1. sudo – Execute commands with elevated privileges, a fundamental for system administration.
2. useradd – Create a new user account, essential for managing user access.
3. usermod – Modify a user account, useful for changing account properties.
4. userdel – Delete a user account, important for managing system access.
5. groupadd – Add a new group, crucial for managing group permissions.
6. groupmod – Modify a group, allows changing group attributes.
7. groupdel – Delete a group, used for removing group access.
8. chown – Change file owner and group, vital for managing file permissions.
9. chmod – Change file access permissions, key for securing system files.
10. chgrp – Change group ownership, important for managing group file access.
11. passwd – Update a user’s password, critical for account security.
12. adduser – Add a user account (more interactive than useradd).
13. deluser – Delete a user account (more user-friendly than userdel).
14. visudo – Edit the sudoers file, crucial for configuring sudo privileges.
15. systemctl – Control and manage systemd units, essential for managing services.
# 1. Start a service immediately
systemctl start serviceName.service
# 2. Stop a service immediately
systemctl stop serviceName.service
# 3. Restart a service
systemctl restart serviceName.service
# 4. Show the status of a service
systemctl status serviceName.service
# 5. Enable a service to start on boot
systemctl enable serviceName.service
# 6. Disable a service from starting on boot
systemctl disable serviceName.service
# 7. Check whether a service is enabled
systemctl is-enabled serviceName.service
# 8. Reload the service configuration without interrupting operations
systemctl reload serviceName.service
# 9. View all running services
systemctl list-units --type=service --state=running
# 10. Mask a service to prevent it from being started, manually or automatically
systemctl mask serviceName.service
16. journalctl – Query and display messages from the journal, used for system logging.
# 1. Display all log messages
journalctl
# 2. Display log messages from the current boot
journalctl -b
# 3. Display log messages from a previous boot
journalctl -b -1
# 4. Follow the journal live (similar to tail -f)
journalctl -f
# 5. Show kernel messages (similar to dmesg)
journalctl -k
# 6. Filter log messages by a specific unit
journalctl -u nginx.service
# 7. Filter log messages by priority (0=emerg to 7=debug)
journalctl -p err
# 8. Show log messages in a specific time range
journalctl --since "2023-01-01" --until "2023-01-02"
# 9. Show log messages for a specific process ID
journalctl _PID=1234
# 10. Combine filters, e.g., show error messages for a specific unit since yesterday
journalctl -u apache2.service -p err --since yesterday
17. top – Display task manager, important for monitoring system performance.
# Note: Most examples are intended to be used within top's interactive mode
# 1. Start top with a specific delay between updates in seconds
top -d 5
# 2. Display top for a specific user's processes
top -u username18. htop – Interactive process viewer, an enhanced alternative to top.
19. df – Report file system disk space usage, crucial for monitoring disk usage.
20. du – Estimate file space usage, useful for managing disk space.
21. free – Display memory usage, important for memory management.
22. vmstat – Report virtual memory statistics, helpful for performance monitoring.
# 1. Basic usage - Display virtual memory statistics
vmstat
# 2. Display vmstat output with a specific interval and count
# This will display the report every 2 seconds, 5 times
vmstat 2 5
# 3. Show memory statistics in megabytes
vmstat -S M
# 4. Display additional information including slab info
vmstat -m
# 5. Display disk statistics
vmstat -d
# 6. Display partition statistics
vmstat -p /dev/sda1
# 7. Display event counter statistics
vmstat -s
# 8. Show CPU activity as an average since the last reboot
vmstat -a
# 9. Include timestamps in the output
vmstat -t
# 10. Display statistics with a delay and include timestamp
# This will show the report every 3 seconds with the timestamp included
vmstat 3 -t
23. iostat – Monitor system input/output device loading, used for diagnosing performance issues.
# 1. Basic usage - Display the CPU and device utilization report
iostat
# 2. Display the report at 2-second intervals
iostat 2
# 3. Display the extended statistics with more details
iostat -x
# 4. Display disk utilization report every 2 seconds, 3 times
iostat 2 3
# 5. Show only CPU statistics
iostat -c
# 6. Show only device utilization statistics
iostat -d
# 7. Display statistics in megabytes per second
iostat -m
# 8. Show extended statistics with device utilization, refreshing every 5 seconds indefinitely
iostat -dx 5
# 9. Display statistics for a specific device (e.g., sda)
iostat -d sda
# 10. Display persistent device names and extended statistics
iostat -Nx
24. netstat – Display network connections, routing tables, interface statistics, masquerade connections, and multicast memberships.
# 1. List all ports (both listening and non-listening ports)
netstat -a
# 2. List all listening ports
netstat -l
# 3. Display TCP connections
netstat -t
# 4. Display UDP connections
netstat -u
# 5. Show statistics by protocol (e.g., TCP, UDP)
netstat -s
# 6. Display listening TCP ports with numeric addresses and don't resolve names
netstat -lnt
# 7. Display listening UDP ports with numeric addresses and don't resolve names
netstat -lnu
# 8. Show the routing table
netstat -r
# 9. Display all sockets, including listening and non-listening, without resolving names
netstat -an
# 10. Show which process is using a particular port
netstat -tulnp
25. ss – Another utility to investigate sockets, replaces netstat.
26. ip – Show / manipulate routing, devices, policy routing and tunnels, central for network configuration.
27. ifconfig – Configure a network interface, traditionally used before ip.
28. iptables – Administer IPv4 packet filtering and NAT, key for firewall management.
# 1. List all current iptables rules
iptables -L
# 2. Block traffic from a specific IP address
iptables -A INPUT -s 192.168.1.100 -j DROP
# 3. Allow SSH access from a specific IP address
iptables -A INPUT -p tcp -s 192.168.1.100 --dport 22 -j ACCEPT
# 4. Reject all incoming traffic but allow outgoing traffic
iptables -P INPUT REJECT
iptables -P OUTPUT ACCEPT
# 5. Allow traffic to a specific port (e.g., HTTP port 80)
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
# 6. Delete all rules in a specific chain (e.g., INPUT chain)
iptables -F INPUT
# 7. Block all traffic from a specific subnet
iptables -A INPUT -s 192.168.1.0/24 -j DROP
# 8. Allow all incoming traffic on a specific interface (e.g., eth0)
iptables -A INPUT -i eth0 -j ACCEPT
# 9. Log dropped packets
iptables -A INPUT -m limit --limit 5/min -j LOG --log-prefix "iptables dropped: " --log-level 7
# 10. Save iptables rules to be loaded on boot
iptables-save > /etc/iptables/rules.v4
29. firewalld – Dynamically manage firewall with support for network zones.
# 1. Start firewalld
sudo systemctl start firewalld
# 2. Enable firewalld to start at boot
sudo systemctl enable firewalld
# 3. Check the status of firewalld
sudo systemctl status firewalld
# 4. Reload firewalld rules without losing state
sudo firewall-cmd --reload
# 5. List all active zones
sudo firewall-cmd --get-active-zones
# 6. Set the default zone
sudo firewall-cmd --set-default-zone=public
# 7. Add a service to the default zone permanently
sudo firewall-cmd --permanent --add-service=http
# 8. Open a port in the default zone permanently
sudo firewall-cmd --permanent --add-port=8080/tcp
# 9. Remove a service from the default zone permanently
sudo firewall-cmd --permanent --remove-service=http
# 10. List all rules in the default zone
sudo firewall-cmd --list-all
30. nftables – Modern replacement for iptables, ip6tables, arptables, and ebtables.
31. crontab – Schedule periodic background jobs, essential for automating tasks.
32. rsync – Fast, versatile file copying tool, important for backups and synchronization.
33. tar – Archive utility, used for packing and unpacking archive files.
34. gzip / bzip2 – Compress or expand files, crucial for managing file sizes.
35. unzip / zip – Compress and decompress files in zip format.
36. mount – Mount a filesystem, important for attaching storage devices.
37. umount – Unmount file systems, counterpart to mount.
38. fsck – Check and repair a Linux filesystem, crucial for filesystem maintenance.
39. lvm – Logical Volume Manager, essential for managing disk storage.
40. ssh – Secure Shell, a protocol for secure remote login and other secure network services.
41. scp – Secure copy (remote file copy program), used for secure file transfer.
42. sftp – Secure File Transfer Program, another secure file transfer utility.
43. wget – Non-interactive network downloader, used for downloading files from the web.
44. curl – Tool to transfer data from or to a server, supports various protocols.
# 1. Download a file
curl -O http://example.com/file.txt
# 2. Save the downloaded file with a specific filename
curl -o newfilename.txt http://example.com/file.txt
# 3. Use curl with a user agent
curl -A "Mozilla/5.0" http://example.com
# 4. Send a GET request
curl -X GET http://example.com
# 5. Send a POST request with data
curl -X POST -d "data=example" http://example.com/post
# 6. Send a POST request with a file
curl -X POST -F "file=@localfile.txt" http://example.com/upload
# 7. Pass a header to the HTTP request
curl -H "X-Custom-Header: value" http://example.com
# 8. Follow HTTP redirects
curl -L http://example.com
# 9. Perform a basic HTTP authentication
curl -u username:password http://example.com
# 10. Use verbose mode to see request/response details
curl -v http://example.com
# 11. Make a request to an HTTPS site that has a self-signed cert
curl -k https://example.com
# 12. Resume a previous file transfer
curl -C - -O http://example.com/bigfile.zip
# 13. Limit the bandwidth for file download
curl --limit-rate 100K -O http://example.com/bigfile.zip
# 14. Use a proxy for the HTTP request
curl -x http://proxy-server:port http://example.com
# 15. Get the HTTP headers of a URL
curl -I http://example.com
# 16. Use cookies with your request
curl -b "name=value" http://example.com
# 17. Store server's response cookies into a file
curl -c cookies.txt http://example.com
# 18. Send a custom request method
curl -X PUT http://example.com
# 19. Use IPv6 for the request
curl -6 http://example.com
# 20. Include both request headers and response in the output
curl -i http://example.com
Mentor for DevOps - DevSecOps - SRE - Cloud - Container & Micorservices at Software AG
Join my following certification courses...
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
- DevOps Certified Professionals (DCP)
- Site Reliability Engineering Certified Professionals (SRECP)
- Master in DevOps Engineering (MDE)
- DevSecOps Certified Professionals (DSOCP)
URL - https://www.devopsschool.com/certification/
My Linkedin - https://www.linkedin.com/in/rajeshkumarin
Latest posts by Rajesh Kumar (see all)
- Apache Lucene Query Example - April 8, 2024
- Google Cloud: Step by Step Tutorials for setting up Multi-cluster Ingress (MCI) - April 7, 2024
- What is Multi-cluster Ingress (MCI) - April 7, 2024
