Tuesday, June 22, 2010

Top 5 most useful commands or tools for Linux administrators

SkyHi @ Tuesday, June 22, 2010

There are plenty such tools which are definitely very useful for Linux admins. Here I am just trying to figure out 5 of such useful tools which are used by a normal Linux administrator in day to day operations. A tool which I think is most useful may not fit in your usage and its definitely possible that you know some awesome tool which I forgot to include here, for such case, I am requesting hereby to please mention the tool in comments. One more thing, I am mentioning here tools which are somewhat optional and not absolutely required for everybody and excluding tool which have no viable alternative and every Linux admin have to use them.. such as SSH, SCP etc.

#5. head/tail

Most of time, the sole purpose of logging in a server is to diagnose some issue and the common way to start this is to look at logs. Logs of different applications like Apache, MySQL, mail logs etc. What you use to look at logs? isn’t that tail? similarly we sometimes use ‘head’ to check few starting lines of any file.

Few examples:

* Continuously check Apache error log file:

$ tail -f /var/log/httpd/error_log

* View first 15 linues from MySQL log:

$ head -15 /var/log/mysqld.log

#4. vi/nano/emacs

Text editor basically needed frequently to create/update config files. I prefer vim, simply because I am very comfortable with it and remembers some of its useful commands for quick editing.

few example of working with vi. open a file with vi and without going in insert mode, here are useful character you can press:

=> jump to end of line
$
=> start of line
0
=> Delete rest of line
D
=> Repeat the last command given:
. (dot)

=> add 'maal' to the end of every line. 1 is line 1, $ is the last line
:1,$ s/$/maal/

=> put 'bingo' at the start of lines 5-10
:5,10 s/^/bingo/

=> change foo to bar for all occurrences in the rest of the file from where the cursor is
:s/foo/bar/g

=> Delete current line and got into insert mode.
C

=> Remove the ^M from files that came from windows:
:se ff=unix

=> Turn on/off display of line numbers:
:set nu
:set nonu

=> if you want actual line numbers in your file:
:%!cat -n

=> find the word under cursor
* (star)

#3. screen

screen is one of much underutilized command in nix world. take a scenario, when last time you issued a command in remote server and find out that the command will take hours to complete? or you are in need to login in 10 servers and check something.. copy files among them.. and voila.. your internet connection get reset and your ssh session get terminated. Here comes screen, once you start using it, you will get hooked to it. Screen is a terminal multiplexer that allows you to manage many processes (like ssh sessions) through one physical terminal. Each process gets its own virtual window, and you can bounce between virtual windows interacting with each process.

Let me give you more insight. Suppose you have many servers and ideally you should restrict ssh (port 22) access to selected IPs only. So, you login into one server which allows access from remote IPs. You can start screen there by typing ‘screen’ (all major Linux distributions have screen already installed). You can see a status bar. create new screen windows by pressing Ctrl+ac. switch between them by pressing Ctrl+an (next) and Ctrl+ap (previous). Basically, for b It offers very useful features like Remote terminal session management (detaching or sharing terminal sessions), unlimited windows (unlike the hardcoded number of Linux virtual consoles), copy/paste between windows, notification of either activity or inactivity in a window, split terminal (horizontally and vertically) into multiple regions, sharing terminals etc.

You can save your preferences in .screenrc, like here’s my .screenrc where I’ve redefining status bar look and feel and assigning key f5 (previous window) and f6 (next window):

$ cat ~/.screenrc
# no annoying audible bell, please
vbell on

# detach on hangup
autodetach on

# don't display the copyright page
startup_message off

# emulate .logout message
pow_detach_msg "Screen session of \$LOGNAME \$:cr:\$:nl:ended."

# advertise hardstatus support to $TERMCAP
termcapinfo xterm* ti@:te@

# make the shell in every window a login shell
shell -$SHELL

defscrollback 10000

# Extend the vt100 desciption by some sequences.

termcap vt* AF=\E[3%dm:AB=\E[4%dm
caption always
caption string '%{= wk}[ %{k}%H %{k}][%= %{= wk}%?%-Lw%?%{r}(%{r}%n*%f%t%?(%u)%?%{r})%{k}%?%+Lw%?%?%= %{k}][%{b} %d/%m %{k}%c %{k}]'

# keybindings

bind -k F5 prev
bind -k F6 next

#2. netstat/nmap

These are very useful commands to diagnose things about network. of course, ping/traceroute may be most commonly used ones but the usefulness wise, nmap and netstat are more useful than a basic ping. netstat stands for network status. nmap is a sort of security/port scanner or you can say a network exploration command.

few examples of netstat:
* Display total number of internet (port 80) connections:

$ netstat -an |grep :80 |wc -l

* Display all ports your machine listening on:

$ netstat -ant | grep LISTEN

* Scan a machine on your LAN with nmap and know which ports are open on it:

$ nmap ip

#1. find and grep
List of some routine tasks: How many files are there consuming most of disk space? Delete all temporary files older than 2 days, find out how many files have old server name written in them which is causing issue? rename all ‘.list’ to ‘.txt’. The commands find, grep are your best friend here.

Find command is used to search for files. you can specify many options with it like files created today or having size greater then you specified. Normally we also combine find with xargs or exec to issue commands on files returned by find.

examples of find command:
* find top 10 largest files in /var:

$ find /var -type f -ls | sort -k 7 -r -n | head -10

* find all files having size more than 5 GB in /var/log/:

$ find /var/log/ -type f -size +5120M -exec ls -lh {} \;

* find all today’s files and copy them to another directory:

$ find /home/me/files -ctime 0  -print -exec cp {} /mnt/backup/{} \;

* find all temp files older than a week and delete:

$ find /temp/ -mtime +7-type f | xargs /bin/rm -f

* find and rename all mp3 files by changing their uppercase names to lowercase:

$ find /home/me/music/ -type f -name *.mp3 -exec rename 'y/[A-Z]/[a-z]/' '{}' \;

some examples of grep command:

* Print Apache’s documentroot directory name:

$ grep -i documentroot  /etc/httpd/conf/httpd.conf

* View file contents without comments and empty lines:

$ grep -Ev “^$|^#” /etc/my.cnf

* print only IP address assigned to the interface:

$ ifconfig eth0 | grep 'inet addr:' | cut -d':' -f2 | awk '{ print $1}'

* How many email messages sent for a particular date:

$ cat /var/log/maillog | grep "status=sent" | grep "May 25" | wc -l

* Find out a running process/daemon from process list (thanks to staranneph for recalling this):

ps -ef | grep mysql

* You can also note cpu/mem usage by using above. like in below command output, you can see that Plesk’s statistics process is utilizing more than 18% cpu alone:

[root@myserver ~]# ps aux | grep statistics
root 8183 18.4 0.0 58384 2848 ? D 04:05 3:00 /usr/local/psa/admin/sbin/statistics

I would like to know your thoughts, any command / tool you think should be included in top 5 here.


REFERENCES
http://linuxadminzone.com/page/3/