Useful Linux Commands
Here’s a set of Useful Linux Commands I’ve historically found useful, hopefully you will too…
Check a diskPermalink
yum install smartmontools
/usr/sbin/smartctl -i /dev/sda
/usr/sbin/smartctl -t short /dev/sda
/usr/sbin/smartctl -a /dev/sda
Set FSCK at rebootPermalink
touch /forcefsck
echo AUTOFSCK_DEF_CHECK=yes>>/etc/sysconfig/autofsck
Save a cronPermalink
crontab -l>$USER+$HOSTNAME.cron
Load a cronPermalink
crontab $USER+$HOSTNAME.cron
ClamAV ERROR: Malformed databasePermalink
rm -fr /usr/share/clamav/daily.cvd
rm -fr /usr/share/clamav/main.cld
rm -fr /usr/share/clamav/mirrors.dat
/usr/local/cpanel/3rdparty/bin/freshclam
/scripts/restartsrv_clamd
Setup ClamAV to update dailyPermalink
echo #!/bin/sh>/etc/cron.daily/freshclam
echo /usr/local/cpanel/3rdparty/bin/freshclam --quiet>/etc/cron.daily/freshclam
chmod 755 /etc/cron.daily/freshclam
Replace strings in filesPermalink
sed -e ‘s/OLDUSERNAME/NEWUSERNAME/g’ /etc/users > /etc/users2
mv -f /etc/users2 /etc/users
bash: vzctl: command not foundPermalink
export PATH=$PATH:/usr/sbin:/sbin
Read exim logPermalink
tail -f /var/log/exim_mainlog
Read maillog (dovecot)Permalink
tail -f /var/log/maillog
Edit the dovecot (pop3) configPermalink
nano -w /etc/dovecot/dovecot.conf
Virus scan using clamavPermalink
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections
How to monitor the server during high loadPermalink
top
sar
#eg: sar -f /var/log/sa/sa`date +%d` | less
Search for string in files, out filename, and line numberPermalink
grep -H -r "string here" /home/user/
Filter filesPermalink
ls -allh | grep Oct | awk {'print $9'} | xargs file
Mirror an MP3 sitePermalink
wget -dc -np -H --mirror -UMSIE6 -Amp3 <URL>
Archive filesPermalink
tar -cf backup.tar file1.txt file2.txt file3.txt
tar -cfz backup.tar.gz dir
Search messages log for named on a certain datePermalink
cat /var/log/messages | grep named | grep "Sep 26" | grep near
Upgrading PHP on CentOSPermalink
CentOS 4Permalink
cd
wget -q -O - http://www.atomicorp.com/installers/atomic.sh | sh
yum --en=atomic update php
CentOS 5Permalink
cd /etc/yum.repos.d
wget http://dev.centos.org/centos/5/CentOS-Testing.repo
yum --en=c5-testing update php
Setup NTPPermalink
yum -y install ntp
chkconfig ntpd on
ntpdate uk.pool.ntp.org
/etc/init.d/ntpd start
Setup latest imagickPermalink
cvs -d :pserver:cvsread@cvs.php.net/repository checkout pecl/imagick && cd pecl/imagick && phpize && ./configure
Find the distroPermalink
cat /etc/redhat-release
Count lines in all php files in a dirPermalink
find . -name "*.php" | xargs wc -l
Shows hard disk drives in Megs and GigsPermalink
df -h
Find out which users are taking up disk space usePermalink
du -sh /home/*
du /home | sort -rn
du -h /home | sort -rh
ncdu
Find out which OpenVZ container is taking up disk space usePermalink
du -sh /vz/private/*
Find ftp passwordsPermalink
find '/home/' -type f -name '*' -size -10000k -exec grep -i -e 'ftp\:\/\/.*\:.*\@.*' {} \;
Hardware DetailsPermalink
PrerequisitesPermalink
apt-get install dmidecode
or
yum install dmidecode
Usage: dmidecode | more
echo 'Type: ' `/usr/sbin/dmidecode --string system-product-name`
echo 'Serial: ' `/usr/sbin/dmidecode --string system-serial-number`
echo 'RAM: ' `grep '^MemTotal:' /proc/meminfo | awk '{ mem=($2)/(1024)/1024 ; printf "%0.0fGB\n", mem }'`
echo 'CPU: ' `grep -c ^processor /proc/cpuinfo`x `grep 'model name' /proc/cpuinfo | uniq | awk -F': ' '{print $2}'`
echo 'HDD: ' `df -h | awk 'BEGIN {tot=0} {tot=tot+$1} END {print (tot)}'GB`
Finds .htaccess that have errordocument 401 in themPermalink
find /home/ -type f -name ‘.htaccess’ -exec grep “ErrorDocument 401” {} \; -print`
Config the firewall from an interfacePermalink
system-config-securitylevel
Watch your messages constantlyPermalink
tail -f /var/log/messages
Set HOSTNAMEPermalink
nano /etc/sysconfig/network
Configure networkPermalink
system-config-network
Port forwarding for VNCPermalink
/sbin/iptables -A PREROUTING -t nat -p tcp -d $NATIP --dport 5900 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to 192.168.0.2:5900
Port forwarding for HTTPDPermalink
/sbin/iptables -A PREROUTING -t nat -p tcp -d $NATIP --dport 81 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to 192.168.0.2:80
StartupPermalink
chkconfig [--level <levels>] <name> <on|off|reset>
eg: chkconfig --add pure-ftpd
chkconfig --level 345 pure-ftpd on
or
ntsysv
Change password via command linePermalink
requires: apt-get install whois (for mkpasswd)Permalink
usermod -p mkpasswd -H md5 password``
alternative
echo df90jk42390kd | passwd backup --stdin
Watch the httpd/monitor apachePermalink
cd /proc;watch " ls -al */cwd|grep public_html"
Monitor apache httpd logsPermalink
tail -f /usr/local/apache/logs/error_log
tail -f /usr/local/apache/logs/access_log
tail -f /usr/local/apache/logs/*
or
tail -f /var/log/httpd/error_log
tail -f /var/log/httpd/access_log
tail -f /var/log/httpd/*
Show all processesPermalink
This command will show all active processes in a tree view:
ps auxfc
Top 10 memory using processesPermalink
ps -auxf | sort -nr -k 4 | head -10
Using netstatPermalink
How to list the connections to port 80Permalink
netstat -alntp | grep :80
How to check the number of connections to port 80Permalink
netstat -alntp | grep :80 | wc -l
How to list the remote IPs connecting to your server on port 80Permalink
netstat -alntp | grep :80 | awk '{print $5}' | cut -d: -f1 | sort
How to list the uniq remote IPs and the number of connections from each IPPermalink
netstat -alntp | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n
MySQL TopPermalink
Quick and dirty:Permalink
watch mysqladmin proc
Full featured (if installed):Permalink
mytop
Change shellPermalink
chsh <user> -s /bin/bash
This will change the shell to bash for the
Migrate MySQL databasePermalink
mysqldump tom_wp > tom_wp.sql
mysql dave_wp < tom_wp.sql
Find possible malicious code infectionsPermalink
grep -r "base64_decode" .
grep --include="*.php" -r "base64_decode" . | grep -v '.off' | grep -v 'virtfs' | more
grep --include="*.php" -r "String.fromCharCode" . | grep -v '.off' | grep -v 'virtfs' | more
Force Reinstall MySQL daemonPermalink
service mysqld stop
rm -fr /var/lib/mysql
mv -f /etc/my.cnf /etc/my.cnf.old
rm /var/log/mysqld.log*
yum remove mysql-server
yum install mysql-server
service mysqld start
Set the timezonePermalink
Using system-config-datePermalink
yum install system-config-date
system-config-date
Or, just files:
echo 'Europe/London' >/etc/timezone
ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime
Setup XdebugPermalink
yum install php-devel gcc gcc-c++ autoconf automake
pecl install Xdebug
echo "; Enable xdebug extension module" > /etc/php.d/xdebug.ini
echo ";extension=xdebug.so" >> /etc/php.d/xdebug.ini
echo "zend_extension=/usr/lib/php/modules/xdebug.so" >> /etc/php.d/xdebug.ini
Troubleshoot /bin/rm: Argument list too longPermalink
find . -name '*.phurix.com*' -print0 | xargs -0 rm
cPanel virus scan using clamavPermalink
for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&
Live tail of the cPanel error logPermalink
tail -f /usr/local/cpanel/logs/error_log
Tail the httpd error logPermalink
tail -f /etc/httpd/logs/error_log
Tail the httpd access logPermalink
tail -f /etc/httpd/logs/access_log
Force restart the HTTPDPermalink
killall httpd; /scripts/restartsrv_httpd
Restart MySQL servicePermalink
/scripts/restartsrv_mysql
Suspend/Unsuspend? a user accountPermalink
/scripts/suspendacct <username>
/scripts/unsuspendacct <username>
List of all the error_log files on the serverPermalink
find /home -name error_log
Find large files (over 1gb) on diskPermalink
find / -type f -size 1000000k
Force a Backup to run on cPanelPermalink
/usr/local/cpanel/bin/backup --force
- LinuxUseful (Google Drive)
linux.txt
Comments