands will come in handy!