• Tweet

• Tweet

Here I have tried to list the commands that are useful for us (sys admins) but we still tend to forget. Listed here are a bunch of unix commands.

-> change file date stamp touch -t 199906042020 filename

-> move partitions ufsdump 0f - /dev/rdsk/c0t0s0s0 | (cd /home; ufsrestore xv -)

-> lay down file system with 1% minfree and inode density newfs -m1 -i81920 /dev/rdsk/c0t0d0s0

-> check file system fsck /dev/rdsk/c0t0d0s0

Q: starting sybase login as sybase, run: ./install/RUN_SYBASE

Q: logging in as sybase sa isql -U sa

-> dump a partition and pipe to gzip. Watch > 2GB limit ufsdump 0f - /home | gzip - >/tmp/home.dump.gz

-> rewind offline a tape mt -f /dev/rmt/0 rewoffl

-> only allow 300MB for user /tmp access swap - /tmp tmpfs - yes SIZE=300M

-> verbose interactive restore ufsrestore -ivf /dev/rmt/1

-> remove a printer from a class lpadmin -p level5-line1 -r level5-line

-> truss a command truss --f --o /tmp/log.txt

-> [DB] feed a script into sybase isql -Urfe_xfer -Uuser -Ppassword -isqlscript >>blah.txt

-> make a printer class lpadmin -p level5-line1 -c level5-line

-> remove level2-line2 printer from printer class level2-line lpadmin -p level2-line2 -r level2-line

-> add level2-line3 to printer class lpadmin -c level2-line -p level2-line3

-> [DB] how to change your password in isql sp_password password, password-new

-> move a directory tar cf - ./games | (cd /tmp; tar xvBpf - )

-> [DB] run a sybase script, and dump to file $ISQL -i$SCRIPTFILE -U$USER -D$DATABASE -P$PASS_ENC >> $SCRIPTLOGFILE

-> move a directory to another server tar cf - ./games | rsh brucey cd /tmp; tar xvBpf -

-> check for SUID SGID files
      ncheck -F ufs -s /dev/dsk/c3t0d0s

-> remove core files
      find / -name core -exec rm -f {} ; -o -fstype nfs -prune

-> rebuild man pages catman -w -M man-page-directory or /usr/lib/makewhatis

-> vi command to show special characters : set list

-> adding an account useradd -u 120 -g dls -d /apps/dls -s /bin/ksh -c "comment" -m dls

-> create a mysql database mysqladmin -uroot -ppassword create ebs

-> starting mysql database /etc/rc.d/init.d/mysql.server start /usr/local/bin/safe_mysqld

-> Invoke CPAN module install perl -MCPAN -eshell

-> dump to zip ufsdump 0f - /filesystem | /opt/local/gzip - > /tmp/dump.gz

-> shutdown mysql databse /usr/local/bin/mysqladmin shutdown -ppassword /etc/rc.d/init.d/mysql.server stop

-> test the loading of a module PERLDLDEBUG=255 perl -e .use CGI;.

-> shows open files fuser -cu /

-> Writing a Daemon:
      1. edit /etc/services add service and port.
      2. edit /etc/inetd.conf add in: edwardd stream tcp nowait root /bin/sh /bin/sh /home/sextone/bin/SERVER.mine
      3. kill -HUP inetd.conf

-> how to mount a file system mount /dev/dsk/c3t0d0s4 /apps/data/easysoft/DEVT

-> look at sar log sar -f /var/adm/sa/sa24

-> write file checksums and size cksum filename

-> show storage array info ssaadm display /dev/rdsk/c1t5d2s0 -> show all disks on device d luxadm display d

-> examine for a specific OS finerprint nmap -sS -p 80 -O -v = examine OS

-> show print jobs /usr/ucb/lpq -Plevel6

-> Scan for known ports. log it. do OS scan.
nmap -sS -F -o foo.log -v -O www.foo.com//24 =

-> show status of printer /usr/ucb/lpc status

-> make a swap file: dd if=/dev/zero of=swapfile bs=1024 count=65535 mkswap ./swapfile chmod 600 ./swapfile swapon ./swapfile

-> show open files for process lsof -p PID

-> show open files for all TCP connections lsof -iTCP

-> show open files for internet address lsof -iTCP@10.20.2.9

-> as above lsof -i @10.20.2.122

-> examine tcp ports lsof -iTCP@sarah:1-50000

-> show open files for user. lsof -u username

-> show processes that has the file in use. lsof /apps/cms/ECMS-Server

-> show open files and retry every 5 seconds lsof -p process-id -r 5

-> mount a floppy mount -t vfat /dev/fd0 /mnt/floppy

-> check here for debugging processes and errno.h for errors /usr/include /usr/include/sys /usr/include/sys/errno.h

-> scp a whole directory, preserve mods sudo scp -prv devel webadmin@203.19.123.140:/home/httpd/cgi-bin

-> take processor 2 and 3 offline. psradm -f 2 3 -> show processor stats verbose. psrinfo -v

-> how to skip grant tables in mysql (over ride security) /usr/local/libexec/mysqld -Sg

-> how to feed in an SQL program mysql rm all files in directories find . -type f -exec rm {} ;

-> dump packets to a capture file sudo snoop -o /tmp/tcp.txt cp

-> backup one liner tar cvf - /home/ebs | gzip - > ebs.tar.gz

-> Look at selected packets in capture file sudo snoop -i /tmp/tcp.txt

-> unzip and pipe to tar gzip -dc watch packets from two servers. snoop sarah brucey

-> enable ip masquerading /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -s 10.100.100.100/8 -j MASQ

-> view su log file cat /var/adm/sulog

-> establish a default router or gateway.
      echo "sagacity.com" > /etc/defaultrouter
      echo "10.100.100.100 sagacity.com sagacity" >> /etc/hosts
      change /etc/nsswitch.conf so that hosts has files, dns
      edit resolv.conf put in
      search .
      nameserver 203.7.132.98

-> turn off automounter on /export/home. vi /etc/auto_master, comment out /export/home

-> configuration file for sudoers /opt/local/etc/sudoers

-> building ssh-1.2.27 on x86Solaris2.6 needed a few things:
      /usr/openwin/bin in path /usr/xpg4/bin in path
      declare AR="/usr/xpg4/bin/ar"
      declare NM_PATH="/usr/xpg4/bin/nm"

-> snoop network packets and get size and time stamp entries. snoop -S -ta empa1

-> access perl CPAN perl -MCPAN -e shell install DBI

-> search for no password entries and lock all accounts.
      for i in passwd -sa | grep NP | awk .{print $1. do echo "locking $i?? passwd -l $i done

-> delete from a tar tar -delete -f fsbackupSunday.tar home/ebs/tmp

-> Example on backing up files to tape. Must specify non rewinding, else you will over-write the files.
      for file in ls do echo "sending $file to tape..." echo date tar cvpf /dev/rmt/0n $file done

-> making/adding a partition.
      1. use fdisk to make a parition.
      2. mkfs -t ext2 -c /dev/hda11
      3. mount -t ext2 /dev/hda11 /opt2
      4. update /etc/fstab

-> rebuild the windex file catman -w -M /usr/share/man

-> execute tar on remote host sarah and send tarball to standard output, which becomes standard input for tar xvf -
and the file gets dumped locally,
      in this case on crawl. you have to cd to dir before tar or else you will include path in tar
      ssh maggie "cd $DIRNAME; tar cvf - $BASENAME" | (cd $TPATH; tar xvf - )

-> dump a remote filesystem and send it to local tape drive. ssh --x $fw /usr/sbin/ufsdump 0cf - $fs | dd obs=63k of=$TAPE

-> encrypt filename 1 and output to 1.crypt file crypt 1.crypt ; rm 1

-> decrypt filename 1.crypt and stdout to screen crypt send a file to tape tar cvpf /dev/rmt/0 filename

-> quicker way to search and replace in vi : %s/existing/new/g

-> shows where and which shared library files an application uses. ldd binary

-> shell script stuff:
repeat a command 100 times

x=100 while [ $x -gt 0 ] do command x=$(($x-1)) done

-> Something very important to remember about partitions It is important to note that Cylinder 0 contains the disklabel,
      which contains the partition table.
      A normal filesystem can be placed starting at Cylinder 0, since it will not touch the disklabel.
      If you lay down a raw device, for a database, over Cylinder 0, then you will completely lose all your partitions.
      You will then have to restore the disklabel, and backup from tape if you happen to do this.

-> move a partition find . |cpio -pdm /apps

-> cron structure min hour day-of-month month weekday command

-> PatchDiag Tool. Get patches from: http://sunsolve.sun.com/private-cgi/patchpage.pl patchdiag.xref is available at: Sun's Website
      /opt/local/bin/patchdiag -x /opt/local/lib/patchdiag.xref > patchdiag.uname -n

-> command showing system parameters /usr/sbin/sysdef

-> Get Ambient Temperature of Server /usr/platform/SUNW,Ultra-4/sbin/prtdiag -v

-> good ps formatting showing percent cpu first. ps -edf -o pcpu,pid,user,arg

-> full details on ps /usr/bin/ps -A -o user,pid,pcpu,pmem,vsz,rss,tty,s,stime,time,args

-> chown the hidden files as well. find . -print -exec chown -R sextone:staff {} ;

-> The nsradmin command is a command-line based administrative program for the NetWorker system.
      Normally nsradmin monitors and modifies NetWorker resources over the network. /usr/sbin/nsr/nsradmin

-> Spray a server -c number of packets -d delay in microseconds -l pakcet size in bytes /usr/sbin/spray -c 1 -d 20 -l 4096 maggie

-> Turn on bold. bold=tput smso offbold=tput rmso echo "${bold}You must be the "root" user to run this script.${offbold}"

-> good way to send a dir to tape tar cf /dev/rmt/0n directory

-> example of bringing up an interface ifconfig hme0:1 inet 10.2.25.52 up

-> show all connections netstat -f inet

-> rpcinfo makes an RPC call to an RPC server and reports what it finds. rpcinfo -b 390109 2 | sort -u

-> rewind a tape fast show loaded modules /usr/sbin/modinfo

-> find world readable files and dirs find / -type d -perm -2 -print find . -type f -perm -2 -print

-> adding in a boot alias, eg: boot sarahroot1 -s nvalias sarahroot1 /sbus@1f,0/sunw,fas@e,8800000/sd@9,0:a

-> clever way to archive tar cvf - find . -print >/tmp/dumpfile.tar tar xvf -
tee to a file echo "Start Date/Time: date" | tee -a $LOG_FILE

-> read a snoop file snoop -i anz-telnet.snoop

-> write a snoop log (this will count the number of connections, which is pretty neat). snoop -osnoop.log sarah

-> set default run level. 5 for gui. /etc/inittab

-> show all exported filesystems showmount -e crawl

-> shows all configurable variables for tcp interface.
      sudo ndd -get /dev/tcp - ? eg: sudo ndd -get /dev/tcp tcpconnreqmaxq 128
      ndd /dev/arp ? ndd /dev/ip ? ndd /dev/tcp ? ndd /dev/udp ? ndd /dev/icmp ?

-> set sticky bit on group files, only the owner can change the mode.
-> the +l is mandatory file and record locking while a program -> is accessing that file. chmod g+s,+l file

-> print duplex landscape 4 qudrant printing mpage -t -l -4

-> install a patch installpatch .

-> check to see if a patch has been installed showrev -p |grep package name

-> unzip, untar in a /tmp directory zcat 104708-16.tar.gz | ( cd /tmp; sudo tar xvf - )

-> check out revision level on ssa controller /usr/sbin/ssaadm display controller

-> unzip and untar a file without having to create an intermediate tar file sudo gzip -dc /tmp/270599/post-EOD.tar.gz |tar xvf -

-> selectively extract from a tar archive tar xvf /tmp/iona.tar ./iona/.sh_history

-> send a bunch of files to tape tar cf /tmp/rules.tar ruleb* objects.C *.W

-> examine section 5 of man man -s 5 signal

-> shows signals and definitions of structures, eg sigaction /usr/include/sys/signal.h

-> location of the limits file on solaris /usr/include/limits.h

-> send an attachment via email from command prompt uuencode file.tar.gz file.tar.gz | mailx -s "backup?? root@crawl

-> zero a file cat /dev/null > isam.log

-> good way to restore from cdrom a binary file zcat running su as a user then
ssh su - dls-PROD -c "/opt/local/bin/ssh drp-stagger "cd /tmp; /bin/ls" "

-> verify a newfs format sudo newfs -Nv /dev/md/dsk/d96

-> making lost_found. must be 8192 bytes in size.
      1. mkdir ./lost+found
      2. chown root ./lost+found
      3. chgrp root ./lost+found
      4. chmod 700 ./lost+found.
      5. cd ./lost+found nofiles=0
      6. while [ "$nofiles" -le 650 ] ; do ; /usr/ucb/touch $nofiles ; nofiles=expr $nofiles + 1 ; done

-> execute lynx lynx -cfg /usr/lib/lynx.cfg

-> sed search example sed ./Sep 25/!d; /castill/!d. /var/log/syslo

->should only be used at the EEPROM boot -r ->
should be used at single user mode reboot - -r -> should be used in multiuser mode touch /reconfigure

-> performing a remote dump

find MFASYS |cpio -oc |gzip -c |ssh brucey -l chaup dd obs=18k of=/dev/rmt/0n

* to extract - cd /ssa/emphasys/sybase/dump dd ibs=18k if=|gunzip -c |cpio -idc

-> boot block located here. /usr/platform/uname -i/lib/fs/ufs

-> getting a server on the network add hosts entry for IP address clear configs:
      ifconfig pe0 unplumb
      ifconfig pe0 10.20.2.27 netmask 255.0.0.0 up
      route add default 10.20.0.1
      1 verify the routing table: netstat -rn
      add resolv.conf entry:
      domain rabobank.com.au
      nameserver 192.192.192.252
      edit /etc/nsswitch.conf change hosts to files, dns

lesson here is to unplumb interface, and let ifconfig setup the routing.
if you specify an ip address and a netmask it will manage the routing and the broadcasting.

-> find all, files associated with PID 22240 /usr/proc/bin/pfiles 22240 find file based on inode find -i number "ncheck -i number

-> good redirection example ./a.out trash

-> synchronize files from one server to another. This is useful for synchronizing database dump files, binary files, etc.
      This is definitely a powerful tool.
      rsync -avz -e ssh -rsync-path="/usr/local/bin/rsync" pwd myhost.com:/home/ebs/public_html

-> Example Awk Script
run with awk -f/tmp/1.awk /etc/group

BEGIN { FS = ":" } { print $1 | "sort" } { nlines++ } END { print nlines }

-> awk example. awk ./#/ {print "Got a comment"}. /etc/hosts

-> delete every 2nd field in file awk .{$2= ""; print}. datafile > datafile.new

-> Setting Prompt PS1="hostname($LOGNAME)->"

mount syntax
mount 10.0.20.41:/mnt/cdrom /mnt/cdrom

ldapsearch syntax
ldapsearch -h mainldap -b 'o=domainname.com,c=us' cn="*"

ldapmodify syntax
ldapmodify -h masterldap -D 'cn=Directory Manager,o=domainname.com,c=US' -r -f /tmp/user.ldif -w
"password123"

ldapadd syntax
ldapadd -f user.ldif -D 'cn=Directory Manager,o=domainname.com,c=US' -w "password"

ldapdelete syntax
ldapdelete -f martin.ldif -D "cn=Directory Manager,o=domainname.com,c=US" -w "password"

sendmail debugging
sendmail -bt -d0.1,21.12
truss -fae -o /tmp/truss.log -p
Count System Calls
truss -c

Debugging processes in Linux: strace
strace -a80 -f
strace -a80 -f -p

manually setting date/time
date 07091427.00 Syntax: (mmddhhmm.ss)

make a large file
(linux) dd if=/dev/zero of=bigfie bs=1024 count=65536
(sun) mkfile bigfile 65m

count number of open files
lsof | awk '{ print $1 }' | uniq -c | sort -n | awk '{print $1}' | awk ' BEGIN { a=0; } {a+=$1;} END {print a; }'

apache bench marking
/usr/sbin/ab -n 100 -c 100 http://register.domainname.com:80/registe/index.ecgi

using dtterm with ssh, $1 is the hostname argument, eg: ./go va5-prod-101
dtterm -geometry 80x50 -n $1 -title $1 -bg $BG -fg $FG -cr $CR -sb -aw -e /usr/local/bin/ssh.binary
$LOGNAME@$1 &

global search and replace in vi
:%s/oldstring/newstring/g

Using php to md5 encrypt
echo "" | php -q

delete all ldap entries
$ ldapsearch -h mainldap -b 'o=domainname.com,c=us' cn="*" >/tmp/all.ldif
$ ldapdelete -c -f /tmp/all.ldif -D "directory Manager,o=domainname.com,c=us" -w password
run again the ldapdelete, this will remove non-leaf nodes. it is a hack but it works.

testing radius logins
Usage: radtest login passwd server:port nas_port_id secretkey

radtest ebs password localhost localhost testing123

Writing to HPOV
opcmsg sev=normal app=Apache MsgGroup=Web_Apps node=va5-prod-101 msg_text=Your message
goes here.
sev=normal|warning|minor|major|critical

LDAP and STDIN
ldapsearch -h mainldap -b 'o=domainname.com,c=US' cn=ed_904 | ldapdelete -c -D "cn=Directory
Manager,o=domainname.com,c=US" -w secret_password
ldapsearch -h mainldap -b 'o=domainname.com,c=US' cn=ed_904 | ldapdelete -c -D "cn=Directory
Manager,o=domainname.com,c=US" -w secret_password
Use -c to continue if errors are detected.

Oracle: deleting a username
sqlplus register ; SQL> exec maint.del_user('USERID');

Oracle: Decryption
select reg_crypt.pwd_decrypt(screen_pwd) from screen_name where screen_name='username';
select reg_crypt.pwd_decrypt(screen_pwd) from screen_name where screen_name='username';
select reg_crypt.pwd_decrypt(security_question_answer) from screen_name where
screen_name='username';
select vbl_crypt.cc_decrypt(credit_card_num) from vbl_user_creditcard;
select reg_crypt.pwd_decrypt(CENTER_PASSWORD) from CENTER where
CENTER_PUBLIC_SCREENNAME='username';

LDAP Information
ldapsearch -s base -b cn=monitor 'objectclass=#'

MPortal: fix mysql links for web guide management
use portal; select * from web_title where title_id=16 and title_code=0; update web_title set
title_code=11 where title_id=16 and title_code=0;

keyword search all files and print file names and date/size
find . -type f -exec grep -l search_word {} ; | xargs ls -al

remove encrypted key from cert
( cd /etc/httpd/conf/ssl.key && openssl rsa -in home.domainname.com.key -out home.domainname.com.key)

broadcast ping
for host in `ping -b 10.0.101.255 -c 2 | awk '{print $4}' | grep "^10" |sed s/.$//g`; do echo -n "$host ";
nslookup $host 2>/dev/null | grep Name; echo ;done

Find all files a process tries to open
truss -t !all -t open

ldapsearch operators

AND operator:
ldapsearch -h mainldap -b 'ou=1,o=domainname.com, c=US' "(&(suffixflag=0)(loginname=eval*))"

OR operator:
ldapsearch -h mainldap -b 'ou=1,o=domainname.com, c=US' "(|(loginname=thanurak)(loginname=ebs))"

Adding a NewLine character with sed. Use a backslash
ldapsearch -h mainldap -b 'ou=1,o=domainname.com, c=US' cn=ebs | sed
s/suffixflag=0/userid=000000000000/g

Adding a New field to existing LDAP database (this will add new field: foo=bar
ldapsearch -h masterldap -b o=domainname.com,c=us cn=loopy | awk '{print} /suffixflag=0/{print
"foo=bar"}' | ldapmodify -r -h masterldap -D "cn=Directory Manager, o=domainname.com, c=US" -w xxx

Continuing a process
If /proc/$PID/status ever shows a State: T (Stopped), then start it with this signal:
kill -SIGCONT pid

Oracle shutdown
export ORACLE_SID ; sqlplus internal ; select * from v$database; shutdown immediate;

Interesting Oracle views
v$sga;
v$session

using uuencode for file transfer
$ uuencode filename filename | mail esexton@sun1-noc
eg: uuencode tnsnames.ora tnsnames.ora | mail esexton@sun1-noc
tar cvf - * | uuencode backup.tar | mail esexton@sun1-noc
(linux) $ tar zcvf - * | uuencode backup.tar.gz | mail esexton@sun1-noc
(sun) $ tar cvf - * | gzip - | uuencode backup.tar.gz | mailx esexton@sun1-noc

LDAP protocol 2 specific commands

LDAP protocol 2 query:
ldapsearch -LLL -P2 -x -h mainldap.domainname-inc.com -b 'o=domainname.com, c=us' cn=guest
ldapdelete -x "cn=j2, ou=1, o=domainname.com, c=US" -w
ldapsearch -x -LLL -b 'o=domainname.com, c=US' cn=j2
ldapadd -x -f newadd1.ldif -D "cn=Directory Manager,o=domainname.com,c=us" -w ""

Tailing tcpdump
tcpdump -l udp > dat & tail -f dat

mysql date select
SELECT * FROM `connection` where login_time > "2002-12-01 00:00:01"

RPM extract commands
Get a content listing:
rpm2cpio web-programs.rpm | cpio -it

Extract Specific File:
rpm2cpio web-programs.rpm | cpio -idm

Extract Entire contents:
rpm2cpio web-programs.rpm | cpio -ivd

Sendmail
Testing aliases and routing.
echo "3,0 nreynolds@domainname.com" | sendmail -bt -d60.1
echo "3,0 nreynolds@domainname.com" | sendmail -bt -d60.1 -d21.12

use sed to translate a space to a newline
sed 's/ /

/g' filename

Bind version
nslookup -q=txt -class=CHAOS version.bind. 0
dig @host version.bind chaos txt
named -v

Query MX record
nslookup -q=mx server-name

freebsd
pkg_add package.tgz
MySQL

Too many indexes on a table will cause delete operations to be slow.

Linux Route
route add -net 10.0.19.0 netmask 255.255.255.0 gw 10.0.101.4
/etc/sysconfig/static-routes:
eth0 net 10.0.19.0 netmask 255.255.255.0 gw 10.0.101.4
route del -net 10.0.19.0 gw 10.0.101.4 netmask 255.255.255.0

-> Restarting SSHD on Solaris 10
svcadm restart svc:/network/ssh:default