User Tools

Site Tools



uname (-s) prints the kernel name, -r kernel version, -v order and date of kernel compilation, -p processor type, -o operating system name, -n computer network name (nodename), -a all information
lsb_release prints LSB (Linux Standard Base) version, -i linux distribution, -r version of the linux distribution, -d linux distribution name and version, -c codename of the distribution version, -s short output (without header), -a all information
$ lsb_release -si
(prints linux distribution name)
cat /etc/*release / lsb_release -d prints linux distribution name and version
dmidecode displays the system’s hardware components and BIOS information, -s <keyword> information only about a specified item from the list of available keywords
# dmidecode -s system-uuid
(prints the system ID)
# dmidecode -s system-product-name | egrep -i 'virtual|vm|bochs'
(prints information whether the system is a virtual server)
lscpu displays information about the CPU
cat /proc/cpuinfo displays detailed information about the particular CPU cores
free displays the total amount of free and used physical and swap memory in the system, as well as the buffers and caches used by the kernel in kB (data from /proc/meminfo), -m in MB, -t total
nmon displays detailed CPU, memory, network, disks, kernel, file systems, NFS and top processes statistics information (the output changes according to the current state)
ulimit prints or sets the resource usage limits of the shell and any processes started by it (by default with option "-f"), -a prints all current limits, -H sets a "hard" resource limit, -S sets a "soft" resource limit, -f <limit> the maximum size of files created by the shell in MB, -n <limit> the maximum number of open file descriptors, -t <limit> the maximum amount of the CPU time in seconds, -u <limit> the maximum number of processes available to a single user; (permanent setup in /etc/security/limits.conf)
chroot <root_directory> changes the root directory to that specified by the argument and starts a new shell (handy when working in a rescue mode from an external media)
# chroot /mnt/sysimage
(connects directly to the hard disk with the original installation from where it is possible to repair the damaged system)
setup starts a configuration tool for the system setup
cal ((<MM>) <YYYY>) displays a calendar (the current month or a specified month of the year or the whole year), -m Monday as the first day of the week, -y the whole current year, -j serial day of the year
$ cal 12 2005
date (<MMDDhhmmYY>) displays or sets the current system date and time, +<format> displays the date and time in a specified format (e.g. %H prints hour in a 2-digit 24-hour format, %M minute in a 2-digit format, %S second in a 2-digit format, %d day in month in a 2-digit format, %m month in a 2-digit format, %Y year in a 4-digit format, %F YYYY-MM-DD format, %s number of seconds since January 1st, 1970), -d <specification> prints the date as specified
$ date +%H:%M-%d.%m-%Y
$ date -d @123456
(converts the time in seconds since January 1st, 1970 to human-readable format)
$ date -d "+90 days" +%F
(prints the date in 90 days in YYYY-MM-DD format)
$ TZ='America/New_York' date
(displays the current system date and time in a specified time zone)
(implemented from RHEL 7)
displays the current system date and time, including the time zone, set-time <YYYY-MM-DD hh:mm:ss> sets the current system date and time, list-timezones lists all available time zones, set-timezone <time_zone> sets a time zone, set-ntp (true/false) enables or disables NTP synchronization
tzselect interactively selects a correct time zone
ntpdate <server> sets the system date and time via a specified NTP server (permanent setup in /etc/ntp.conf)
# ntpdate
hwclock -r prints hardware date and time, -s sets the system time according to the hardware clock, -w sets the hardware time according to the system clock, --set –date=<YYMMDD hh:mm:ss> sets the hardware time to the specified value
# hwclock --set --date='780321 22:06:56'
uptime displays the system time, how long the system has been running, how many users are currently logged in and the system load averages for the past 1, 5 and 15 minutes
who -b prints the last system boot time
cat /var/log/messages prints global system messages, including those that are logged during system startup
cat /var/log/secure prints messages related to security and authentication events
(implemented from RHEL 7)
prints all system logs collected by journal daemon in /run/log/journal, -b since the most recent reboot, -S / -U <YYYY-MM-DD (HH:mm:ss)> since or until a specified period, -n (<n>) last n entries (10 by default), -f continuously prints new entries as they are appended to the journal, -k kernel messages only, -u <unit> for a specified systemd unit (service), -p <priority> messages of a specified priority or above, -r reverse output (the newest entries are displayed first), q quits the program
# journalctl -b -p err
# journalctl -u httpd.service -S yesterday
dmesg prints messages from the kernel ring buffer, especially about the hardware devices that the kernel detects during the boot process (data from /var/log/dmesg), -e displays date and time, -L colorizes important messages
$ dmesg | grep usb
logger (<message>) creates entries in the system log, -p <priority> specifies the priority
$ logger -p test
sysctl <parameter> prints a specified kernel parameter and its current value, -a prints all kernel parameters and their current values, -w <parameter>=<value> modifies kernel parameters at runtime; (available parameters can be found in /proc/sys, permanent setup in /etc/sysctl.conf), -p synchronizes data from /etc/sysctl.conf with the kernel
# sysctl -w net.ipv4.icmp_echo_ignore_all=1
(ignores ping requests)
# sysctl -w net.ipv4.ip_forward=1
(enables IP forwarding)
cat /etc/grub.conf (lilo.conf) prints the boot loader setup for starting the OS
cat /etc/default/grub
(implemented from RHEL 7 – GRUB 2)
prints the boot loader setup for starting the OS, the related scripts are found in /etc/grub.d
grub-install <device> installs grub on a specified device
# grub-install /dev/sda
mkinitrd <RAM_disk_image> <kernel_version> creates an initial RAM disk image containing basic modules needed for mounting "/" filesystem (only then modules inside /lib/modules/<kernel_version> can be loaded), --with=<module> adds a specified module into the initial RAM disk image, -v detailed output
# mkinitrd /boot/initrd-$(uname -r).img $(uname -r)
(recreates the initial RAM disk image; needed e.g. when ext2 FS has been converted to ext3 FS)
# mkinitrd --with=raid1 /boot/initrd-raid1-$(uname -r).img $(uname -r)
(the new initial RAM disk image with the particular module has to be added to /boot/grub/grub.conf as a new paragraph – i.e. copy the previous part from the line beginning with "title..." to "initrd..." and correct the new RAM disk image title on the last line; at the system startup it is possible to choose this new image to be used)
lsmod lists all modules loaded in the kernel (data from /proc/modules)
modinfo <module> shows information about a module, -d short description
insmod <module> inserts a module into the kernel (provided no other dependencies are required)
rmmod <module> removes a module from the kernel (provided no other dependencies are required), -v detailed output
depmod (-a) / depmod <module> generates a list of dependencies of all/specified modules in /lib/modules/<kernel_version>/modules.dep
modprobe <module> inserts a module into the kernel including all its dependencies, -r remove a module, -v detailed output
# modprobe usbnet
runlevel / who -r prints the previous and current system runlevel / prints the current system runlevel and its time of launch
systemctl list-units -t target
(implemented from RHEL 7)
prints the current system runlevel (currently loaded "target units")
init / telinit <runlevel> changes the system runlevel, 0 halt, 1 single-user mode without network,
2 multi-user mode without network, 3 multi-user mode with network, 4 not used (user-definable), 5 runlevel 3 + GUI, 6 reboot; the configuration file of the init process is /etc/inittab, if the file is changed, its re-examination is launched by command "init q"
# init 5
systemctl isolate <runlevel>.target
(implemented from RHEL 7)
changes the system runlevel (current "target unit"), / power off, / single-user mode without network, / multi-user mode with network, / multi-user mode with network, / multi-user mode with network, / multi-user mode with network + GUI, / reboot
# systemctl isolate
# systemctl isolate
systemctl rescue
(implemented from RHEL 7)
changes the system runlevel to single-user mode without network, mounts all local file systems and starts important system services
systemctl emergency
(implemented from RHEL 7)
changes the system runlevel to single-user mode without network, mounts only root file system for reading and starts the most important system services (used when the system is unable to enter rescue mode)
systemctl get-default
(implemented from RHEL 7)
prints the default system runlevel (default "target unit")
systemctl set-default <runlevel>.target
(implemented from RHEL 7)
alters the default system runlevel (default "target unit")
# systemctl set-default
reboot / init 6 stops all processes, saves the FS cache on the disk and reboots the OS
systemctl reboot
(implemented from RHEL 7)
stops all processes, saves the FS cache on the disk and reboots the OS
halt / init 0 stops all processes, saves the FS cache on the disk and stops the processor (stand-by mode)
systemctl halt
(implemented from RHEL 7)
stops all processes, saves the FS cache on the disk and stops the processor (stand-by mode)
poweroff stops all processes, saves the FS cache on the disk and brings the OS down
systemctl poweroff
(implemented from RHEL 7)
stops all processes, saves the FS cache on the disk and brings the OS down
shutdown stops all processes, saves the FS cache on the disk and stops the processor, -h <time> brings the OS down, -r <time> reboots the OS, -c cancels a running shutdown, -k <time> false shutdown, sends out the warning messages and disable logins to users
# shutdown -h now / shutdown -h 22:00
(brings the OS down immediately / at the specified time)
# shutdown -r +30 "quick reboot"
(reboots in 30 min. + warning messages)
startx starts an X window system
xterm runs a terminal in an X window system, -e <command> specifies a command to be run in the xterm window
# xterm -e "tail -f /var/log/secure" &
tty prints the terminal name of the logged-in user
stty (<argument>) prints or changes the terminal's settings for the logged-in user, -a prints the current settings in human-readable format
set prints all current variables (global + local) and functions of the shell, -x when situated at the beginning of a script, the script is run in a debug mode (same as $ bash -x
set -o
set - / +o <option>
prints the current setup of the shell options
changes the shell options` setup, "-" sets the option, "+" cancels the option
$ set -o vi
(sets the "vi" editor environment to the shell)
unset <variable> removes a variable, -f <function> function definition
$ unset x
printenv (<variable>) prints all or specified environment (global) variables and their values
env (<variable=value> <command>) runs a process in an environment temporarily modified by its own variable settings that are either added to or removed from the current environment; without an argument all or specified environment (global) variables and their values are displayed (identical to "printenv" command), -u <variable> removes a variable, -i removes all variables (loads an empty environment)
export (<variable(=value)>) exports a local variable in order to be valid also for subshells within the same session (permanent local variables are defined and exported in ~/.bash_profile, global variables in /etc/profile); without an argument all exported variables are printed, -n <variable> unexports a variable
$ export x / export x=y
echo (<text> / $<variable>) prints a blank line or a specified text or value of the variable, -n suppresses a new line output after the last argument (useful in scripts)
$ echo -n 'Enter the required action: '
printf <format> (<argument>) prints a formatted string; format specification e.g: %s string, %d decadic integer, %% %, \n new line, \t tabulator
$ printf "Hello, I am %s.\n" $LOGNAME
$ printf "%s\t%s\t%s\n" Buy Sale Profit
$ for i in $(seq 1 10); do printf "%03d\n" "$i"; done
(prints numbers 1–10 in a 3-digit format starting with zero)
eval <argument> concatenates arguments and executes them as a shell command
$ user=david; eval cd ~$user
xargs (<command>) reads and divides a large amount of arguments from STDIN into smaller parts in order to be acceptable for the following command that is to be executed (usually it is not possible to assign an unlimited number of arguments to a command), -0 arguments are terminated by a null character instead of by whitespace and the quotes and backslash have no special meaning (this option must also be supported by the command providing the input for "xargs"), -t prints the command line on STDERR before executing it
# find . -name core -print0 | xargs -0 -t rm
# find / -user tom | xargs -t rm -Rf
$ find . -type d | xargs chmod 750
$ find . -atime -1 -type f | xargs ls -lutr | tail -1
expr <expression> evaluates mathematical and other expressions; individual arguments are separated by spaces and special characters must be suppressed against the shell expansion
$ expr 7 + 3
$ expr "(" 6 - 3 ")" "*" 10
$ expr length ABCD
bc (<file>) evaluates mathematical and other expressions from a specified file; without an argument it works interactively
seq <specification> prints a sequence of numbers (one on each line) defined by an upper and possibly lower limit or an increment, -f <format> in a specified format, -s <string> uses a string to separate the numbers, -w equalizes width by padding with leading zeroes in front of a single digit
$ seq 2 5
(a lower and upper limit defined)
$ seq 1 .2 3
(a lower and upper limit defined including an increment)
$ seq -w 15
(digits 01–15)
$ seq -s ':' 10
(digits 1–10 separated by ":"
$ seq -f '*%g*' 3
(digits 1–3 between three stars)
$ for i in $(seq 1 100); do expr $i "*" $i; done
(prints the square of numbers 1–100, each on a separate line)
yes (<string>) repeats printing "y" or a specified string (one on each line)
time <command> measures the time of a command execution
$ time wget
alias (<your_own_command>=<command>) defines an alias for the specified command (permanent setup in ~/.bashrc); without an argument all current aliases are printed
$ alias nopaste='curl -F file=@-'
unalias <your_own_command> cancels an alias, -a removes all aliases
script <file> saves everything that is displayed after executing the program on STDOUT into the specified file, -a appends the output into the existing file, -c <command> saves the specified command`s output only, ctrl+d exits the program
history <n> prints history of last n commands, -c removes history
fc (<n> / <n m>) edits last (specified) command(s) by default editor, -e <editor> selects an editor, -l prints a numbered list of last executed (specified) commands, -r reverses the order of the commands, -s executes the last (specified) command from history
$ fc -l -20 | grep cat
(prints last 20 commands containing "cat")
$ fc -l 210 250
(prints a list of commands in the specified range)
$ fc -s / fc !!
(executes the previous command)
$ fc -s 560 / fc !560
(executes a specified command)
clear clears the terminal screen
reset clears the terminal screen and sets its default values
exit / ctrl+d exits a shell (logs off a user)
logout exits a login shell
setenforce <mode> sets a SELinux mode if it is enabled (0 = permissive – the security policy is not applied, only possible warning messages are being logged into /var/log/messages, 1 = enforcing – the security policy defining files' access control is used; permanent setup in /etc/selinux/config)
getenforce prints the current SELinux mode ("enforcing", "permissive", or "disabled")
sestatus prints the current SELinux status, its mode and policy being used, -v detailed output based on data from /etc/sestatus.conf
chcon <context> <file/directory> changes temporarily a file/directory security context within SELinux (the change retains until the system reboot or execution of "restorecon" command; the security context consists of 5 colon separated parts – user:role:type:sensitivity:category, 2 last of which may not be defined in the system; when copying a file its security context changes according to the new, parent directory, when moving a file its security context persists), -u <user> for a specified user (value "root" for root, "user_u" for other users and "system_u" for processes), -r <role> for a specified role (defines the purpose of the particular file, process or user; value "object_r" for files and "system_r" for processes and users), -t <type> for a specified type (defines which process types can access particular file types; "unconfined_t" means that it is not restricted by SELinux policy), --reference <source> sets a file the security context according to the source file, -R recursively, -v detailed output
# chcon -Rt httpd_sys_content_t /web
(changes temporarily the directory security context so that its contents are accessible only to the web server)
# chcon --reference /etc/hosts.allow /etc/hosts.deny
semanage <object> <definition> defines SELinux policy rules, fcontext displays and modifies the rules that "restorecon" command uses to set default file/directory security context within SELinux, -a adds a security context, -d deletes a security context, -l lists a security context
# semanage fcontext -at httpd_sys_content_t '/web(/.*)?'
(adds a default security context to the directory and its contents)
# semanage boolean -l | grep httpd_enable_homedirs
(prints whether a boolean is enabled permanently)
restorecon <file/directory> sets a file/directory the default security context within SELinux, -R recursively, -v detailed output
# restorecon -Rv /web
setsebool <boolean> <state> sets a SELinux boolean state, -P permanent settings
# setsebool -P httpd_enable_homedirs on
getsebool (<boolean>) prints a SELinux boolean state, -a prints all booleans and their states
Last modified: 2019/08/14 10:16 by Miroslav Bernát