Shell Commands

I like to jot down the things I learn as I go along; it helps me to remember. I’ve reproduced this list of useful shell commands which will hopefully grow over time, to represent those I have encountered. I figure if I write them here, they might be of use to others too.

acpi

acpi is a system power management tool

OPTIONS
-b #display battery info
-a #display ac adapter info
-t #thermal info
-c #display cooling device info
-s #show non-operational devices
-f show temp in fahrenheit not celsius
-l #additional details eg battery capacity and thermal trip point

alias

#enter in command line
alias
#prints a list of current command aliases
alias mycommand='command'
#creates an alias mycommand, which when entered will run command
alias grep='grep --color=auto'
#when running grep, command will automatically highlight output

#the unalias command unsets an alias
#running a command preceded by \ ignores aliasing

apt-cache

operates on the apt cache, updated with apt-get

apt-cache search noobot server
#searches packages in the cache for the noobot and server keywords

apt-cache depends noobot
#lists the dependencies for the noobot package

apt-cache show noobot
#displays detailed status information on package noobot

apt-get

Debian package manager which automatically resolves dependencies

apt-get update
#updates cache of available packages

apt-get install noobot
#installs the noobot package or upgrades it if already installed

apt-get --only-upgrade install noobot
#only upgrades noobot package if already installed

apt-get upgrade
#upgrades all packages on the system. run apt-get update first.

apt-get remove noobot
#removes noobot package but keeps configuration files

apt-get purge noobot
#removes noobot package completely from system

ascii

Displays ascii character set

at

Command to schedule one off jobs. Must be installed, and the atd service must be running.

at TIME
#opens an at> prompt for entry of command. Scheduling is confirmed with Ctrl-D

TIME is in the format:
midnight
noon
tomorrow #adds +24 hrs to current time
next week #adds 7 days to current time
1730 #specified time in 24hr clock format
5:30 PM June 27 #specified 12hr clock time and date
now + 2 hours
now + 5 days

at -f noobot.txt tomorrow
#reads command to be executed from a file and schedules for 24hrs from now
at -mf noobot.txt tomorrow
#mails user once job is complete

atd

configure at and batch commands

atd -l
#allows setting of load threshold for batch

atq

Displays list of jobs scheduled using the at command. If run as root, displays all user scheduled jobs.

Jobs are listed with fields containing:
Job Number
Date
Time
Queue
User

atrm

Removes jobs scheduled using at command

atrm 2
#removes job number 2

batch

Command for scheduling jobs according to system load. By default this is below 0.8 (80% of CPU usage)

batch
#opens at> prompt for the command input that will be executed

batch -f mrnoobot
#executes commands from file once threshold is passed

blkid

display UUID, TYPE and LABEL of a device, required for mounting in /etc/stab

blkid /dev/sdb1

cal

cal 
#calendar command
cal 2020 
#prints a calendar of the year 2020

chage

Modifying password aging settings for existing accounts. To amend defaults use the /etc/login.defs file

chage -M 30 mrnoobot
#force mrnoobot to change password every 30 days

chage -m 5 mrnoobot
#force mrnoobot to wait 5 days after password change before password can be changed again

chage -W 3 mrnoobot
#gives mrnoobot a warning message 3 days before password expiry

chage -I 5 mrnoobot
#gives mrnoobot a 5 day grace period after password expiry before account is rendered inactive (requiring admin intervention)

chage -E '2025-12-25' mrnoobot
#set mr noobot password to expire on a specific date

chage -l mrnoobot
#list password policy for mrnoobot

chfn

changes the comment field in the users /etc/passwd entry

chgrp – change group

the chgrp command changes the group owner of a file and requires either owner or admin privileges.

(sudo) chgrp noobgrp noobfile.txt
#changes the group owner of noobfile.txt to noobgrp

chkconfig

view service status by runlevel

chkconfig --list
#lists all services and their status at the 7 runlevels

chkconfig --list httpd
#list httpd service and its status at the 7 runlevels

chkconfig httpd on
#sets httpd to ON for runlevel 2-5 inclusive and OFF for 0,1,6

chkconfig --level 34 httpd on
#sets httpd to ON on runlevels 3 and 4

chkconfig --level 012 httpd off
#sets httpd to OFF on runlevels 0, 1 and 2

chkconfig --add httpd
#where httpd is a new service, must be run before using chkconfig options (normally done automatically on install)

chkconfig --delete httpd
#removes all links for httpd service (normally done automatically on uninstall)

chmod – change modes of access

chmod is used to amend file permissions

SYMBOLIC SYNTAX (single file)
chmod
u #user owner
g #group owner
o #others
a #all
+ #add permission
= #specify permission
- #remove permission
r #read permission
w #write permission
x #execute permission
s COMMAND #set executable to run as user/group owner instead of user running command - NOTE file must have execute permissions in advance
s DIRECTORY #set any new files/directories created inside the directory to be owned by the directory group owner
t DIRECTORY #set STICKY bit on directory - files inside can only be removed by user owner or root


chmod a+x noobfile
#ADDS execute permissions to all users for noobfile

chmod u=rw,g=rw,o=r noobfile
#SPECIFIES rw user, rw group and r others permissions to noobfile

chmod ug+x, o-r noobfile
#ADDS rw permissions for user & group, removes read permissions for others

OCTAL SYNTAX
chmod 777 noobfile
#specifies full permissions to user, group and others

7 - rwx
6 - rw-
5 - r-x
4 - r--
3 - -wx
2 - -w-
1 - --x
0 - ---
4000 - set USER special (s) on executable
2000 - set GROUP special on executable or directory
1000 - set sticky bit (t) on directory

chown – change owner

changes ownership of file. Typically requires admin privilege

(sudo) chown root noobfile
#changes user owner of noobfile to root

chronyc

tool to administer the chronyd time service (alternative to Network Time Protocol for use in high latency environment)

chronyc
#opens interactive chrony shell for commands

Commands:
tracking	
Displays performance statistics about the system clock

sources	
Displays the NTP sources being used for chronyd

activity	
Displays the status of NTP sources

settime <TIME>	
Manually set the time used for chronyd. The format for settime can be:

hh:mm

hh:mm:ss

Month Day, YYYY hh:mm:ss

Using a command above as an argument to chronyc runs it without interactive mode

crontab

Command that allows user to schedule jobs

crontab -e
#opens current user crontab file or generates template for editing

crontab -l
#displays current user crontab

crontab -r 
#remove all current crontab entries

crontab -u mrnoobot -e
#root only - allows editing of another user crontab

date

date
displays the time and date

date -s "07/07/2020 9:20:00"
#set system date to a specific time/date

date "+%m/%d/%y"
#display month, day, year of system date

Format strings:
%d	Day of month (e.g., 30)
%H	Hour (0-23)
%I	Hour (1-12)
%m	Month (1-12)
%M	Minute (0-59)
%S	Seconds (0-60)
%T	Time (%H:%M:%S)
%u	Day of week (1-7, 1=Monday)
%Y	Year
%F	Full date; same as %Y-%m-%d

touch noobot_`date +%F`
#create file appended with current system date in filename

dd

can be used to create files of specific size - one use is creation of swapfiles (see mkswap)

dd if=/dev/zero of=/var/noobswap bs=1M count=500
#creates a file called noobswap, filled with zeros, comprising 500 blocks of 1MB in size (500MB total)

declare

declare -x
#displays values of all environment variables
declare -x VARIABLE=value
#declare and export VARIABLE containing value
declare -f
#displays all functions available in current shell

df

df displays information about drives on the Linux machine

df -h
#displays list of currently employed drives, size, free space and mount point

df -hT
#as above but include filesystem type

df -i
#display used and available inodes

dig

performs DNS lookups using /etc/resolv.conf file

dig noobot.com
#simple hostname lookup

dig +trace noobot.com
#show name servers along entire route

dig -x 192.168.1.1
#reverse lookup on IP address

-f noobfile #perform lookups from a file
-p PORT #query port other than default DNS
-4 #use IPv4
-6 #use IPv6

dmesg

displays the kernel ring buffer. Useful for fault finding, for example with disk mount problems

dnf

upgrade of the yum package manager with better dependency resolution

dnf list --available
#list available packages

dnf install PACKAGE
#install package

dnf list --installed
#show installed packages

dpkg

Debian package manager - does not handle dependency resolution

dpkg -i noobot.deb
#install the noobot package

dpkg -r noobot.deb
#remove noobot package but leave configuration files

dpkg -P noobot.deb
#completely purge noobot.deb from system

dpkg -l 
#list currently installed packages

dpkg -l '*noobot*'
#list all packages with noobot in the name

dpkg -L noobot
#list files contained in the package noobot

dpkg -S /usr/bin/noobot
#display package that provided noobot file

dpkg -s noobot.deb
#displays status, size, maintaining authority, dependencies and description of noobot.deb package

dpkg-reconfigure

used to reconfigure packages following install

dpkg-reconfigure tzdata
#reconfigures timezone

du

directory usage (recursive by default)

du /home | sort -n | tail -10
#sorts the directory sizes ascending then displays the 10 largest

du -sh /bin /usr/bin
#summary human readable for specified directories

du --exclude=noobot --max-depth=1 Documents
#display directory usage up to one level below Documents but exclude directory noobot

echo

echo <something>
#display something eg
echo $PATH
#display the value of the PATH variable

env

env
#displays values of all environment variables
env TX=GMT date
#runs command date with temporary variable (timezone set to GMT)

ethtool

Tool to display network interface information; commonly used with grep/head/tail to focus output

ethtool -i eth0
#display driver information for eth0

ethtool eth0 | grep Speed
#display speed of eth0

export

export VARIABLE=value
#create an environment variable containing value
export -p
#display values of all environment variables

fdisk

fixed disk management tool - creates and lists partitions

fdisk -l /dev/sda
#list partitions on the sda disk

fdisk -cul
#list all partitions on all devices in sectors in DOS compatible mode

fdisk -cu /dev/sda
#enter interactive mode on the sda disk (engages prompt)

COMMANDS
m #lists available commands
p #display current partition info
n #create new partition
d #delete partition
t #change file system type
w #WRITE CHANGES (NOT REVERSIBLE)
q #quit without saving

finger

displays information about the user from the comment field of /etc/passwd along with home directory and shell paths

finger user
#displays info about user

fsck

file system integrity check

can be set to auto on boot by typing following as root user:

touch /forcefsck 

Otherwise must be used on unmounted devices

fsck -f /dev/sdb1
#forces file system check on unmounted device

fsck -b 5575 /dev/sdb1
#file system check pointing to backup superblock if custom

ftp

Used for file transfer protocol operations

ftp 127.0.0.1
#connect to ftp service on 127.0.0.1 and launch ftp> prompt

ftp> lcd
#change local working directory while connected to ftp

ftp> !ifconfig
#run command on the local machine while connected to ftp

ftp> bin
#set file transfer mode to binary (use for non text files)

ftp> get noobfile
#download file from ftp server

ftp> put noobfile
#upload file to ftp server

ftp> mget *.txt
#get multiple files (in this case all txt files)

ftp> quit
#close the connection to the ftp server

fuser

can be used to display processes holding a location open

fuser -v /mnt
#displays users currently using /mnt, the process, PID and purpose

PURPOSES
c #using mount point or subdirectory as current working directory
e #executable that resides in the mount point
f #process has open file from mount point
F #process has open file from mount point and is writing to it
r #process is using mount point as root directory
m #process is mmaped file or shared library

fuser -k /mnt
#terminate all processes using /mnt

fuser -l
#list available signals

fuser -k -KILL /mnt
#kills processes using /mnt

gdisk

GPT disk manager

gdisk /dev/sda1
#list partition information and enter command mode

COMMANDS
? #list commands
n #create new partition
p #display partition table information
v #verify partition
o #create new empty partition
w #WRITE CHANGES (NOT REVERSIBLE)
q #quit without saving

getent (get entries)

Can be used to query admin 'database' files such as /etc/passwd, /etc/shadow, /etc/group

getent group noobgroup
#displays line from /etc/group regarding group noobgroup

getent passwd mrnoobot
#displays line from /etc/passwd regarding user mrnoobot

gpasswd

Administers groups

gpasswd -A mrnoobot mrnoobot
#makes mrnoobot user an admin of the mrnoobot user private group

gpasswd -a mrsnoobot mrnoobot
#makes mrsnoobot a member of the mrnoobot user private group

gpasswd noobgroup
#set password for noobgroup

gpasswd -r noobgroup
#remove noobgroup password

groupadd

Create new group

groupadd noobgroup
#creates the new group noobgroup using next GID

groupadd noobgroup -g 999
#creates new group noobgroup with GID 999

groupdel

deletes a group. Note: files/folders owned by this group should be located using the find command and deleted or modified before deleting the group. In addition, all users who treat this group as primary must be deleted or modified prior to running the command. 

groupdel noobgroup
#deletes noobgroup from /etc/group and /etc/gshadow

groupmod

modify group information in the /etc/group file

groupmod noobgroup -g 999
#change GID to 999 for noobgroup

groupmod noobgroup -n noobs
#change group name to noobs

groups

groups displays groups that the current user belongs to, with the first group returned being the primary group

groups
#displays group info for current user

groups mrnoobot
#displays group info for mrnoobot

grub2-install

Can be used to reinstall GRUB2

/sbin/grub2-install /dev/sda

use update-grub on Ubuntu to push through the changes. 

grub-install

install legacy GRUB bootloader

grub-install '(hd0)'
#install grub legacy bootloader on the first disk in the system

grub-md5-crypt

Generates md5 hash of a password to be used by the GRUB bootloader

grub-mkconfig/grub2-mkconfig

can be used to reconstruct a grub.conf file for a GRUB bootloader

grub-mkconfig -o /boot/grub/grub.conf
#reconstructs grub.conf file to /boot/grub

see also update-grub

halt

shut down the system - see also poweroff and shutdown

history

history
#provides list of previously typed commands
-c #clear the list
-r #read the list and replace the current history
-w #write the current history list to the history file

host

resolve IP address to hostname and vice versa

host noobot.com
#identify IP address for noobot.com

host 192.168.1.15
#identify hostname from IP address

host -t ns noobot.com
#identify DNS servers for noobot.com

hostname

Set and view system's host and domain name

hostname -s
#display shortname of host

hostname -f
#display fully qualified domain name

hostname noobot.com
#set hostname to noobot.com - NON-PERSISTENT

To achieve persistence, amend the /etc/hosts file

hostnamectl

Similar to hostname on systemd , updates /etc/hostname FILE

Hostname can be static, pretty or transient
STATIC - Set by user (see below)
PRETTY - Set by user, human readable
TRANSIENT - set by kernel, typically localhost by default

hostnamectl/hostnamectl status
#display status of the local host

hostnamectl set-hostname mrnoobot
#amend the static hostname of the local host

hwclock

Administers the hardware clock

hwclock
#display hardware clock UNIX time

hwclock --set --date "1/1/2020 08:30:45" (--utc/--localtime)
#set hardware clock to a specific time (optional: specify as UTC or local time - defaults to last setting in /etc/adjtime)

hwclock -r
#display human readable hardware clock time

hwclock -w OR hwclock --systohc
#sync hardware clock from system clock

hwclock -s OR hwclock --hctosys
#sync system clock from hardware clock (timezone retrieved from /etc/localtime)

iconv

Convert character encoding

iconv -f  ISO8859-1 -t CP437 noobot.txt > noobotconv.txt

#converts noobot.txt FROM ISO8859 TO CP437 and stores in noobotconv.txt

id

id displays current user group membership by UID and GIDs

ifconfig

Interface configuration

ifconfig
#display status of active interfaces

ifconfig -a
#display status of all interfaces

ifconfig eth0
#display status of specific interface

ifconfig eth0 192.168.24.11
#set IP address of interface

ifconfig eth0 netmask 255.255.255.0
#set subnet of interface

ifconfig eth0 broadcast 192.168.1.14
#set broadcast address of interface

ifconfig eth0 up/down
#set interface active/inactive

init/telinit

change the current runlevel of the system

init 5
#switch to multi-user with graphical manager

telinit 6 -t 60
#reboot in 60 seconds

ip

Network configuration command, deprecating ifconfig

ip address show
#view current configuration of interfaces (replaces ifconfig)

ip route show
#display routing table (replaces route command)

ip route add 10.0.0.0/24 dev eth0
#route local traffic through the eth0 device

ip -s address
#display current interface configuration with network statistics

ip neighbor show dev eth0
#display ARP cache for device eth0

ip link show
#display interfaces and state

ip -br link show
#summary (brief) if interfaces and state

journalctl

command to read the binary logs on a systemd system

journalctl -b
#displays messages from most recent boot
journalctl -u <systemdunit>
#display logs from specific systemd unit
journalctl -n NUMBER
#display last number of lines specified
journalctl -r
#reverse chronology (display newest first)

ADDITIONAL ARGUMENTS
--rotate
#rotate journals immediately
--vacuum-time=TIME
#delete journal entries older than TIME
--vacuum-size=SIZE
#delete oldest journal entries until journal is SIZE

DISABLED JOURNALING IS POTENTIAL INDICATOR OF COMPROMISE

ldconfig

update library directory cache following addition or change to conf file in the /etc/ld.so.conf.d directory

ldconfig -p
#display name and path of all libraries in the cache

ldconfig -v
#display library directories and their contents

ldd

display library info for a command

ldd noobot
#displays the library files (and their paths) required by noobot

ln -link

ln create a link to a target file

ln -s TARGET LINK_NAME
#creates a SYMBOLIC link called LINK_NAME to the TARGET file

Soft links DO NOT increase link count

ln TARGET LINK_NAME
#creates a HARD link (shared inode) called LINK_NAME to TARGET file

locale

locale
#displays all information regarding current locale

locale -c LC_NAME
#displays information relating to a specific locale category

locale -k LC_NAME
#displays information relating to a specific locale keyword

locale -a
#displays available locales

Default locale can be changed by editing locale files:

/etc/default/locale (Debian-based systems)
/etc/sysconfig/i18n (Red Hat-based systems)

The LANG variable should be changed to desired available locale.

User locale can be amended by exporting the desired LANG variable in the ~/.bashrc or ~/.profile files.

Using LANG=C before a command will temporarily use only basic ASCII characters, thereby effectively disabling locale and defaulting to English error message generation. This can also be achieved by exporting LANG=C for an effect that will persist for current shell.

locale charmap
#displays current character mapping

locale -m
#displays available character maps

logger

Command used to test /etc/rsyslog.conf settings

Arguments:
-i #log the process ID
-s #log message to stderr and system log
-f noobfile #use the message from the specified file
-p SELECTOR #use a selector, eg mail.info
-t TAG #mark the message line in the log with a TAG

eg
logger -t TEST -p mail.err 'Testing mail.err entry'
#if mail.err logs are directed to a sepcific file, that file will now have entry:
DATE localhost TEST: Testing mail.err entry

ls

ls
#list command
ls /var/www
#list visible files and directories in the /var/www directory
ls -l
#long display format
ls -r
#reverse alphabetical order
ls -w
#specify width of output display
ls -a
#list all files/directories including hidden
ls --sort=time
#sort files by modified time
ls -i noobfile
#display the inode number of noobfile

lsblk

list block devices and mount points

lsblk -a 
#list all

lsblk -f
#show available filesystems

lscpu

lscpu lists details about the Central Processing Unit (CPU)

lshal

maintains a list of devices connected in the hardware abstraction layer and their attributes

best deployed with grep. hal deprecated since 2011 replaced by udev/systemd

lshw

list hardware

lshw -c network | grep veth
#search for veth in network devices

lsmod

displays info about currently loaded kernel modules

Lists Module, Size, Number of Dependants, Dependants

lsmod | grep module

lsof

list open files command. This can run into large numbers and therefore best used with a grep pipe

lsof | grep /mnt
#lists files located in /mnt that are open

lspci

lspci lists devices connected to the PCI bus
-v verbose
-s specify vendor/device code (to limit output)
-nn list devices with device codes

lsusb

lsusb lists devices connected to the USB (Universal Serial Bus)
-v verbose
-d specify device code (to limit output)
see also usb-devices

lvcreate

stage 3 of logical volume management (LVM)

lvcreate -L 500M -n noobot1 vol1
#create a 500MB logical volume named noobot1 within volume group vol1

See also pvcreate (stage 1) and vgcreate (stage 2)

mail

Administer mail - opens the mailbox and prompts for further action

list #lists mail commands
n #read next message (or Enter)
h #display header information for all messages
q #quit mail preserving unread messages
x #exit mail preserving all messages
r [message no.] #reply to current message or [message no.]
p #print message again
d [message no.] #delete current or specified message

mail -f noobfile
#processes noobfile as a mailbox

mail -n
#do not run /etc/mail.rc on startup

mail mrnoobot
#compose mail to mrnoobot (end with CTRL+D)

mailq

Display status of the mail queue

mailq -q
#resend messages in mail queue

Status:

QueueID #ID suffixed with * or !; * indicates queued, ! indicates failed

Size #Message size

Arrival Time #Time message was queued

Sender/Recipients #Users pending delivery of the message

mailq equates to sendmail -bp for users of sendmail

man

man <command>
#opens the manual for the command
return or Enter #go down one line
Space #go down one page
/<something> #search for something
1G #go to beginning of page
G #go to end of page
h #help
q #quit

man -f <string>
#displays manual titles that match or partially match string

man -k <keyword>
#displays titles matched by keyword

md5sum

generate an md5 hash of a specific file. The output can be saved and used to integrity test that file at a later date

md5sum noobot.txt > noobot.md5
#stores the computed md5 hash and filename in noobot.md5

md5sum -c noobot.md5
#reads the hash and filename from noobot.md5 and checks against the file itself

See also sha256sum, sha512sum

mkdosfs

command used to make a dos filesystem directly. Default options can be invoked by using the mkfs wrapper command.

mke2fs

command used to make ext filesystems directly

mke2fs OPTION DEVICE

OPTIONS
-b #define block size (larger for large databases)
-N #define number of inodes (low for small numbers of large files)
-m #define space reserved for system use
-I #define inode size
-i #define bytes/inode ratio (average file size)
-n #display backup superblocks

mkfs

make file system command. This is a wrapper - ie a command that runs other commands. In order to use full functionality of those commands they should be run directly

mkfs -t ext4 /dev/sdb1
#create an ext4 filesystem in the sdb1 partition

wrapped commands include mkdosfs and mke2fs

mkisofs

tool used to create an ISO 9660 filesystem (CDROM). This command is NOT wrapped in mkfs

mkswap

convert a suitable partition created in fdisk to a swap partition, or a suitable file to a swap file

mkswap /dev/sdb1
#define a swap partition
mkswap /var/noobswap
#define a swapfile

See also swapon, dd

mkudffs

tool used to create UDF filesystem (DVD). This command is NOT wrapped in mkfs

modinfo

display information about a kernel module

modinfo <MODULE>

modprobe

modprobe -l
# display list of all available kernel modules

modprobe <MODULE>
#load module and those it depends upon

modprobe -r <MODULE>
#remove a module and those it depends upon from memory

mount

command to mount devices into defined paths

mount
#display existing device/network loc/pseudo filesystem, mount points and filesystems

mount /dev/sdb1 /mnt
#mount partition sdb1 in /mnt - autodetect filesystem

mount -t iso9660 /dev/sdd0 /media
#mount sdd0 in /media, specify ISO9660 filesystem (DVD)

mount /dev/sdb2 /mnt -o ro
#mount sdb2 in /mnt as READ ONLY

mount /home
#mount to /home according to configuration in /etc/fstab

mount /home -o remount, ro
#remount to /home according to /etc/fstab with read only option (NON PERSISTENT)

mount -o remount /home
#push through changes made to /etc/fstab on a live mount

mount -o loop noobot.iso /noobot
#mount an iso or img file in noobot

See also: umount, /etc/fstab

netcat (nc)

Used to monitor and debug network connections, as well as many pen test uses

nc -z -v 192.168.1.15 20-35
#verbose connectionless scan of open ports 20-35 on 192.168.1.15

nc -l 1234
#listen on port 1234

nc 192.168.1.15 1234
#connect to host listening on port 1234

netstat

Being deprecated to ip and ss commands; network status tool

netstat
#display status of all ports
netstat -s
#provide summary of network activity by protocol
netstat -l
#display status of listening ports
netstat -r
#display routing table
netstat -i
#display interface status
netstat -ic
#display 1 sec interval updated interface information
netstat -tln
#display (l)istening (t)cp connections by (n)umber
#netstat -tl
#display listening tcp connections by name

newaliases

updates the binary /etc/mail/aliases.db from the /etc/mail/aliases file for sendmail systems - must be run after amending aliases file.

newaliases equates to sendmail -bi command

newgrp – new group

rather than creating a group as the name might imply, allows the user to switch PRIMARY group to another group that they belong to. Any files and directories subsequently created will have group ownership of that group.

newgrp noobgrp
#following this command, primary group for this user is noobgrp. ALl new files and directories created will be owned by noobgrp.

this will spawn as a new shell. Typing exit will return to the original PRIMARY group.

nmcli

Network manager client

nmcli d wifi list
#list available wifi networks

nmcli d wifi connect noobot_guest password 9999
#connect to SSID noobot_guest using password 9999

ntpd

network time protocol daemon

ntpd -q
#set system time/date using NTP

ntpdate

deprecated by ntpd - network time protocol tool for setting system time/date using ntp

ntpdate -q <server>
#query if time server is available

ntpdate <server>
#set system time date according to time server

ntpq

network time protocol query tool

ntpq -pn
#print server peer summary

Includes
remote #server being queried
refid #server IP address
s #stratum (ie network hops from most accurate clock)
t #type (unicast, broadcast)
when #seconds since last poll

ntptrace

network time protocol command to trace chain of NTP servers; useful for debugging time sync problems

parted

non-destructive partition management tool

parted --help
#list options

parted <DEVICE> <OPTION>

parted /dev/sda print
#display existing partition information on device

parted /dev/sda mklabel msdos
#create partition table

parted /dev/sda mkpart primary 0% 50%
#make a primary partition starting at 0 and ending at 50% of the disk space

parted /dev/sda
#enter interactive mode (prompted)

COMMANDS
h #list commands

passwd

step 2 in account creation after useradd; sets or changes an account password

passwd
#prompts to change currently logged in account password

passwd mrnoobot
#prompts to set a password on new account or change existing one

passwd -e mrnoobot
#causes password expiry

passwd -S mrnoobot
#displays password status of mrnoobot, with reference to /etc/paswd

username passwordstatus lastchg min max warn inactive
passwordstatus #P/L/NP = Usable, Locked, No Password

passwd -l mrnoobot
#lock user account mrnoobot
passwd -u mrnoobot
#unlock user account mrnoobot
#can also be locked/unlocked by prefixing/removing ! from the password in /etc/shadow

passwd -d mrnoobot
#removes all password requirements for mrnoobot (ie no password)

ping

Packet internet groper - network connectivity tool

ping -c 5 192.168.1.15
#ping host for a count of 5 times
-s #specify packet size
-t #specify Time To Live count
-w #specify timeout in seconds

ping6

As ping but uses IPv6

ping6 ipv6.mrnoobot.com
#ping mrnoobot.com using ipv6

poweroff

shutdown the system - see also halt and shutdown

pvcreate

first stage in logical volume management (LVM)

pvcreate /dev/sdb
#inserts a header onto the device creating a physical volume

See stage 2 of LVM, vgcreate and stage 3 lvcreate

pwd

pwd
#prints the current working directory

resolvectl

Resolves domain names

resolvectl query noobot.com
#display IP address for noobot.com

route

Display network routing table

rpm

redhat package manager (distribution specific)

rpm -qi bash
#query(q) basic information (i) about bash, an installed package

rpm -pqi noobot.123.456.src.rpm
#query info on file noobot.RELEASE.VERSION.SOURCE.rpm an uninstalled package

OPTIONS
-a #list all installed packages
-c #list config files associated with package
-d #list documentation files associated with package
-i #display package info
-K #check package integrity
-l #list all files in package
--provides #list capabilities of package
-R #list capabilities required by package (dependencies)
--scripts #show scripts used before and after install
-s #display status - normal, not installed or replaced
-U #install OR update an installed package
-F #freshen (update) package only if installed
--force #used with -i to force a reinstall

rpm --import /etc/pki/rpm-gpg/*
#import package public keys to rpm database from default location (used with -K option for integrity checking)

rpm -i PACKAGE1 PACKAGE2 PACKAGE3
#installs multiple packages simultaneously (provide for circular dependencies)

rpm -e PACKAGE1 PACKAGE2 PACKAGE3
#erase multiple packages simultaneously (provide for circular dependencies)

See also: yum which automatically resolves dependencies

rpm2cpio

converts rpm to a cpio that can be piped into the archiving tool cpio. 

This allows for extraction of single files from the package.

See also: cpio in the Archiving section

runlevel

displays the current runlevel - the systemd target equivalents are also listed below

0 #shutdown the system - poweroff.target
1 #single user mode (admin) - rescue.target
2 #multi-user mode no network - multi-user.target
3 #normal startup - multi-user.target
4 #user definable - multi-user.target
5 #normal start with graphical display manager - graphical.target
6 #restart the system - reboot.target

runlevel
#displays previous and current runlevels in that order
N denotes no previous runlevel (ie machine has booted directly into current runlevel)

sendmail

command for delivery of preformatted messages

OPTIONS

-B type #set message body type eg 7BIT 8BITMIME
-bd #background process as daemon
-bD #foreground process
-bi #initialise alias database from /etc/mail/aliases.db
-bp #list mail queue
-bv #verify address without sending message
-C noobfile #use specified file as config file
-R return #full/hdrs return full message/headers only on bounce
-t #Scan for To: Bcc: and Cc: recipients

sendmail mrnoobot@localhost
#send mail to user on local machine; end of file indicated by . (PERIOD) on new line and Enter

sendmail -t -i < noobot.msg1
#scan noobot file for lines To:, Bcc:, Cc:, gather recipients and send

service

used for the management of system services

service httpd start
#starts web server

See also Useful Files & Folders: /etc/rc.d/init.d

start #start service if not running
stop #stop service if running
restart #stop and then start service again
condrestart/try-restart #restart service if it is running
reload #reloads configuration for service without restarting
status #shows status of service and PID if running
fullstatus #for Apache displays url /server-status
graceful #restarts Apache web server without aborting open connections
help #help page
configtest #checks syntax in modified config files

set

set | tail
#set displays values of all variables - used with tail here to shorten ouput

set -o nounset
#throws error if attempting to reference an unset variable

set +o nounset 
#allows referencing of unset variables 

sfdisk

scripting fixed disk management tool

sfdisk -s
#list disks and sizes

sfdisk -d /dev/sda > sda.disk
#backup current partition table to sda.disk

sfdisk -f /dev/sda < sda.disk
#restore partition table from sda.disk

sha256sum

generate a sha256 hash of a specific file. The output can be saved and used to integrity test that file at a later date

sha256sum noobot.txt > noobot.sha256
#stores the computed sha256 hash and filename in noobot.sha256

sha256sum -c noobot.sha256
#reads the hash and filename from noobot.sha256 and checks against the file itself

See also md5sum, sha512sum

sha512sum

generate a sha512 hash of a specific file. The output can be saved and used to integrity test that file at a later date

sha512sum noobot.txt > noobot.sha512
#stores the computed sha512 hash and filename in noobot.sha512

sha512sum -c noobot.sha512
#reads the hash and filename from noobot.sha512 and checks against the file itself

See also md5sum, sha256sum

shutdown

unlike halt and poweroff which shut the system down immediately, shutdown requires options

shutdown now OR HH:MM OR +M
#shuts down immediately OR after HHs MMs OR after M minutes

shutdown now 'Message'
#shuts down and broadcasts message to all logged in users

shutdown
#sets machine to runlevel 1 (rescue.target)

shutdown -r
#reboots machine (runlevel 6, reboot.target)

shutdown -h
#shuts machine down (runlevel 0, poweroff.target)

sleep

creates a pause for a given number of seconds
sleep 15
#pauses for 15 seconds

source

sources a file to execute and is often aliased by the . (FULL STOP) character. Typically found in initialisation files

. /etc/bashrc
#found in ~/.bashrc, this line executes the global /etc/bashrc file

Can be used to run intialisation files that typically run on login, for customisation and testing purposes, without having to relog.

ss

socket status tool, replacing netstat

ss
#display status of all ports
ss -s
#display socket statistics
ss -lt
#display listening tcp ports

ssh

ssh management

ssh -t bob@192.168.3.100 -p 22 "uname -a"
#Prompt password for user bob using ssh on port 22 and run command uname -a

startx

launch graphical user interface (X Windows)

stat

stat displays timestamps of a file, eg:

stat Documents/noobfile

will return all timestamps for the file noobfile in the Documents directory of the current working directory.

su – switch user

su can be used to switch user (often to root)

su - USER
#switch user to USER activating login and creating new shell configured for user

swapon/swapoff

enable partition as current swap space following a mkswap command (non persistent)

swapon /dev/sdb1

swapon -a
#push through swap mount changes in /etc/fstab

swapon -s
#display current swap status

swapoff /dev/sdb6
#removes device from swap space

systemctl

can be used to switch to a different systemd target (runlevel) or manage services

systemctl isolate rescue.target 
#puts machine into single user (admin) mode

systemctl isolate graphical.target
#puts the machine into multi-user mode with graphical interface

systemctl start httpd.service
#starts the httpd service

ALTERNATIVE OPTIONS
stop #stop a service
status #show status of a service
-a/--all #show status of all services
enable #set a service/unit to start automatically
disable #stop a service/unit from starting automatically
hibernate/suspend/poweroff/reboot #set low/no power state

systemctl list-dependencies graphical.target
#displays services that a target wants, and depends upon

systemctl set-default rescue.target
#sets the default boot target to rescue mode

systemctl list-units --type=service
#lists running services

systemctl list-timers
#lists scheduled events

systemd-cat

Similar to logger for systemd systems, allows testing of journal
SYNTAX:
systemd-cat OPTIONS COMMAND ARGUMENTS

Can also pipe to systemd-cat eg
ps | tee /dev/tty1 | systemd-cat
#output of ps command will appear on console, and in the journal

systemd-nspawn

Create namespace container. Useful for mounting failed systems for fault finding. EG with non-booting system, create ISO image and mount:
mkdir /mnt/failedsys
mount /dev/vda1 /mnt/failedsys (use lsblk if device name unknown)
systemd-nspawn --directory /mnt/failedsys --boot -- --unit rescue.target
#spawns container to allow running of system commands on the failed system

systemd-run

Run a command or execute systemd service unit

systemd-run --on-active=”1h” /bin/touch /home/sysadmin/noobot
#creates a file noobot using touch 1hr from now

systemd-run --on-active=”1h” --unit=noobot.service
#runs the noobot systemd service 1hr from now

Schedules created this way will appear in the systemctl list-timers output

telnet

perform telnet networking operations

telnet noobserv1
#connect to telnet service on noobserv1

CTRL+] is the escape key sequence
logout/exit/quit

telnet localhost 25
#identify any service running on port 25 of localhost

test

checks whether an assertion is correct. Useful for command lists

test -e $HOME/bin || mkdir $HOME/bin
#tests if $HOME/bin exists, if that fails, the directory will be created

In a script:
test $# -eq 0 && search='pwd' || search = $1
#tests if an argument exists; if not sets a default value of current working directory for the local variable 'search'. Otherwise, sets it to the value of the argument. 

timedatectl

system date and time control for systemd systems

timedatectl
#displays system time information

Arguments:
set-time #sets time
set-timezone #sets timezone
list-timezones #lists timezones
timesync-status #status of sync with NTP server (network time)
set-ntp #boolean used to set NTP active

tracepath

Similar to traceroute, uses ICMP and UDP (and can therefore be useful where former is filtered) obtaining maximum transmission units along the path

tracepath mrnoobot.com
#display path information to mrnoobot.com

tracepath6 mrnoobot.com
#diaply information using IPv6

traceroute

display route to a specified host - uses ICMP

traceroute mrnoobot.com
#display route to mrnoobot.com

-T #probe using TCP SYN
-f #specify first time to live value
-m #specify max ttl value
-w #specify timeout in seconds
-6 #use IPv6 (or use traceroute6 command)

tune2fs

file system integrity tool

tune2fs -o OPTION,OPTION /dev/sdb1
#specifies default mount options for device

-c #number of mounts before full filesystem check
-i #number of days before full filesystem check
-l #list superblock info
-j #create journal file for ext2 system
-m #specify reserved root/privilege space as percentage
-o #default mount options separated by comma

type

type
#display information about a command type
type -a ls
#displays information about the command ls but also returns all locations of files containing that command

typeset

typeset -x
#displays values of all environment variables
typeset -x VARIABLE=value
#set and export VARIABLE containing value

tzselect

Used to assist change of time zone.

tzselect will prompt user for location info and return a line which should be run on CLI, eg:

TZ=’America/Los_Angeles’; export TZ

This line can also be added to ~/.bashrc or ~/.profile to make the change persistent.

Package specific versions of tzselect may also apply eg:

dpkg-reconfigure tzdata
redhat-config-date
system-config-date

To make system wide changes to timezone, create symbolic link from the timezone file to the desired timezone, eg:

ln -sf /usr/share/zoneinfo/Australia/Melbourne /etc/localtime

udevadm

udevadm monitor
#observe what happens when a device is inserted or removed

udevadm info /dev/sda
#observe udev rules for a currently attached device

ufw

UFW is a Firewall

ufw allow from 10.10.10.27 proto tcp to any port 80, 443

#allows a TCP connection to ports 80 and 443 from 10.10.10.27

umount

command to unmount devices from mount points

umount /mnt
#unmount whatever device is mounted at /mnt

umount /dev/sdb1
#unmount sdb1 from whichever point it is mounted

See also: mount

uname

uname
#display system information
-a #all
-s #kernel name
-n #network node name
-r #kernel release
-v #kernel version
-m #machine hardware name
-p #processor
-i #hardware platform
-o #operating system

unset

unset VARIABLE
#unsets a variable

update-grub

updates the GRUB configuration file with changes on Ubuntu systems

usb-devices

usb-devices displays expanded information about connected USB devices. See also lsusb

useradd

first stage in user account creation. Account will be inactive until passwd is run to create a password for the account. The default or defined settings populate the /etc/passwd file

useradd mrnoobot
#adds the user mrnoobot with default settings

useradd -D
#view user account defaults from /etc/default/useradd file

useradd -D -s /bin/bash
#sets default user shell path to /bin/bash

useradd (option, argument) mrnoobot
#adds user mrnoobot with defined account settings

-s #absolute path to login shell
-d #absolute path to home directory
-m (no argument) #creates home directory if it does not exist
-k #copy init files from path other than default /etc/skel
-g #group name or number
-N (no arg) #prevents creation of a group with same name as user (default) requiring a -g option and argument

userdel

userdel mrnoobot
#deletes the mrnoobot user

userdel -r mrnoobot
#deletes the user plus home directory and mail spool
#find other files owned on the system elsewhere with find before deleting account

userdel -f mrnoobot
#forces account deletion even if user is logged in

usermod

modifies account settings for an existing user

usermod -d /home/sales mrnoobot
#change absolute path to home dir for mrnoobot (new dir must exist and manual copy of contents must be performed seperately, this only updates /etc/passwd

usermod -L mrnoobot
usermod -U mrnoobot
#Locks/Unlocks mrnoobot account

usermod -e 2021-12-25 mrnoobot
#set password expiry date for mrnoobot

usermod mrnoobot -g noobgroup
#change primary group of mrnoobot to noobgroup - must exist already

usermod -a -G sales mrnoobot
#APPEND the sales group to list of groups to which mrnoobot belongs (without -a will revoke group membership and join sales only)

usermod -G sales,marketing,noobgroup mrnoobot
#DEFINES groups to which mrnoobot should belong. Any existing which are not on this list will revoke membership.

usermod mrnoobot -c 'noob'
#adds a comment to the mrnoobot user account

usermod mrnoobot -s /noob/shell
#changes absolute path to login shell

vgcreate

stage two in the logical volume management process (LVM)

vgcreate vol1 /dev/sdb /dev/sdc dev/sdd
creates a volume group from physical volumes

See also pvcreate (stage 1) and lvcreate (stage 3)

vgextend

command to add a physical volume to an existing volume group in logical volume management (LVM)

wall

send broadcast message to all logged in users. Accepts standard input or file

echo 'Message' | wall -n
#broadcast message to all users and suppress banner

wall noobot.txt
#broadcast content of noobot.txt to all users

which

which <command>
#searches for location of a command by searching the PATH variable

who

can be used to display current runlevel

who -r
#displays current runlevel

whoami

displays current username

xfs_db

manual repair tool for XFS filesystems but also useful to determine fragmentation

xfs_db -x /dev/sdc1
#enter expert debug mode on sdc1

xfs_db -r /dev/sdc1
#enters prompt mode

COMMANDS
frag #displays assessed file fragmentation
quit #quit

See also xfs_fsr

xfs_fsr

filesystem reorganiser for XFS

xfs_fsr -v /dev/sdc1
#carry out verbose reorganise on sdc1

xfs_fsr -t 3600
#carry out reorganising for an hour and retain progress for next run

xfs_repair

repair utility for xfs filesystems. Can be run on unmounted filesystems only

xfs_repair /dev/sdc1
#repairs sdc1 from journal log file

xfs_repair -L /dev/sdc1
#LAST RESORT - zeros log file and attempts to repair sdc1

yum

package manager that can search internet/network based repositories, automatically resolving dependencies

configured in the /etc/yum.conf file and /etc/yum.repos.d directory

yum provides '*/noobot.file'
#searches packages and displays which provides noobot.file

yum search noobot
#search packages for those containing word noobot

yum install PACKAGE
#install package

yum -y install PACKAGE
#express install (auto answers yes to prompts)

yum -y install PACKAGE1 PACKAGE2 PACKAGE3
#express install multiple packages

yum grouplist
#list all grouped packages by group

yum groupinfo GROUP
#display info on defined GROUP

yum groupinstall GROUP
#install a defined GROUP of packages

yum groupremove GROUP
#uninstall a defined GROUP of packages

yum remove PACKAGE 
yum erase PACKAGE
#removes a package and resolves dependency issues

yum list updates
#list available updates

yum update
#update all packages

yum update PACKAGE
#update defined package

zypper

advanced package manager for rpm systems with automatic dependency resolution

zypper ref
#refresh zypper available package cache

zypper se noobot
#search for the package noobot in the cache

zypper in noobot
#install package noobot

zypper lr
#list repositories

zypper ar -f URL LABEL
#add repository at URL and name it LABEL. Requires a cache refresh.

zypper list-updates -t package
#list available updates for package

zypper update
#update all packages