HowTO use and understand your Ubuntu/linux system. NOTE: not all commands are listed obviously, just ones that i thought were important
feel free to message me, or post here, if you think something else should be added. Other comments also welcome.
Ask for support here also if you wish.
Please tell me if it is too difficult to follow -- Note, pressing Ctrl+F in Firefox will allow for searching of key terms ;)
You may also like to see my networking tutorial:
http://ubuntuforums.org/showthread.php?p=5532395
Table of Contents
Finding Some System Info
*Load, statistics and messages
*Running kernel and basic system information
*Information about your hardware
*Kernel Detected Hardware
*Commands for Users and controlling them
*Limits
*Per Shell/Script
*Per User/Process
*System Wide Limits
*Runlevels
*Standard linux runlevels
*Debian Runlevels
*kernel
*Kernel Modules
*Compiling Your Kernel
Listing and manipulating processes
*Listing and Manipulating Processes
*Priorities
*Background/Foreground
*Using Top effectively
*Signals/Kills
File Systems
*Permissions
*Disk Information
*System Mount points
*Disk Usage
*Find out who has which files open
*Find opened files on a mount point with fuser or lsof:
*About and application
*About a Single File
*Mount/remount a file system
*Add Swap on the fly
*Mount a samba share
*Mount an image
*Create and burn an ISO image
*Convert a .nrg file to .iso
*Convert a cue/bin file to .iso
*Create a file based image
*Losetup
*Create a memory filesystem
*Disk Performance
Finding Some System Info
Load, statistics and messages -- useful to find out what is happening in your system
# displays and updates the top cpu processes# displays your processors related statistics -- install via apt-get install sysstatCode:top
# displays your virtual memory statisticsCode:mpstat 1
# display I/O statistics (2 s intervals) -- also installed via sysstatCode:vmstat 2
# Last 500 kernel/syslog messagesCode:iostat 2
# Last 500 kernel/syslog messagesCode:tail -n 500 /var/log/syslog
# System warnings messages see syslog.confCode:tail -n 500 /var/log/messages
Running kernel and basic system informationCode:tail /var/log/warn
# Get the kernel version -- Use uname --help for variations of this command# Show how long the system has been running and CPU loadCode:uname -a
# system's host nameCode:uptime
# Display the IP address of the hostCode:hostname
# Description of the file system hierarchyCode:hostname -i
# Show system reboot historyCode:man hier
# Full release info of any LSB distributionCode:last reboot
# Get Debian version (yes ubuntu gives one, it is based on debian)Code:lsb_release -a
Information about your HardwareCode:cat /etc/debian_version
Kernel detected hardware
# Detected hardware and boot messages# information about installed hardwareCode:dmesg
# Read the BIOSCode:lsdev
# Shows PCI devicesCode:dd if=/dev/mem bs=1k skip=768 count=256 2>/dev/null | strings -n 8
# Shows USB devicesCode:lspci
# Shows DMI/SMBIOS info (hardware information from the BIOS)Code:lsusb
# Show a list of all devices with their propertiesCode:dmidecode
# Shows a list of connected hardwareCode:lshal
# Information about your CPUCode:lshw
# Info about your hardware memoryCode:nano -w /proc/cpuinfo
# Displays your physical memoryCode:nano -w /proc/meminfo
# Watch changeable interrupts continuously -- Watch -n1 is very useful to watch any changing fileCode:grep MemTotal /proc/meminfo
# Used and free memory (-m for MB)Code:watch -n1 'nano -w /proc/interrupts'
# Configured devicesCode:free -m
Commands for Users and Controlling themCode:nano -w /proc/devices
# Shows the active user id with login and group# Shows last logins on the systemCode:id
# Shows who is logged on the systemCode:last
# Shows last boot timeCode:who
# Add group "admin"Code:who -b
# Adds user Joe Bloggs to group adminCode:groupadd admin
# Add existing user to groupCode:useradd -c "Joe Bloggs" -g admin -m joe
# Delete user joeCode:usermod -a -G <group> <user>
To temporarily prevent logins system wide (for all users but root) use nologin.Code:userdel Joe
The message in nologin will be displayed (might not work with ssh pre-shared keys).
# Replace Sorry no login now for the message you would like to display
LimitsCode:echo "Sorry no login now" > /etc/nologin
Some applications require higher limits on open files and sockets. The default limits are sometimes too low.
Per shell/script
The shell limits are governed by ulimit. The status is checked
with ulimit -a. For example to change the open files limit from
1024 to 10240 do:
The ulimit command can be used in a script to change the limits for the script only.Code:ulimit -n 10240
Per user/process
Login users and applications can be configured in /etc/security/limits.conf. For example:
# Limit user processesCode:nano -w /etc/security/limits.conf
# Limit application open filesCode:* hard nproc 250
System wide limitsCode:asterisk hard nofile 409600
Kernel limits are set with sysctl. Permanent limits are set in /etc/sysctl.conf.
# View all system limits# View max open files limitCode:sysctl -a
# Change max open files limitCode:sysctl fs.file-max
# port rangeCode:sysctl fs.file-max=102400
Code:echo "1024 50000" > /proc/sys/net/ipv4/ip_local_port_range
# Permanent entry in sysctl.confCode:nano -w /etc/sysctl.conf
# How many file descriptors are in useCode:fs.file-max=10240
RunlevelsCode:nano -w /proc/sys/fs/file-nr
Once booted, the kernel starts init which then starts rc which starts all scripts belonging to a runlevel.
The scripts are stored in /etc/init.d and are linked into /etc/rc.d/rc#.d with # the runlevel number.
The actual runlevel can be changed with init. For example to go from 3 to 5:
# Enters runlevel 5Runlevel listCode:init 5
* 0 Shutdown and halt
* 1 Single-User mode (also S)
* 2 Multi-user without network
* 3 Multi-user with network
* 5 Multi-user with X
* 6 Reboot
The above is for what most linux OSs do, however, debian acts slightly differently:
* 0 System Halt
* 1 Single User
* 2 Full multi-user mode (Default)
* 3-5 Same as 2
* 6 System Reboot
Debian and systems based on Debain, use the command update-rc.d to manage runlevels scripts.
Default is to start in 2, 3, 4 and 5 and shutdown in 0, 1 and 6.
in the following examples, i will use sshd (the ssh server)
# Activates samba in the default runlevel# For use with explicit argumentsCode:update-rc.d sshd defaults
# Disable sshd for all runlevelsCode:update-rc.d sshd start 20 2 3 4 5 . stop 20 0 1 6 .
# Shuts down and halts the system -- 'now' can be replace with a number # (# minutes from now)Code:update-rc.d -f sshd remove
Also, debian tends to want to use a tool called 'telinit' to switch init modes.Code:shutdown -h now
i.e. #switches to runlevel 3Also, take caution. Whilst you can issue telinit 6 to issue a shutdown... it really is not recommended.Code:telinit 3
Resetting your root password
EDIT: Has been removed due to this forum policy: http://ubuntuforums.org/showthread.php?t=765414 (thanks Rocket2DMn)
Kernel
Kernel modules
# Lists all modules loaded into the kernel# To load a module -- I used ndiswrapper hereCode:lsmod
# To unload a moduleCode:modprobe ndiswrapper
Compiling your KernelCode:rmmod nidiswrapper
# Changes Directory to the current kernel source -- verify the directory with ls -l, and create if necessary with ln -s# Cleans everything, including config filesCode:cd /usr/src/linux
# Reuses the old .config if it existsCode:make mrproper
# or xconfig or gconfig, depending on personal preferenceCode:make oldconfig
# Creates a compressed kernel imageCode:make menuconfig
# Compiles the modulesCode:make
# Installs the modulesCode:make modules
# Installs the kernelCode:make modules_install
Listing and manipulating processesCode:make install
Listing and manipulating processes
Each process has a unique number, a PID. A list of all running processes is retrieved with ps.
# List of all running processes# An Extensive list of all running processesCode:ps -A
Many handy uses of ps involve a pipe (|) and grep:Code:ps -auxefw
# Looks for a process with cron -- may not actually be running, use ps -A for running commands.# an example output -- in this case, cron is not runningCode:ps axww | grep cron
# Finds all ssh PIDs without the grep pidCode:15087 pts/2 R+ 0:00 grep --colour=auto cron
# Find the PIDs of processes by (part of) nameCode:ps aux | grep 'ss[h]'
# Echos the PID of your shellCode:pgrep -l sshd
# List processes using port 22 on TCPCode:echo $$
# List processes accessing the /home partitonCode:fuser -va 22/tcp
# Trace system calls and signalsCode:fuser -va /home
# Display the last 50 used commandsCode:strace df
PrioritiesCode:history | tail -50
Change the priority of a running process with renice. Negative numbers have a higher priority,
the lowest is -20 and "nice" have a positive value.
# Stronger priority on PID 1070# Output would look something like the following:Code:renice -5 1070
Start the process with a defined priority with nice. Positive is "nice" or weak,Code:1070: old priority 0, new priority -5
negative is strong scheduling priority. Make sure you know if /usr/bin/nice or
the shell built-in is used (check with which nice).
# Stronger priority (/usr/bin/nice)# Weaker priority (/usr/bin/nice)Code:nice -n -5 top
# tcsh builtin nice (same as above)Code:nice -n 5 top
While nice changes the CPU scheduler, an other useful command ionice will schedule the disk IO.Code:nice +5 top
This is very useful for intensive IO application which can bring a machine to its knees while
still in a lower priority. You can select a class (idle - best effort - real time),
the man page is short and well explained.
# set idle class for pid 123# Run firefox with best effort and high priorityCode:ionice c3 -p123
# Set the actual shell to idle priorityCode:ionice -c2 -n0 firefox
For example, the last command is very useful to compile or debug a large project.Code:ionice -c3 -p$$
Every command launched from this shell will have a lower priority and will not disturb the system.
$$ is your shell pid (use echo $$ to see the PID of your shell.).
Background/Foreground
When started from a shell, processes can be brought in the background and back to the foreground with <Ctrl>-<Z> (^Z),
bg and fg. For example start two processes, bring them in the background, list the processes with jobs and bring one
in the foreground.
# ping is suspended (i.e stopped) with <Ctrl>-<Z>Code:ping google.com > ping.log
# put in background and continues runningCode:^Z
# List processes in backgroundCode:bg
# example output:Code:jobs -l
# Bring process number 2 back in foregroundCode:[1] - 36232 Running ping google.com > ping.log
[2] + 36233 Suspended (tty output) less /var/log/messages
Use nohup to start a process which has to keep running when the shell is closed (it is immune to hangups).Code:fg %2
# Also needs the '&' to sub-task the pingUsing top effectivelyCode:nohup ping -i 60 > ping.log &
The program top displays running information of processes.
# runs top from the terminalWhile top is running press the key h for a help overview. Useful keys are:Code:top
* u [user name] To display only the processes belonging to the user. Use + or blank to see all users
* k [pid] Kill the process with pid.
* 1 To display all processors statistics (Linux only)
* R Toggle normal/reverse sort.
Signals/Kill
Terminate or send a signal with kill or killall. Kill kills something with a PID, killall with the process name, see
man kill and man killall for more info.
#PID of the ping processCode:ping -i 60 google.com > ping.log &
# same as kill -15 4712Code:[1] 4712
# Kill HUP processes by exact nameCode:kill -s TERM 4712
# Kill TERM processes by (part of) nameCode:killall -1 httpd
# Kill TERM processes owned by wwwCode:pkill -9 http
# Kill every process accessing /home (to umount)Code:pkill -TERM -u www
Important signals are (use anything above signal 3 with caution):Code:fuser -k -TERM -m /home
* 1 HUP (hang up)
* 2 INT (interrupt)
* 3 QUIT (quit)
* 9 KILL (non-catchable, non-ignorable kill)
* 15 TERM (software termination signal)
File Systems
Permissions
Change permission and ownership with chmod and chown.
The default umask can be changed for all users in /etc/profile.
The default umask is usually 022. The umask is subtracted from 777,
thus umask 022 results in a permission 0f 755:
1 --x execute # Mode 764 = exec/read/write | read/write | read
2 -w- write # For: |-- Owner --| |- Group-| |Oth|
4 r-- read
ugo=a u=user, g=group, o=others, a=everyone
# MODE is of the form [ugoa]*([-+=]([rwxXst]))# Restrict some-log -rw-r-----Code:chmod [OPTION] MODE[,MODE] FILE
# Same as aboveCode:chmod 640 /var/log/some-log
# Recursive remove other readable for all usersCode:chmod u=rw,g=r,o= /var/log/some-log
# Set SUID bit on executable (use with caution)Code:chmod -R o-r /home/*
# Find all programs with the SUID bitCode:chmod u+s /path/to/app
# Change the user and group ownership of a fileCode:find / -perm -u+s -print
# Change the group ownership of a fileCode:chown user:group /path/to/file
# Change permissions to 640 for all filesCode:chgrp group /path/to/file
# Change permissions to 751 for all directoriesCode:chmod 640 `find ./ -type f -print`
Disk informationCode:chmod 751 `find ./ -type d -print`
# information about the IDE/ATA disk# Display and manipulate the partition tableCode:hdparm -I /dev/sda
# Display the disk SMART info (must have a SMART compatible disk) -- install with apt-get install smartmontoolsCode:fdisk /dev/sda
System mount pointsCode:smartctl -a /dev/sda
# Show mounted file-systems on the system# display free disk space and mounted devices (use -h to show in human readable format)Code:mount | column -t
# Show all registered partitionsCode:df
Disk usageCode:nano -w /proc/partitions
# Directory sizes as listing# Total directory size of the current directoryCode:du -sh *
# Sort everything by size in kilobytesCode:du -csh
# Show files, biggest lastCode:du -ks * | sort -n -r
Find out who has which files openedCode:ls -lSr
This is useful to find out which file is blocking a partition which has to be unmounted and gives a typical error of:
# umount impossible because a file is locking home
A lot of linux OSs can use fstat for this sort of thing, ubuntu appears not to have it, i will look for another tool for thisCode:umount /home/
umount: unmount of /home
failed: Device busy
Find opened log file (or other opened files), say for your Xorg log file:
#example output:Code:ps ax | grep Xorg | awk '{print $1}'
The file with inum 212042 is the only file in /var:Code:1252
# example ouptut:Code:find -x /var -inum 212042
Find opened files on a mount point with fuser or lsof:Code:/var/log/Xorg.0.log
# List processes accessing /homeCode:fuser -m /home
#example output:Code:lsof /home
About an application:Code:COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
tcsh 29029 joe cwd DIR 0,18 12288 1048587 /home/joe (guam:/home)
lsof 29140 joe cwd DIR 0,18 12288 1048587 /home/joe (guam:/home)
# example output:Code:ps ax | grep Xorg | awk '{print $1}'
Code:3324
#example outputCode:lsof -p 3324
About a single file:Code:COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
Xorg 3324 root 0w REG 8,6 56296 12492 /var/log/Xorg.0.log
# example outputCode:lsof /var/log/Xorg.0.log
Mount/remount a file systemCode:COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
Xorg 3324 root 0w REG 8,6 56296 12492 /var/log/Xorg.0.log
For example, mounting your cdrom drive. If it is listed in /etc/fstab:
if notCode:mount /dev/cdrom
# typical ubuntu cdrom mount command# typical IDECode:mount -t auto /dev/cdrom /media/cdrom
# typical SCSI cdromCode:mount /dev/hdc -t iso9660 -r /media/cdrom
# typical SCSI -- must have ntfs-3g tool installed either install with apt-getCode:mount /dev/scd0 -t iso9660 -r /media/cdrom
# or you could swap ntfs-3g with ntfs if you have the ntfs kernel module installed.Code:mount /dev/sdc0 -t ntfs-3g /media/windows
Entry in /etc/fstab:Code:mount /dev/sdc0 -t ntfs /media/windows
RemountCode:/dev/cdrom /media/cdrom auto noauto,fs=cdfss,ro,procuid,nosuid,nodev,exec 0 0
Remount a device without unmounting it. Necessary for fsck for example
Copy the raw data from a cdrom into an iso image:Code:mount -o remount,ro /
Add swap on-the-flyCode:dd if=/dev/cdrom of=file.iso
Suppose you need more swap (right now), say a 2GB file /swap2gb.
# create the swap areaCode:dd if=/dev/zero of=/swap2gb bs=1024k count=2000
# activate the swap.Code:mkswap /swap2gb
# when done deactivate the swapCode:swapon /swap2gb
# remove the swapCode:swapoff /swap2gb
Mount a samba shareCode:rm /swap2gb
Suppose we want to access the SMB share myshare on the computer smbserver,
the address as typed on a Windows PC is \\smbserver\myshare\.
We mount on /mnt/smbshare. Warning> cifs wants an IP or DNS name, not a Windows name.
# List the sharesCode:smbclient -U user -I 192.168.16.229 -L //smbshare/
Code:mount -t smbfs -o username=winuser //smbserver/myshare /mnt/smbshare
Additionally with the package mount.cifs it is possible to store the credentialsCode:mount -t cifs -o username=winuser,password=winpwd //192.168.16.229/myshare /mnt/share
in a file, for example /home/user/.smb:
username=winuser
password=winpwd
And mount as follow:
Mount an imageCode:mount -t cifs -o credentials=/home/user/.smb //192.168.16.229/myshare /mnt/smbshare
# Mount a CD image# Mount an image with ext3 fs[code]mount -t ext3 -o loop file.img /mnt/image [/code]Create and burn an ISO imageCode:mount -t iso9660 -o loop file.iso /mnt/image
This will copy the cd or DVD sector for sector. Without conv=notrunc,
the image will be smaller if there is less content on the cd.
See below and the dd examples.
Use mkisofs to create a CD/DVD image from files in a directory.Code:dd if=/dev/cdrom of=/tmp/mycd.iso bs=2048 conv=notrunc
To overcome the file names restrictions: -r enables the Rock Ridge
extensions common to UNIX systems, -J enables Joliet extensions used
by Microsoft systems. -L allows ISO9660 filenames to begin with a period.
Also use cdrecord with Linux as described above. Additionally it is possible toCode:mkisofs -J -L -r -V TITLE -o imagefile.iso /path/to/dir
use the native ATAPI interface which is found with:
And burn the CD/DVD as above.Code:cdrecord dev=ATAPI -scanbus
dvd+rw-tools
The dvd+rw-tools package can do it all and includes growisofs to burn CDs or DVDs.
The examples refere to the dvd device as /dev/dvd which could be a symlink to /dev/scd0
(typical scsi on Linux), although you will probably want /dev/cdrom.
# -dvd-compat closes the disk
# Burn existing iso image# Burn directlyCode:growisofs -dvd-compat -Z /dev/dvd=imagefile.iso
Convert a Nero .nrg file to .isoCode:growisofs -dvd-compat -Z /dev/dvd -J -R /p/to/data
Nero simply adds a 300Kb header to a normal iso image. This can be removed with dd.
# Backup .nrg file first before doing this just in-caseConvert a bin/cue image to .isoCode:dd bs=1k if=imagefile.nrg of=imagefile.iso skip=300
The little bchunk programhttp://freshmeat.net/projects/bchunk/ can do this.
Can install from the ubuntu repos with sudo apt-get install bchunk
Create a file based imageCode:bchunk imagefile.bin imagefile.cue imagefile.iso
Code:dd if=/dev/zero of=/usr/vdisk.img bs=1024k count=1024
Code:mkfs.ext3 /usr/vdisk.img
# CleanupCode:mount -o loop /usr/vdisk.img /mnt/mountpoint
Linux with losetupCode:umount /mnt; rm /usr/vdisk.img
/dev/zero is much faster than urandom, but less secure for encryption.
# Creates and associates /dev/loop0Code:dd if=/dev/urandom of=/usr/vdisk.img bs=1024k count=1024
Code:losetup /dev/loop0 /usr/vdisk.img
Code:mkfs.ext3 /dev/loop0
# Check used loopsCode:mount /dev/loop0 /mnt
Code:losetup -a
# DetachCode:umount /mnt
Code:losetup -d /dev/loop0
Create a memory file systemCode:rm /usr/vdisk.img
A memory based file system is very fast for heavy IO application. How to create a 64 MB partition mounted on /memdisk:
Disk performanceCode:mount -t tmpfs -osize=64m tmpfs /memdisk
Read and write a 1 GB file on partition sda2 (/home)
Code:time dd if=/dev/sda2 of=/dev/null bs=1024k count=1000
Code:time dd if=/dev/zero bs=1024k count=1000 of=/home/1Gb.file
Happy Ubuntuing :)Code:hdparm -tT /dev/hda