5 minute read

Here’s a set of Useful Linux Commands I’ve historically found useful, hopefully you will too…

Check a diskPermalink

yum install smartmontools
/usr/sbin/smartctl -i /dev/sda
/usr/sbin/smartctl -t short /dev/sda
/usr/sbin/smartctl -a /dev/sda

Set FSCK at rebootPermalink

touch /forcefsck
echo AUTOFSCK_DEF_CHECK=yes>>/etc/sysconfig/autofsck

Save a cronPermalink

crontab -l>$USER+$HOSTNAME.cron

Load a cronPermalink

crontab $USER+$HOSTNAME.cron

ClamAV ERROR: Malformed databasePermalink

rm -fr /usr/share/clamav/daily.cvd
rm -fr /usr/share/clamav/main.cld
rm -fr /usr/share/clamav/mirrors.dat
/usr/local/cpanel/3rdparty/bin/freshclam
/scripts/restartsrv_clamd

Setup ClamAV to update dailyPermalink

echo #!/bin/sh>/etc/cron.daily/freshclam
echo /usr/local/cpanel/3rdparty/bin/freshclam --quiet>/etc/cron.daily/freshclam
chmod 755 /etc/cron.daily/freshclam

Replace strings in filesPermalink

sed -e ‘s/OLDUSERNAME/NEWUSERNAME/g’ /etc/users > /etc/users2
mv -f /etc/users2 /etc/users

bash: vzctl: command not foundPermalink

export PATH=$PATH:/usr/sbin:/sbin

Read exim logPermalink

tail -f /var/log/exim_mainlog

Read maillog (dovecot)Permalink

tail -f /var/log/maillog

Edit the dovecot (pop3) configPermalink

nano -w /etc/dovecot/dovecot.conf

Virus scan using clamavPermalink

for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections

How to monitor the server during high loadPermalink

top
sar
#eg: sar -f /var/log/sa/sa`date +%d` | less

Search for string in files, out filename, and line numberPermalink

grep -H -r "string here" /home/user/

Filter filesPermalink

ls -allh | grep Oct | awk {'print $9'} | xargs file

Mirror an MP3 sitePermalink

wget -dc -np -H --mirror -UMSIE6 -Amp3 <URL>

Archive filesPermalink

tar -cf backup.tar file1.txt file2.txt file3.txt
tar -cfz backup.tar.gz dir

Search messages log for named on a certain datePermalink

cat /var/log/messages | grep named | grep "Sep 26" | grep near

Upgrading PHP on CentOSPermalink

CentOS 4Permalink

cd
wget -q -O - http://www.atomicorp.com/installers/atomic.sh | sh
yum --en=atomic update php

CentOS 5Permalink

cd /etc/yum.repos.d
wget http://dev.centos.org/centos/5/CentOS-Testing.repo
yum --en=c5-testing update php

Setup NTPPermalink

yum -y install ntp
chkconfig ntpd on
ntpdate uk.pool.ntp.org
/etc/init.d/ntpd start

Setup latest imagickPermalink

cvs -d :pserver:cvsread@cvs.php.net/repository checkout pecl/imagick && cd pecl/imagick && phpize && ./configure

Find the distroPermalink

cat /etc/redhat-release

Count lines in all php files in a dirPermalink

find . -name "*.php" | xargs wc -l

Shows hard disk drives in Megs and GigsPermalink

df -h

Find out which users are taking up disk space usePermalink

du -sh /home/*
du /home | sort -rn
du -h /home | sort -rh
ncdu

Find out which OpenVZ container is taking up disk space usePermalink

du -sh /vz/private/*

Find ftp passwordsPermalink

find '/home/' -type f -name '*' -size -10000k -exec grep -i -e 'ftp\:\/\/.*\:.*\@.*' {} \;

Hardware DetailsPermalink

PrerequisitesPermalink

apt-get install dmidecode or yum install dmidecode

Usage: dmidecode | more

echo 'Type: ' `/usr/sbin/dmidecode --string system-product-name`
echo 'Serial: ' `/usr/sbin/dmidecode --string system-serial-number`
echo 'RAM: ' `grep '^MemTotal:' /proc/meminfo | awk '{ mem=($2)/(1024)/1024 ; printf "%0.0fGB\n", mem }'`
echo 'CPU: ' `grep -c ^processor /proc/cpuinfo`x `grep 'model name' /proc/cpuinfo | uniq | awk -F': ' '{print $2}'`
echo 'HDD: ' `df -h | awk 'BEGIN {tot=0} {tot=tot+$1} END {print (tot)}'GB`

Finds .htaccess that have errordocument 401 in themPermalink

find /home/ -type f -name ‘.htaccess’ -exec grep “ErrorDocument 401” {} \; -print`

Config the firewall from an interfacePermalink

system-config-securitylevel

Watch your messages constantlyPermalink

tail -f /var/log/messages

Set HOSTNAMEPermalink

nano /etc/sysconfig/network

Configure networkPermalink

system-config-network

Port forwarding for VNCPermalink

/sbin/iptables -A PREROUTING -t nat -p tcp -d $NATIP --dport 5900 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to 192.168.0.2:5900

Port forwarding for HTTPDPermalink

/sbin/iptables -A PREROUTING -t nat -p tcp -d $NATIP --dport 81 -m state --state NEW,ESTABLISHED,RELATED -j DNAT --to 192.168.0.2:80

StartupPermalink

chkconfig [--level <levels>] <name> <on|off|reset>

eg: chkconfig --add pure-ftpd chkconfig --level 345 pure-ftpd on

or

ntsysv

Change password via command linePermalink

requires: apt-get install whois (for mkpasswd)Permalink

usermod -p mkpasswd -H md5 password``

alternative

echo df90jk42390kd | passwd backup --stdin

Watch the httpd/monitor apachePermalink

cd /proc;watch " ls -al */cwd|grep public_html"

Monitor apache httpd logsPermalink

tail -f /usr/local/apache/logs/error_log
tail -f /usr/local/apache/logs/access_log
tail -f /usr/local/apache/logs/*

or

tail -f /var/log/httpd/error_log
tail -f /var/log/httpd/access_log
tail -f /var/log/httpd/*

Show all processesPermalink

This command will show all active processes in a tree view:

ps auxfc

Top 10 memory using processesPermalink

ps -auxf | sort -nr -k 4 | head -10

Using netstatPermalink

How to list the connections to port 80Permalink

netstat -alntp | grep :80

How to check the number of connections to port 80Permalink

netstat -alntp | grep :80 | wc -l

How to list the remote IPs connecting to your server on port 80Permalink

netstat -alntp | grep :80 | awk '{print $5}' | cut -d: -f1 | sort

How to list the uniq remote IPs and the number of connections from each IPPermalink

netstat -alntp | grep :80 | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

MySQL TopPermalink

Quick and dirty:Permalink

watch mysqladmin proc

mytop

Change shellPermalink

chsh <user> -s /bin/bash

This will change the shell to bash for the .

Migrate MySQL databasePermalink

mysqldump tom_wp > tom_wp.sql
mysql dave_wp < tom_wp.sql

Find possible malicious code infectionsPermalink

grep -r "base64_decode" .
grep --include="*.php" -r "base64_decode" . | grep -v '.off' | grep -v 'virtfs' | more
grep --include="*.php" -r "String.fromCharCode" . | grep -v '.off' | grep -v 'virtfs' | more

Force Reinstall MySQL daemonPermalink

service mysqld stop
rm -fr /var/lib/mysql
mv -f /etc/my.cnf /etc/my.cnf.old
rm /var/log/mysqld.log*
yum remove mysql-server
yum install mysql-server
service mysqld start

Set the timezonePermalink

Using system-config-datePermalink

yum install system-config-date
system-config-date

Or, just files:

echo 'Europe/London' >/etc/timezone
ln -sf /usr/share/zoneinfo/Europe/London /etc/localtime

Setup XdebugPermalink

yum install php-devel gcc gcc-c++ autoconf automake
pecl install Xdebug
echo "; Enable xdebug extension module" > /etc/php.d/xdebug.ini
echo ";extension=xdebug.so" >> /etc/php.d/xdebug.ini
echo "zend_extension=/usr/lib/php/modules/xdebug.so" >> /etc/php.d/xdebug.ini

Troubleshoot /bin/rm: Argument list too longPermalink

find . -name '*.phurix.com*' -print0 | xargs -0 rm

cPanel virus scan using clamavPermalink

for i in `awk '!/nobody/{print $2 | "sort | uniq" }' /etc/userdomains | sort | uniq`; do /usr/local/cpanel/3rdparty/bin/clamscan -i -r /home/$i 2>>/dev/null; done >> /root/infections&

Live tail of the cPanel error logPermalink

tail -f /usr/local/cpanel/logs/error_log

Tail the httpd error logPermalink

tail -f /etc/httpd/logs/error_log

Tail the httpd access logPermalink

tail -f /etc/httpd/logs/access_log

Force restart the HTTPDPermalink

killall httpd; /scripts/restartsrv_httpd

Restart MySQL servicePermalink

/scripts/restartsrv_mysql

Suspend/Unsuspend? a user accountPermalink

/scripts/suspendacct <username>
/scripts/unsuspendacct <username>

List of all the error_log files on the serverPermalink

find /home -name error_log

Find large files (over 1gb) on diskPermalink

find / -type f -size 1000000k

Force a Backup to run on cPanelPermalink

/usr/local/cpanel/bin/backup --force

linux.txt

Updated:

Comments