Often Useful often forgotten unix commands
From MohanCheema
[edit]
Often useful, often forgotten, unix commands.
Here I have tried to list the commands that are useful for us (sys admins) but we still tend to forget. Listed here are a bunch of unix commands.
-> change file date stamp touch -t 199906042020 filename
-> move partitions ufsdump 0f - /dev/rdsk/c0t0s0s0 | (cd /home; ufsrestore xv -)
-> lay down file system with 1% minfree and inode density newfs -m1 -i81920 /dev/rdsk/c0t0d0s0
-> check file system fsck /dev/rdsk/c0t0d0s0
Q: starting sybase login as sybase, run: ./install/RUN_SYBASE
Q: logging in as sybase sa isql -U sa
-> dump a partition and pipe to gzip. Watch > 2GB limit ufsdump 0f - /home | gzip - >/tmp/home.dump.gz
-> rewind offline a tape mt -f /dev/rmt/0 rewoffl
-> only allow 300MB for user /tmp access swap - /tmp tmpfs - yes SIZE=300M
-> verbose interactive restore ufsrestore -ivf /dev/rmt/1
-> remove a printer from a class lpadmin -p level5-line1 -r level5-line
-> truss a command truss --f --o /tmp/log.txt
-> [DB] feed a script into sybase isql -Urfe_xfer -Uuser -Ppassword -isqlscript >>blah.txt
-> make a printer class lpadmin -p level5-line1 -c level5-line
-> remove level2-line2 printer from printer class level2-line lpadmin -p level2-line2 -r level2-line
-> add level2-line3 to printer class lpadmin -c level2-line -p level2-line3
-> [DB] how to change your password in isql sp_password password, password-new
-> move a directory tar cf - ./games | (cd /tmp; tar xvBpf - )
-> [DB] run a sybase script, and dump to file $ISQL -i$SCRIPTFILE -U$USER -D$DATABASE -P$PASS_ENC >> $SCRIPTLOGFILE
-> move a directory to another server tar cf - ./games | rsh brucey cd /tmp; tar xvBpf -
-> check for SUID SGID files
ncheck -F ufs -s /dev/dsk/c3t0d0s
-> remove core files
find / -name core -exec rm -f {} ; -o -fstype nfs -prune
-> rebuild man pages catman -w -M man-page-directory or /usr/lib/makewhatis
-> vi command to show special characters : set list
-> adding an account useradd -u 120 -g dls -d /apps/dls -s /bin/ksh -c "comment" -m dls
-> create a mysql database mysqladmin -uroot -ppassword create ebs
-> starting mysql database /etc/rc.d/init.d/mysql.server start /usr/local/bin/safe_mysqld
-> Invoke CPAN module install perl -MCPAN -eshell
-> dump to zip ufsdump 0f - /filesystem | /opt/local/gzip - > /tmp/dump.gz
-> shutdown mysql databse /usr/local/bin/mysqladmin shutdown -ppassword /etc/rc.d/init.d/mysql.server stop
-> test the loading of a module PERLDLDEBUG=255 perl -e .use CGI;.
-> shows open files fuser -cu /
-> Writing a Daemon:
1. edit /etc/services add service and port.
2. edit /etc/inetd.conf add in: edwardd stream tcp nowait root /bin/sh /bin/sh /home/sextone/bin/SERVER.mine
3. kill -HUP inetd.conf
-> how to mount a file system mount /dev/dsk/c3t0d0s4 /apps/data/easysoft/DEVT
-> look at sar log sar -f /var/adm/sa/sa24
-> write file checksums and size cksum filename
-> show storage array info ssaadm display /dev/rdsk/c1t5d2s0 -> show all disks on device d luxadm display d
-> examine for a specific OS finerprint nmap -sS -p 80 -O -v = examine OS
-> show print jobs /usr/ucb/lpq -Plevel6
-> Scan for known ports. log it. do OS scan.
nmap -sS -F -o foo.log -v -O www.foo.com//24 =
-> show status of printer /usr/ucb/lpc status
-> make a swap file: dd if=/dev/zero of=swapfile bs=1024 count=65535 mkswap ./swapfile chmod 600 ./swapfile swapon ./swapfile
-> show open files for process lsof -p PID
-> show open files for all TCP connections lsof -iTCP
-> show open files for internet address lsof -iTCP@10.20.2.9
-> as above lsof -i @10.20.2.122
-> examine tcp ports lsof -iTCP@sarah:1-50000
-> show open files for user. lsof -u username
-> show processes that has the file in use. lsof /apps/cms/ECMS-Server
-> show open files and retry every 5 seconds lsof -p process-id -r 5
-> mount a floppy mount -t vfat /dev/fd0 /mnt/floppy
-> check here for debugging processes and errno.h for errors /usr/include /usr/include/sys /usr/include/sys/errno.h
-> scp a whole directory, preserve mods sudo scp -prv devel webadmin@203.19.123.140:/home/httpd/cgi-bin
-> take processor 2 and 3 offline. psradm -f 2 3 -> show processor stats verbose. psrinfo -v
-> how to skip grant tables in mysql (over ride security) /usr/local/libexec/mysqld -Sg
-> how to feed in an SQL program mysql rm all files in directories find . -type f -exec rm {} ;
-> dump packets to a capture file sudo snoop -o /tmp/tcp.txt cp
-> backup one liner tar cvf - /home/ebs | gzip - > ebs.tar.gz
-> Look at selected packets in capture file sudo snoop -i /tmp/tcp.txt
-> unzip and pipe to tar gzip -dc watch packets from two servers. snoop sarah brucey
-> enable ip masquerading /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -s 10.100.100.100/8 -j MASQ
-> view su log file cat /var/adm/sulog
-> establish a default router or gateway.
echo "sagacity.com" > /etc/defaultrouter
echo "10.100.100.100 sagacity.com sagacity" >> /etc/hosts
change /etc/nsswitch.conf so that hosts has files, dns
edit resolv.conf put in
search .
nameserver 203.7.132.98
-> turn off automounter on /export/home. vi /etc/auto_master, comment out /export/home
-> configuration file for sudoers /opt/local/etc/sudoers
-> building ssh-1.2.27 on x86Solaris2.6 needed a few things:
/usr/openwin/bin in path /usr/xpg4/bin in path
declare AR="/usr/xpg4/bin/ar"
declare NM_PATH="/usr/xpg4/bin/nm"
-> snoop network packets and get size and time stamp entries. snoop -S -ta empa1
-> access perl CPAN perl -MCPAN -e shell install DBI
-> search for no password entries and lock all accounts.
for i in passwd -sa | grep NP | awk .{print $1. do echo "locking $i?? passwd -l $i done
-> delete from a tar tar -delete -f fsbackupSunday.tar home/ebs/tmp
-> Example on backing up files to tape. Must specify non rewinding, else you will over-write the files.
for file in ls do echo "sending $file to tape..." echo date tar cvpf /dev/rmt/0n $file done
-> making/adding a partition.
1. use fdisk to make a parition.
2. mkfs -t ext2 -c /dev/hda11
3. mount -t ext2 /dev/hda11 /opt2
4. update /etc/fstab
-> rebuild the windex file catman -w -M /usr/share/man
-> execute tar on remote host sarah and send tarball to standard output, which becomes standard input for tar xvf -
and the file gets dumped locally,
in this case on crawl. you have to cd to dir before tar or else you will include path in tar
ssh maggie "cd $DIRNAME; tar cvf - $BASENAME" | (cd $TPATH; tar xvf - )
-> dump a remote filesystem and send it to local tape drive. ssh --x $fw /usr/sbin/ufsdump 0cf - $fs | dd obs=63k of=$TAPE
-> encrypt filename 1 and output to 1.crypt file crypt 1.crypt ; rm 1
-> decrypt filename 1.crypt and stdout to screen crypt send a file to tape tar cvpf /dev/rmt/0 filename
-> quicker way to search and replace in vi : %s/existing/new/g
-> shows where and which shared library files an application uses. ldd binary
-> shell script stuff:
repeat a command 100 times
x=100 while [ $x -gt 0 ] do command x=$(($x-1)) done
-> Something very important to remember about partitions It is important to note that Cylinder 0 contains the disklabel,
which contains the partition table.
A normal filesystem can be placed starting at Cylinder 0, since it will not touch the disklabel.
If you lay down a raw device, for a database, over Cylinder 0, then you will completely lose all your partitions.
You will then have to restore the disklabel, and backup from tape if you happen to do this.
-> move a partition find . |cpio -pdm /apps
-> cron structure min hour day-of-month month weekday command
-> PatchDiag Tool. Get patches from: http://sunsolve.sun.com/private-cgi/patchpage.pl patchdiag.xref is available at: Sun's Website
/opt/local/bin/patchdiag -x /opt/local/lib/patchdiag.xref > patchdiag.uname -n
-> command showing system parameters /usr/sbin/sysdef
-> Get Ambient Temperature of Server /usr/platform/SUNW,Ultra-4/sbin/prtdiag -v
-> good ps formatting showing percent cpu first. ps -edf -o pcpu,pid,user,arg
-> full details on ps /usr/bin/ps -A -o user,pid,pcpu,pmem,vsz,rss,tty,s,stime,time,args
-> chown the hidden files as well. find . -print -exec chown -R sextone:staff {} ;
-> The nsradmin command is a command-line based administrative program for the NetWorker system.
Normally nsradmin monitors and modifies NetWorker resources over the network. /usr/sbin/nsr/nsradmin
-> Spray a server -c number of packets -d delay in microseconds -l pakcet size in bytes /usr/sbin/spray -c 1 -d 20 -l 4096 maggie
-> Turn on bold. bold=tput smso offbold=tput rmso echo "${bold}You must be the "root" user to run this script.${offbold}"
-> good way to send a dir to tape tar cf /dev/rmt/0n directory
-> example of bringing up an interface ifconfig hme0:1 inet 10.2.25.52 up
-> show all connections netstat -f inet
-> rpcinfo makes an RPC call to an RPC server and reports what it finds. rpcinfo -b 390109 2 | sort -u
-> rewind a tape fast show loaded modules /usr/sbin/modinfo
-> find world readable files and dirs find / -type d -perm -2 -print find . -type f -perm -2 -print
-> adding in a boot alias, eg: boot sarahroot1 -s nvalias sarahroot1 /sbus@1f,0/sunw,fas@e,8800000/sd@9,0:a
-> clever way to archive tar cvf - find . -print >/tmp/dumpfile.tar tar xvf -
tee to a file echo "Start Date/Time: date" | tee -a $LOG_FILE
-> read a snoop file snoop -i anz-telnet.snoop
-> write a snoop log (this will count the number of connections, which is pretty neat). snoop -osnoop.log sarah
-> set default run level. 5 for gui. /etc/inittab
-> show all exported filesystems showmount -e crawl
-> shows all configurable variables for tcp interface.
sudo ndd -get /dev/tcp - ? eg: sudo ndd -get /dev/tcp tcpconnreqmaxq 128
ndd /dev/arp ? ndd /dev/ip ? ndd /dev/tcp ? ndd /dev/udp ? ndd /dev/icmp ?
-> set sticky bit on group files, only the owner can change the mode.
-> the +l is mandatory file and record locking while a program -> is accessing that file. chmod g+s,+l file
-> print duplex landscape 4 qudrant printing mpage -t -l -4
-> install a patch installpatch .
-> check to see if a patch has been installed showrev -p |grep package name
-> unzip, untar in a /tmp directory zcat 104708-16.tar.gz | ( cd /tmp; sudo tar xvf - )
-> check out revision level on ssa controller /usr/sbin/ssaadm display controller
-> unzip and untar a file without having to create an intermediate tar file sudo gzip -dc /tmp/270599/post-EOD.tar.gz |tar xvf -
-> selectively extract from a tar archive tar xvf /tmp/iona.tar ./iona/.sh_history
-> send a bunch of files to tape tar cf /tmp/rules.tar ruleb* objects.C *.W
-> examine section 5 of man man -s 5 signal
-> shows signals and definitions of structures, eg sigaction /usr/include/sys/signal.h
-> location of the limits file on solaris /usr/include/limits.h
-> send an attachment via email from command prompt uuencode file.tar.gz file.tar.gz | mailx -s "backup?? root@crawl
-> zero a file cat /dev/null > isam.log
-> good way to restore from cdrom a binary file zcat running su as a user then
ssh su - dls-PROD -c "/opt/local/bin/ssh drp-stagger "cd /tmp; /bin/ls" "
-> verify a newfs format sudo newfs -Nv /dev/md/dsk/d96
-> making lost_found. must be 8192 bytes in size.
1. mkdir ./lost+found
2. chown root ./lost+found
3. chgrp root ./lost+found
4. chmod 700 ./lost+found.
5. cd ./lost+found nofiles=0
6. while [ "$nofiles" -le 650 ] ; do ; /usr/ucb/touch $nofiles ; nofiles=expr $nofiles + 1 ; done
-> execute lynx lynx -cfg /usr/lib/lynx.cfg
-> sed search example sed ./Sep 25/!d; /castill/!d. /var/log/syslo
->should only be used at the EEPROM boot -r ->
should be used at single user mode reboot - -r -> should be used in multiuser mode touch /reconfigure
-> performing a remote dump
find MFASYS |cpio -oc |gzip -c |ssh brucey -l chaup dd obs=18k of=/dev/rmt/0n
* to extract - cd /ssa/emphasys/sybase/dump dd ibs=18k if=|gunzip -c |cpio -idc
-> boot block located here. /usr/platform/uname -i/lib/fs/ufs
-> getting a server on the network add hosts entry for IP address clear configs:
ifconfig pe0 unplumb
ifconfig pe0 10.20.2.27 netmask 255.0.0.0 up
route add default 10.20.0.1
1 verify the routing table: netstat -rn
add resolv.conf entry:
domain rabobank.com.au
nameserver 192.192.192.252
edit /etc/nsswitch.conf change hosts to files, dns
lesson here is to unplumb interface, and let ifconfig setup the routing.
if you specify an ip address and a netmask it will manage the routing and the broadcasting.
-> find all, files associated with PID 22240 /usr/proc/bin/pfiles 22240 find file based on inode find -i number "ncheck -i number
-> good redirection example ./a.out trash
-> synchronize files from one server to another. This is useful for synchronizing database dump files, binary files, etc.
This is definitely a powerful tool.
rsync -avz -e ssh -rsync-path="/usr/local/bin/rsync" pwd myhost.com:/home/ebs/public_html
-> Example Awk Script
run with awk -f/tmp/1.awk /etc/group
BEGIN { FS = ":" } { print $1 | "sort" } { nlines++ } END { print nlines }
-> awk example. awk ./#/ {print "Got a comment"}. /etc/hosts
-> delete every 2nd field in file awk .{$2= ""; print}. datafile > datafile.new
-> Setting Prompt PS1="hostname($LOGNAME)->"
mount syntax
mount 10.0.20.41:/mnt/cdrom /mnt/cdrom
ldapsearch syntax
ldapsearch -h mainldap -b 'o=domainname.com,c=us' cn="*"
ldapmodify syntax
ldapmodify -h masterldap -D 'cn=Directory Manager,o=domainname.com,c=US' -r -f /tmp/user.ldif -w
"password123"
ldapadd syntax
ldapadd -f user.ldif -D 'cn=Directory Manager,o=domainname.com,c=US' -w "password"
ldapdelete syntax
ldapdelete -f martin.ldif -D "cn=Directory Manager,o=domainname.com,c=US" -w "password"
sendmail debugging
sendmail -bt -d0.1,21.12
truss -fae -o /tmp/truss.log -p
Count System Calls
truss -c
Debugging processes in Linux: strace
strace -a80 -f
strace -a80 -f -p
manually setting date/time
date 07091427.00 Syntax: (mmddhhmm.ss)
make a large file
(linux) dd if=/dev/zero of=bigfie bs=1024 count=65536
(sun) mkfile bigfile 65m
count number of open files
lsof | awk '{ print $1 }' | uniq -c | sort -n | awk '{print $1}' | awk ' BEGIN { a=0; } {a+=$1;} END {print a; }'
apache bench marking
/usr/sbin/ab -n 100 -c 100 http://register.domainname.com:80/registe/index.ecgi
using dtterm with ssh, $1 is the hostname argument, eg: ./go va5-prod-101
dtterm -geometry 80x50 -n $1 -title $1 -bg $BG -fg $FG -cr $CR -sb -aw -e /usr/local/bin/ssh.binary
$LOGNAME@$1 &
global search and replace in vi
:%s/oldstring/newstring/g
Using php to md5 encrypt
echo "" | php -q
delete all ldap entries
$ ldapsearch -h mainldap -b 'o=domainname.com,c=us' cn="*" >/tmp/all.ldif
$ ldapdelete -c -f /tmp/all.ldif -D "directory Manager,o=domainname.com,c=us" -w password
run again the ldapdelete, this will remove non-leaf nodes. it is a hack but it works.
testing radius logins
Usage: radtest login passwd server:port nas_port_id secretkey
radtest ebs password localhost localhost testing123
Writing to HPOV
opcmsg sev=normal app=Apache MsgGroup=Web_Apps node=va5-prod-101 msg_text=Your message
goes here.
sev=normal|warning|minor|major|critical
LDAP and STDIN
ldapsearch -h mainldap -b 'o=domainname.com,c=US' cn=ed_904 | ldapdelete -c -D "cn=Directory
Manager,o=domainname.com,c=US" -w secret_password
ldapsearch -h mainldap -b 'o=domainname.com,c=US' cn=ed_904 | ldapdelete -c -D "cn=Directory
Manager,o=domainname.com,c=US" -w secret_password
Use -c to continue if errors are detected.
Oracle: deleting a username
sqlplus register ; SQL> exec maint.del_user('USERID');
Oracle: Decryption
select reg_crypt.pwd_decrypt(screen_pwd) from screen_name where screen_name='username';
select reg_crypt.pwd_decrypt(screen_pwd) from screen_name where screen_name='username';
select reg_crypt.pwd_decrypt(security_question_answer) from screen_name where
screen_name='username';
select vbl_crypt.cc_decrypt(credit_card_num) from vbl_user_creditcard;
select reg_crypt.pwd_decrypt(CENTER_PASSWORD) from CENTER where
CENTER_PUBLIC_SCREENNAME='username';
LDAP Information
ldapsearch -s base -b cn=monitor 'objectclass=#'
MPortal: fix mysql links for web guide management
use portal; select * from web_title where title_id=16 and title_code=0; update web_title set
title_code=11 where title_id=16 and title_code=0;
keyword search all files and print file names and date/size
find . -type f -exec grep -l search_word {} ; | xargs ls -al
remove encrypted key from cert
( cd /etc/httpd/conf/ssl.key && openssl rsa -in home.domainname.com.key -out home.domainname.com.key)
broadcast ping
for host in `ping -b 10.0.101.255 -c 2 | awk '{print $4}' | grep "^10" |sed s/.$//g`; do echo -n "$host ";
nslookup $host 2>/dev/null | grep Name; echo ;done
Find all files a process tries to open
truss -t !all -t open
ldapsearch operators
AND operator:
ldapsearch -h mainldap -b 'ou=1,o=domainname.com, c=US' "(&(suffixflag=0)(loginname=eval*))"
OR operator:
ldapsearch -h mainldap -b 'ou=1,o=domainname.com, c=US' "(|(loginname=thanurak)(loginname=ebs))"
Adding a NewLine character with sed. Use a backslash
ldapsearch -h mainldap -b 'ou=1,o=domainname.com, c=US' cn=ebs | sed
s/suffixflag=0/userid=000000000000/g
Adding a New field to existing LDAP database (this will add new field: foo=bar
ldapsearch -h masterldap -b o=domainname.com,c=us cn=loopy | awk '{print} /suffixflag=0/{print
"foo=bar"}' | ldapmodify -r -h masterldap -D "cn=Directory Manager, o=domainname.com, c=US" -w xxx
Continuing a process
If /proc/$PID/status ever shows a State: T (Stopped), then start it with this signal:
kill -SIGCONT pid
Oracle shutdown
export ORACLE_SID ; sqlplus internal ; select * from v$database; shutdown immediate;
Interesting Oracle views
v$sga;
v$session
using uuencode for file transfer
$ uuencode filename filename | mail esexton@sun1-noc
eg: uuencode tnsnames.ora tnsnames.ora | mail esexton@sun1-noc
tar cvf - * | uuencode backup.tar | mail esexton@sun1-noc
(linux) $ tar zcvf - * | uuencode backup.tar.gz | mail esexton@sun1-noc
(sun) $ tar cvf - * | gzip - | uuencode backup.tar.gz | mailx esexton@sun1-noc
LDAP protocol 2 specific commands
LDAP protocol 2 query:
ldapsearch -LLL -P2 -x -h mainldap.domainname-inc.com -b 'o=domainname.com, c=us' cn=guest
ldapdelete -x "cn=j2, ou=1, o=domainname.com, c=US" -w
ldapsearch -x -LLL -b 'o=domainname.com, c=US' cn=j2
ldapadd -x -f newadd1.ldif -D "cn=Directory Manager,o=domainname.com,c=us" -w ""
Tailing tcpdump
tcpdump -l udp > dat & tail -f dat
mysql date select
SELECT * FROM `connection` where login_time > "2002-12-01 00:00:01"
RPM extract commands
Get a content listing:
rpm2cpio web-programs.rpm | cpio -it
Extract Specific File:
rpm2cpio web-programs.rpm | cpio -idm
Extract Entire contents:
rpm2cpio web-programs.rpm | cpio -ivd
Sendmail
Testing aliases and routing.
echo "3,0 nreynolds@domainname.com" | sendmail -bt -d60.1
echo "3,0 nreynolds@domainname.com" | sendmail -bt -d60.1 -d21.12
use sed to translate a space to a newline
sed 's/ /
/g' filename
Bind version
nslookup -q=txt -class=CHAOS version.bind. 0
dig @host version.bind chaos txt
named -v
Query MX record
nslookup -q=mx server-name
freebsd
pkg_add package.tgz
MySQL
Too many indexes on a table will cause delete operations to be slow.
Linux Route
route add -net 10.0.19.0 netmask 255.255.255.0 gw 10.0.101.4
/etc/sysconfig/static-routes:
eth0 net 10.0.19.0 netmask 255.255.255.0 gw 10.0.101.4
route del -net 10.0.19.0 gw 10.0.101.4 netmask 255.255.255.0
If you liked the Article and it has helped you and would like to donate please Click Here or donate button below the amount is totally up to you. This will help me to keep mysite up and running.
BlogMarks
del.icio.us
digg
Fark
Furl
Newsvine
reddit
Segnalo
Simpy
Slashdot
smarking
Spurl
Wists
