My Collection of Useful Linux Admin Tricks
The purpose of Novell Cool Solutions is to disseminate information that contributors provide and share what they think is Cool. To continue with this purpose and tradition, I have compiled a list of what I think are Cool Tips and Shortcuts that have greatly improved the efficiency of my life with Linux.
I hope you think they are Cool Solutions too!
Ever see a package and wonder what it does or what it’s purpose is? Some package names are very cryptic and without looking them up on the Internet or YaST, you’re kind of left wondering. RPM can tell you on the fly. I’ll give several examples of what we can discover about a particular package.
For our example, we’ll use the package “fam” I know it is a File Alteration Monitor, because I looked it up.
We first need the entire package name. We’ll query the rpm database and grep it.
# rpm -qa | grep fam fam-2.7.0-9.2 fam-server-2.7.0-9.2 #
We can see there is a server daemon too. We just care about the fam-2.7.0-9.2
To retrieve information about this package we’ll use the rpm –qi parms.
# rpm -qi fam-2.7.0-9.2 Name : fam Relocations: (not relocatable) Version : 2.7.0 Vendor: SUSE LINUX Products GmbH, Nuernberg, Germany Release : 9.2 Build Date: Fri Jun 16 06:33:35 2006 Install Date: Tue Mar 17 00:58:38 2009 Build Host: leukozyt.suse.de Group : System/Daemons Source RPM: fam-2.7.0-9.2.src.rpm Size : 78539 License: Other License(s), see package, LGPL Signature : DSA/SHA1, Fri Jun 16 06:42:18 2006, Key ID a84edae89c800aca Packager : http://bugs.opensuse.org URL : http://oss.sgi.com/projects/fam/ Summary : File Alteration Monitoring Daemon Description : Fam is a file alteration monitoring service. With it, you can receive signals when files are created or changed. This package provides libfam, which is used by KDE and GNOME. It also provides a tool for the console called fileschanged. To use fam notifications (it can reduce the network load on NFS servers, especially if they host user home directories) you need to run the fam daemon, which can be found in the fam-server package. Authors: -------- Bruce Karsh Bob Miller SGI corp. Author of fileschanged command line tool: Ben Asselstine <email@example.com> Distribution: SUSE Linux Enterprise 10 (i586) #
Discarding All Output
We’ve all seen the string of characters appended to a command, either in a script or in a crontab file.
Although a bit cryptic, it means, literally, redirect output to the file /dev/null and fold all errors to the same. Or send all output to a black hole called /dev/null
1 is the file descriptor for STDOUT or Standard Output
2 is the file descriptor for STDERR or Standard Error Output
You can also redirect to a file using the same, but changing the target file.
# ls /var/ >/tmp/listing 2>&1 # cat /tmp/listing X11R6 adm cache games lib lock log mail novell opt run spool tmp yp #
Shutdown and Rebooting
Here are some examples of what you can do with the shutdown command. I don’t show actual examples, because of the nature of the command.
Shutdown the server at a specific time
# shutdown 8:00
Shutdown the server in 15 mins.
# shutdown +15
Shutdown the server now and reboot it.
# shutdown -r now
Shutdown the server now and halt (power off)
# shutdown -h now
Cancel a shutdown
# shutdown -c
I rarely use shutdown as I have become fond of init 6 and init 0. We are simply changing the runlevel to either 0 (halt) or 6 (restart)
# init 6
This command is equivalent to “shutdown –r now”
# init 0
This one is equivalent to “shutdown –h now”
Adding Local Users
Creating a user through YaST involves a few steps that are a bit time consuming if you have several to add and several servers to add them.
Using useradd can add a single user to a system including password in a second.
# /usr/sbin/useradd -u 12345 -g users -d /home/user01 -m -c "User Dude - UNIX Administrator -" -s /bin/bash -p '$1$01UBH4p3$sY7PTSrW1rdfQ68E1' user01
-u = uid – If you leave this off, one will be created. Although this is perfectly fine, if you use templates or NFS shares, it might be useful to assign a unique uid to each user. I prefer Employee Numbers. They are always unique and it creates a consistency within your servers. Find what suits your needs and go with it.
-g = default group
-d = Home Directory
-m = Create the Home directory
-c = Comment – Like the name and title of the user. Helpful in determining the user’s role later.
-s = Shell – Which shell will the user use.
-p = Password – Encrypted password hash in single quotes. You can generate one with crypt or if the user is on an existing server, you can copy and paste from the /etc/shadow file.
Finally, “user01” the user’s ID.
I copy these useradd strings and place them in a file that I can encrypt and store securely, so if I have to add them to another box later, I can just copy and paste them on the command line and be done.
Create a default password, like Chang3m3 and crypt it, then copy the hash to this same notepad file for use later.
The password will expire in 90 Days.
# chage -M 90 username
The password never expires
# chage -M 99999 -E 99999 username
Expire the current password. Useful for password resets and new accounts.
# passwd -e username
NIC Information and settings
If you have a physical server, you can use ethtool to view or set certain parameters for your NICs. Speed, Duplex and AutoNegotiate are the common settings.
To view the current settings, just specify the device name.
# ethtool eth0 Settings for eth0: Supported ports: [ MII ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Half 1000baseT/Full Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Half 1000baseT/Full Advertised auto-negotiation: Yes Speed: 100Mb/s Duplex: Full Port: Twisted Pair PHYAD: 1 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: d Current message level: 0x000000ff (255) Link detected: yes #
Normally you do not want auto-negotiation unless it is done on both sides. Auto-negotiation is a protocol. It does NOT automatically determine the configuration of the port on the other side of the Ethernet cable and then match it.
# ethtool -s eth1 speed 1000 duplex full autoneg off #
It should be noted that ethtool doesn’t work on Virtual Machines.
Wonder which directory is utilizing the most space of a particular partition? Then it’s time to call in the “ducks”.
“df” with the “-h” option only tells us how much space is in use.
# df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/root-root 20G 3.9G 15G 21% / devtmpfs 1.8G 112K 1.8G 1% /dev tmpfs 1.8G 0 1.8G 0% /dev/shm /dev/sda1 479M 37M 418M 9% /boot /dev/mapper/root-opt 9.9G 639M 8.8G 7% /opt /dev/mapper/root-tmp 9.9G 1.3G 8.1G 14% /tmp /dev/mapper/root-var 51G 752M 48G 2% /var #
“du” estimates disk usage. But using “du” by itself is a little hard to read. That’s where the “-cks” makes the output more readable.
-c = display a grand total
-k = block size 1K
-s = summarize
Using /home as an example, here’s the output for “du –cks”
# du -cks 746592 . 746592 total #
Not too much meaning, One of the parameters for “du” is FILE or what you want to show size. We’ll run the command again with a “*” to show all home directories.
# du -cks * 72 user01 72 user02 14524 user03 72 user04 730472 user05 72 user06 72 user07 72 user08 72 user09 72 user10 72 user11 72 user12 72 user13 746588 total #
Now we can see that the most space under /home/ belongs to user03 and especially, user05.
But what if you have a lot of subdirectories and all you care about is maybe the top 10?
We’ll add some pipes to show the Top 10.
“sort” can show us the order, since we want the highest to lowest in usage, we want to use the “-r” (reverse) option and we are using numbers, so we also want the “-n” (numeric) option.
Since we only care about the top 10, we’ll pipe all of this output through “head” and specify “-11” to show only the top 10.
Here is our command, “du -cks * |sort -rn |head -11” and the output.
# du -cks * |sort -rn |head -11 746588 total 730472 user05 14524 user03 72 user01 72 user02 72 user04 72 user06 72 user07 72 user08 72 user09 72 user10 #
Now we can quickly zero in on the offender.
A cool trick I learned a few years ago was to put this command string in my .profile file as an Alias and name it “ducks”
alias ducks='du -cks * |sort -rn |head -11'
Now all I have to type is “ducks” at the command prompt and get the same output.
Ports and process
There are times when I have a new server that needs to communicate to another system on a particular port and I’m not sure if the network guys have opened it for me yet. I can use a quick “netcat” command to see if it’s open or not.
We’ll use ports for eDirectory in this example.
# netcat –v –v –z edirserver1.mydomain.net 524 edirserver1.mydomain.net [10.100.100.2] 524 (ncp) open sent 0, rcvd 0 #
The parms for this is “-v” (verbose) add a second “-v” (more verbose), “-z” (zero-IO or don’t actually send any data)
If the port is not open, or of the target server is not listening then netcat will timeout with an error. IP addresses can be used also.
To determine what process is hold a port open, use netstat. We’ll use the options, “-l” (listening sockets), “-n” (show only numeric ports, don’t match them to services) and “-p” (what process is using it)
# netstat -lnp Active Internet connections (only servers) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 0.0.0.0:5280 0.0.0.0:* LISTEN 698/perl tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 217/httpd tcp 0 0 10.100.10.2:53 0.0.0.0:* LISTEN 220/named tcp 0 0 10.100.10.6:53 0.0.0.0:* LISTEN 220/named tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 220/named tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 200/sshd udp 0 0 0.0.0.0:32768 0.0.0.0:* 220/named udp 0 0 10.100.10.2:53 0.0.0.0:* 220/named #
We see the usual stuff, DNS, Web, SSH, but what’s perl using 5280 for? Let’s drill down a bit further and look at PID 698.
# ps auwex |grep -w 698 nocat 698 0.0 2.0 5164 3840 ? S Dec25 0:00 /usr/bin/perl -w ./bin/gateway PWD=/usr/local/nocat HOSTNAME=catlin.r #
I’m using “ps” with the following parms:
a = all
x = non-interactive
u = user information
w = wide format
e = environment bits
We can see from the output that the nocat user is in the /usr/local/nocat/ running bin/gateway, a Perl process that is listening on port 5280.
There are literally thousands of tips and tricks you can use to make life much easier and using Linux more enjoyable, this is but a small collection of items I use on a daily basis.
If you have a cool tip or way of making your world more “cool” then please, comment to this article and share your own favorites. The Coolguys will be glad to add it. Sharing is the whole purpose of this site.