Top Linux commands for system administrators

Linux operating systems offer countless sysadmin commands and utilities, which help users, developers, and engineers with system administration tasks. For example, sysadmin commands and packages can help users optimize or manage applications and provide valuable troubleshooting information to network admins or sysadmins.

These commands apply to Linux development environments, VMs, containers, and bare metal.

Top Linux commands for sysadmin

This article reviews some basic sysadmin commands frequently used for Linux system administration with some practical examples.

1. Curl

Curl is a command-line tool to transfer data from or to a server. It supports protocols such as FTP, FTPS, HTTP, HTTPS, IMAP, POP3, POP3S, RTMP, SMBS, SMTP, SMTPS, TELNET, etc. You can use it to test connectivity or an endpoint to another service such as a database.

Troubleshoot an HTTP 500 error:

$ curl -I -s my_app:5000

Include the -I option to show header information and the -s option to silence the response body.

Check database endpoint from your localhost:

$ curl -I -s my_database:27017
HTTP/1.0 200 OK

200 indicate that your connection seems okay.

$ curl my_database:27017
curl: (6) Couldn't resolve host 'database'

The error indicates that your app cannot resolve the database either because the database URL is unavailable or the host system, container, or VM does not have a nameserver to resolve the hostname.

2. ls

Ls lists files in a directory, or it can help you to examine their permissions. You can also use it in a container infrastructure to determine your container image’s directory and files. If you can’t run your application because of a permissions issue, check the permissions using ls -l, then issue appropriate file permissions using chmod. You can also combine it with flags such as ls -a to list all files or ls -R to list files and directories recursively.

[tuts@fosslinux dist]$ ls -l
-rwxr-xr-x. 1 tuts tuts 7292656 Jun 17 12:54 hello
[tuts@fosslinux hello]$ ls -R

ls -R command
ls -R command

3. chmod

Use the chmod command to set permissions to an application binary or a file. First, use the ls command to check your file permissions, then issue appropriate permissions.

Check file permissions with ls -l:

[tuts@fosslinux ~]$ ls -l
-rw-rw-r--. 1 tuts tuts 6 Jun 24 18:05

Issue execute permissions to the file to enable users to run.

[tuts@fosslinux ~]$ chmod +x
[tuts@fosslinux ~] ls -l
-rwxrwxr-x. 1 tuts tuts 6 Jun 24 18:05

4. tail

Tail displays the last contents of a file. It is helpful if you want to check logs of recent requests. For example, you tail the most recent logs to your server.

$ sudo tail -f /var/log/httpd/error_log

The -f option outputs the log lines as they are written to the file. It has a background script that accesses the endpoint every few seconds, and the log records the request. You can also tail a specific number of lines of the file with the -n option.

$ sudo tail -n 3 /var/log/httpd/error_log

5. grep

You can use grep to search files to look for specific patterns and highlight the relevant lines in the output of another Linux command. For example, to search for the line “CRITICAL” in the /var/log/dnf.log:

[tuts@fosslinux ~]$ grep CRITICAL Error /var/log/dnf.log

grep log

Use * to search in all files in a directory and -r (recursive) flag to include search in subdirectories.

cd /var/log/
$ grep -r CRITICAL Error *

You can also isolate the output to the grep command by piping the outcome:

$ cat dnf.log | grep CRITICAL Error

6. ps

The ps command is used to investigate process IDs and show the status of running processes. You can use this command to determine all running applications.

[tuts@fosslinux log]$ ps -ef

ps command
ps sysadmin command

You can also combine it with pipe and grep commands

[tuts@fosslinux log]$ ps -ef | grep httpd

ps grep
ps | grep httpd sysadmin command

Use the -u flag to view all processes owned by user name:

[tuts@fosslinux log]$ ps -u username

Use the aux flag to view all processes with detailed information such as PID, percentage of CPU time the process is using (%CPU), percentage of RAM (%MEM), virtual memory being used(VSZ), physical memory (RSS), and so on.

7. top

The top command displays a continuously updated list of system processes in order of process activity. You can use it to determine which processes are running and how much memory and CPU they consume.

top sysadmin command
top sysadmin command

The display information consists of a system summary and the table of processes sorted by CPU activity. Some information includes system uptime, load average, process owner (USER), percentage of CPU time the process is using (%CPU), percentage of RAM process is using(%MEM), total CPU time used by the process (TIME[+]), and so on.

You can also issue several commands while the top command is running. For example, press h or ? to view which commands you can issue, k to kill a process, z for global colors, or q to quit top.

8. env

The env command is used to set or display your environment variables. Use env to check if a wrong environment is preventing your application from executing.

$ env

9. netstat

netstat shows your system or infrastructure network status. You can use it to display network ports and incoming connections. You can combine it with other options such as protocol, port, or process to demonstrate the current ports your system applications are using.

# netstat -tulpn

10. ip/ ifconfig

The ip command replaces ifconfig in some Linux distros and can configure or display network interfaces and modify IP addresses, neighbor objects, and routes. You can also use it to verify your host or container’s IP address.

Use ‘ip a’ (address) to display information about all network interfaces:

[tuts@fosslinux]$ ip a

Use the ‘ip link set device_name’ command to bring an interface up or down:

[tuts@fosslinux]$ ip link set eth0 up #bring up
[tuts@fosslinux]$ ip link set eth0 down #bring down

11. df

Use df (display free disk space) command to verify the filesystem’s size and troubleshoot disk space issues. It is helpful in scenarios when you receive an error message signaling a lack of free space in your system on a container host.

[tuts@fosslinux ~]$ df -h

df sysadmin command
df sysadmin command

The -h flag displays the information in a human-readable format (i.e., MB and GB). By default, the df command displays results for every user under the root directory. However, you can limit the display to a specific directory (i.e., df -h/tmp)

Use the -x flag to ignore any file system:

[tuts@fosslinux ]$ df -h -x tmpfs

Use the -t flag to list specific filesystem type only. For example, view-only btrfs filesystem:

[tuts@fosslinux ]$ df -h -t btrfs

Use the –total flag to show grand totals:

[tuts@fosslinux ]$ df -h -t btrfs --total

df sysadmin
df sysadmin command

12. du

Use the du command to display detailed information about which files use the disk space in a directory. I find it helpful in determining which logs take up the most space. For example, run the du command with the -h (human-readable) and -s (summary) flag:

[tuts@fosslinux ~]$ sudo du -h /var/log

du sysadmin command
du sysadmin command

[tuts@fosslinux ~]$ sudo du -hs /var/log
1.5G /var/log

13. dig/ nslookup

dig is a great command-line tool to perform DNS queries. It is used in the following format :

dig <DNS server> <domain> <query-type>

The <DNS server> represents the DNS server name, <domain> is the domain name, and <query-type> is the record name (A, MX, NS SOA) you wish to know. You can also use the +short flag to suppress the verbose output.
To view the A record for

[tuts@fosslinux ~]$ dig +short

To view the MX record of

[tuts@fosslinux ~]$ dig MX +short

14. firewall-cmd

Firewall-cmd is a user-friendly front-end for nftables and ships with many distros. It allows users to set up rules to govern both outgoing and incoming network traffic to your computer. These rules can be grouped into zones that define network security trust levels of network interfaces, services, or connections. It works with IPv4, IPv6, IP sets, and ethernet bridges and features a straightforward and intuitive command syntax.

To view the current firewalld zone:

[tuts@fosslinux ~]$ sudo firewall-cmd --get-active-zones
interfaces: virbr0

Add the –list-all flag to view what each zone permits:

[tuts@fosslinux ~]$ sudo firewall-cmd --zone libvirt --list-all

firewall-cmd sysadmin command
firewall-cmd sysadmin command

To add a service:

$ sudo firewall-cmd --add-service http --permanent
$ sudo firewall-cmd –reload

If you are getting started with network security, you can read our comprehensive guide on managing network security with firewalld for more examples and tricks.

15. systemctl

systemd is available in most Linux distributions, making the systemctl command available to manage systemd services and units.

To start a service:

[tuts@fosslinux ~]$ sudo systemctl start httpd

To stop a service:

[tuts@fosslinux ~]$ sudo systemctl stop httpd

To check service status.

16. kill and killall

You can use the kill and killall commands to terminate a runaway process or free some system resources. You can send either the SIGTERM (-15) or SIGKILL (-9) signal to a process to kill the process. SIGTERM (soft kill) allows a system process to complete before it is terminated. SIGKILL terminates the process immediately.

Use kill with the -l flag to show all the signals you can send to a process.

[tuts@fosslinux ~]$ kill -l

To kill a process, determine its process ID, then issue the kill command.

[tuts@fosslinux ~]$ ps aux|grep httpd

ps aux | grep command
ps aux | grep command

To kill the httpd process with process ID 1525:

[tuts@fosslinux ~]$ sudo kill -9 1525

Use killall to kill a program by name. It kills the parent process and all child processes.

[tuts@fosslinux ~]$ sudo killall httpd

Note: Use the kill and killall commands with caution as they might break or leave your system in an unstable state.

17. history

The history command shows a history of all the commands you have used in a session. For example, you can use it to log the commands you have used to troubleshoot an application or your system.

[tuts@fosslinux ~]$ history
790 sudo firewall-cmd --get-active-zones
791 sudo firewall-cmd --zone libvirt --list-all
792 history

Use ! with a command number to re-execute it without having to retype it.

[tuts@fosslinux ~]$ !790
sudo firewall-cmd --get-active-zones
interfaces: virbr0

Wrapping up

Understanding some basic sysadmin commands can help you troubleshoot applications, solve problems, keep systems running optimally, ensure system security or even help you communicate effectively with sysadmins to resolve issues in your infrastructure.
I hope these commands will come in handy!

Related Articles


Please enter your comment!
Please enter your name here


Latest Articles


How to set up and login as root user in MySQL

A root account is a superuser account that offers a wide array of privileges throughout the databases of MySQL. By default, the initial password for the root account is ‘empty/blank,’ thus allowing access to the MySQL server as root to anyone.


More Articles Like This