My Collection of Useful Linux Admin Tricks


The purpose of Novell Cool Solutions is to disseminate information that contributors provide and share what they think is Cool. To continue with this purpose and tradition, I have compiled a list of what I think are Cool Tips and Shortcuts that have greatly improved the efficiency of my life with Linux.
I hope you think they are Cool Solutions too!

Distro Packages

Ever see a package and wonder what it does or what it’s purpose is? Some package names are very cryptic and without looking them up on the Internet or YaST, you’re kind of left wondering. RPM can tell you on the fly. I’ll give several examples of what we can discover about a particular package.

For our example, we’ll use the package “fam” I know it is a File Alteration Monitor, because I looked it up.

We first need the entire package name. We’ll query the rpm database and grep it.

# rpm -qa | grep fam

We can see there is a server daemon too. We just care about the fam-2.7.0-9.2

To retrieve information about this package we’ll use the rpm –qi parms.

# rpm -qi fam-2.7.0-9.2

Name           :   fam                   Relocations: (not relocatable)
Version        :   2.7.0                 Vendor: SUSE LINUX Products GmbH, Nuernberg, Germany
Release      :    9.2                     Build Date: Fri Jun 16 06:33:35 2006
Install Date:    Tue Mar 17 00:58:38 2009      Build Host:
Group          :    System/Daemons                Source RPM: fam-2.7.0-9.2.src.rpm
Size              :    78539                            License: Other License(s), see package, LGPL
Signature    :    DSA/SHA1, Fri Jun 16 06:42:18 2006, Key ID a84edae89c800aca
Packager    :
URL             :
Summary    :   File Alteration Monitoring Daemon
Description :
Fam is a file alteration monitoring service. With it, you can receive
signals when files are created or changed.

This package provides libfam, which is used by KDE and GNOME. It also
provides a tool for the console called fileschanged.

To use fam notifications (it can reduce the network load on NFS
servers, especially if they host user home directories) you need to run
the fam daemon, which can be found in the fam-server package.

    Bruce Karsh
    Bob Miller
    SGI corp.

    Author of fileschanged command line tool:
    Ben Asselstine <>
Distribution: SUSE Linux Enterprise 10 (i586)

Discarding All Output

We’ve all seen the string of characters appended to a command, either in a script or in a crontab file.

“>/dev/null 2>&1”

Although a bit cryptic, it means, literally, redirect output to the file /dev/null and fold all errors to the same. Or send all output to a black hole called /dev/null

1 is the file descriptor for STDOUT or Standard Output
2 is the file descriptor for STDERR or Standard Error Output

You can also redirect to a file using the same, but changing the target file.

# ls /var/  >/tmp/listing 2>&1
# cat /tmp/listing

Shutdown and Rebooting

Here are some examples of what you can do with the shutdown command. I don’t show actual examples, because of the nature of the command.

Shutdown the server at a specific time

 # shutdown 8:00

Shutdown the server in 15 mins.

# shutdown +15

Shutdown the server now and reboot it.

# shutdown -r now

Shutdown the server now and halt (power off)

# shutdown -h now

Cancel a shutdown

# shutdown -c

I rarely use shutdown as I have become fond of init 6 and init 0. We are simply changing the runlevel to either 0 (halt) or 6 (restart)

# init 6

This command is equivalent to “shutdown –r now”

# init 0

This one is equivalent to “shutdown –h now”

Adding Local Users

Creating a user through YaST involves a few steps that are a bit time consuming if you have several to add and several servers to add them.

Using useradd can add a single user to a system including password in a second.

 # /usr/sbin/useradd -u 12345 -g users -d /home/user01 -m -c "User Dude - UNIX Administrator -" -s /bin/bash -p '$1$01UBH4p3$sY7PTSrW1rdfQ68E1' user01

-u = uid – If you leave this off, one will be created. Although this is perfectly fine, if you use templates or NFS shares, it might be useful to assign a unique uid to each user. I prefer Employee Numbers. They are always unique and it creates a consistency within your servers. Find what suits your needs and go with it.

-g = default group

-d = Home Directory

-m = Create the Home directory

-c = Comment – Like the name and title of the user. Helpful in determining the user’s role later.

-s = Shell – Which shell will the user use.

-p = Password – Encrypted password hash in single quotes. You can generate one with crypt or if the user is on an existing server, you can copy and paste from the /etc/shadow file.

Finally, “user01” the user’s ID.

I copy these useradd strings and place them in a file that I can encrypt and store securely, so if I have to add them to another box later, I can just copy and paste them on the command line and be done.

Create a default password, like Chang3m3 and crypt it, then copy the hash to this same notepad file for use later.

Password Aging

The password will expire in 90 Days.

# chage -M 90 username

The password never expires

# chage -M 99999 -E 99999 username

Expire the current password. Useful for password resets and new accounts.

# passwd -e username

NIC Information and settings

If you have a physical server, you can use ethtool to view or set certain parameters for your NICs. Speed, Duplex and AutoNegotiate are the common settings.

To view the current settings, just specify the device name.

# ethtool eth0
Settings for eth0:
          Supported ports: [ MII ]
          Supported link modes:   10baseT/Half 10baseT/Full
                                               100baseT/Half 100baseT/Full
                                               1000baseT/Half 1000baseT/Full
          Supports auto-negotiation: Yes
          Advertised link modes:  10baseT/Half 10baseT/Full
                                               100baseT/Half 100baseT/Full
                                               1000baseT/Half 1000baseT/Full
          Advertised auto-negotiation: Yes
                 Speed: 100Mb/s
                 Duplex: Full
                 Port: Twisted Pair
                 PHYAD: 1
                 Transceiver: internal
                 Auto-negotiation: on
                 Supports Wake-on: g
                 Wake-on: d
                 Current message level: 0x000000ff (255)
                 Link detected: yes


Normally you do not want auto-negotiation unless it is done on both sides. Auto-negotiation is a protocol. It does NOT automatically determine the configuration of the port on the other side of the Ethernet cable and then match it.

#  ethtool -s eth1 speed 1000 duplex full autoneg off

It should be noted that ethtool doesn’t work on Virtual Machines.

Disk Usage

Wonder which directory is utilizing the most space of a particular partition? Then it’s time to call in the “ducks”.

“df” with the “-h” option only tells us how much space is in use.

# df -h
Filesystem                     	Size  Used Avail Use% Mounted on
/dev/mapper/root-root    	20G  3.9G   15G  21% /
devtmpfs                       1.8G  112K  1.8G   1% /dev
tmpfs                 1.8G     0  1.8G   0% /dev/shm
/dev/sda1             479M   37M  418M   9% /boot
/dev/mapper/root-opt  9.9G  639M  8.8G   7% /opt
/dev/mapper/root-tmp  9.9G  1.3G  8.1G  14% /tmp
/dev/mapper/root-var   51G  752M   48G   2% /var


“du” estimates disk usage. But using “du” by itself is a little hard to read. That’s where the “-cks” makes the output more readable.

-c = display a grand total
-k = block size 1K
-s = summarize

Using /home as an example, here’s the output for “du –cks”

# du -cks
746592  .
746592  total

Not too much meaning, One of the parameters for “du” is FILE or what you want to show size. We’ll run the command again with a “*” to show all home directories.

# du -cks *
72      		user01
72      		user02
14524   	user03
72      		user04
730472  	user05
72      		user06
72      		user07
72      		user08
72      		user09
72      		user10
72      		user11
72      		user12
72      		user13
746588  total

Now we can see that the most space under /home/ belongs to user03 and especially, user05.

But what if you have a lot of subdirectories and all you care about is maybe the top 10?
We’ll add some pipes to show the Top 10.

“sort” can show us the order, since we want the highest to lowest in usage, we want to use the “-r” (reverse) option and we are using numbers, so we also want the “-n” (numeric) option.

Since we only care about the top 10, we’ll pipe all of this output through “head” and specify “-11” to show only the top 10.

Here is our command, “du -cks * |sort -rn |head -11” and the output.

# du -cks * |sort -rn |head -11
746588  total
730472  user05
14524   user03
72      user01
72      user02
72      user04
72      user06
72      user07
72      user08
72      user09
72      user10

Now we can quickly zero in on the offender.
A cool trick I learned a few years ago was to put this command string in my .profile file as an Alias and name it “ducks”

alias ducks='du -cks * |sort -rn |head -11'

Now all I have to type is “ducks” at the command prompt and get the same output.

Ports and process

There are times when I have a new server that needs to communicate to another system on a particular port and I’m not sure if the network guys have opened it for me yet. I can use a quick “netcat” command to see if it’s open or not.

We’ll use ports for eDirectory in this example.

# netcat –v –v –z 524 [] 524 (ncp) open
 sent 0, rcvd 0

The parms for this is “-v” (verbose) add a second “-v” (more verbose), “-z” (zero-IO or don’t actually send any data)

If the port is not open, or of the target server is not listening then netcat will timeout with an error. IP addresses can be used also.

To determine what process is hold a port open, use netstat. We’ll use the options, “-l” (listening sockets), “-n” (show only numeric ports, don’t match them to services) and “-p” (what process is using it)

# netstat -lnp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0* LISTEN 698/perl
tcp 0 0* LISTEN 217/httpd
tcp 0 0* LISTEN 220/named
tcp 0 0* LISTEN 220/named
tcp 0 0* LISTEN 220/named
tcp 0 0* LISTEN 200/sshd
udp 0 0* 220/named
udp 0 0* 220/named

We see the usual stuff, DNS, Web, SSH, but what’s perl using 5280 for? Let’s drill down a bit further and look at PID 698.

# ps auwex |grep -w 698
nocat 698 0.0 2.0 5164 3840 ? S Dec25 0:00 /usr/bin/perl -w ./bin/gateway
PWD=/usr/local/nocat HOSTNAME=catlin.r

I’m using “ps” with the following parms:

a = all
x = non-interactive
u = user information
w = wide format
e = environment bits

We can see from the output that the nocat user is in the /usr/local/nocat/ running bin/gateway, a Perl process that is listening on port 5280.

Another useful tool is “lsof”, there is a very good Cool article on this utility by a very close friend of mine, Kryptikos. How to use the lsof command


There are literally thousands of tips and tricks you can use to make life much easier and using Linux more enjoyable, this is but a small collection of items I use on a daily basis.
If you have a cool tip or way of making your world more “cool” then please, comment to this article and share your own favorites. The Coolguys will be glad to add it. Sharing is the whole purpose of this site.


(Visited 1 times, 1 visits today)


  • tmstone835 says:

    Thank you for your article. I found it very helpful. However, I noticed on thing that is not quite correct.

    While I agree that autonegotiation is a questionable practice for early 10/100 links, it is the preferred method for 1000 Mb/s links. As a matter of fact, it is required for Gigabit copper links. Gigabit autonegotiation is part of the IEEE specification and not an afterthought that was open to interpretation like it was in the older speeds. Even 10/100 autonegotiation was fixed with the updated IEEE specs back in 1999.

  • gmarsh says:

    Agree. Refer to “Ethernet Autonegotiation Best Practices”:

    Simply, autonegotiation should be enabled universally. If it fails, then it is better to fix the equipment rather than incur the admin overhead of maintaining those exceptional links. If the eqpt can’t be fixed (e.g. some very old proprietary hardware and can’t replace the NIC), then I suppose exceptions have to be made until such eqpt is phased out.

  • rodkey says:

    Often I’ll need to add up numbers, and there is no direct command to do this.
    I’ve created a short script to do so, which I call by piping a file with numbers in the first column :

    awk  '
                    print  i ;
    }' >/tmp/addresult.$$
    i=`cat /tmp/addresult.$$ | awk '{print $1}'`
    if [ x$1 == 'x-h' ]
     k=`echo  "$i / 1024"  | bc`
     m=`echo  "$k / 1024"  | bc`
     g=`echo  "$m / 1024"  | bc`
     t=`echo  "$g / 1024"  | bc`
      echo "$i ($k K, $m M, $g G, $t T)"
            echo $i
  • stbroenstrup says:

    Thanks Mike for this long list of commands explained in detail.

    Another useful commands are:
    clockdiff IP_ADDRESS
    to measure time differences between two linux systems.

    Also useful: here documents
    #command < < keyword > SOMETHING TO PIPE
    > keyword
    The ‘keyword’ can be anything, even a single letter

    Showing filesystem of a partition:
    /lib/udev/vol_id –type /dev/sda1

    To give an user root equivalent rights:
    adding him (already created) in the list you get if you type ‘sudoers’ at command prompt.
    Have a look how the root is already configured in there.

    To copy all files out of a list into a directory (interesting for implementing FTF):
    #for i in $(cat list.txt);do cp $i /var/opt/novell/dest_dir/ ; done

    To find files which has been modified within the last X minutes:
    #find -cmin -X

  • kerneltraining says:


    informative content, am a learner of Linux Admin course. Got good knowledge about the subject. taking training from here.

    Thanks for sharing.

  • Leave a Reply

    Your email address will not be published. Required fields are marked *