| Command | Description | example | 'man' page |
|---|---|---|---|
cat |
conCATonate - also outputs files to the terminal (or other file with redirect) | cat /var/log/messagesthis will output the messages file to the terminal |
https://man7.org/linux/man-pages/man1/cat.1.html |
cd |
Change Directory | cd DocumentsChanges to the directory "Documents" |
https://man7.org/linux/man-pages/man1/cd.1p.html |
chmod |
For changing the permissions on files/folders etc | chmod u+x app.binThis will allow the user to execute the file |
https://www.man7.org/linux/man-pages/man1/chmod.1.html |
chown |
For changing the user and/or group that the file belongs to | chown admin:docker docker-compose.yml This will set the ownership of docker-compose.yml to the user called admin and the group docker. |
https://www.man7.org/linux/man-pages/man1/chown.1.html |
dmesg |
Used to examine or control the kernel ring buffer | dmesg -HDisplays the kernel ring buffer with human readable timestamping/delta time |
https://man7.org/linux/man-pages/man1/dmesg.1.html |
dmidecode |
A tool for dumping a computer's DMI (some say SMBIOS ) table contents in a human-readable format. This table contains a description of the system's hardware components, as well as other useful pieces of information such as serial numbers and BIOS revision | dmidecode -s system-serial-numberRetrieves the serial number/service tag from a motherboard |
https://linux.die.net/man/8/dmidecode |
file |
Tests each argument in an attempt to classify it. There are three sets of tests, performed in this order: filesystem tests, magic tests, and language tests. The first test that succeeds causes the file type to be printed | file /usr/bin/python3.10 outputs /usr/bin/python3.10: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, BuildID[sha1]=03f0f6b8facea0ce26c35eae211a43b7a00c170b, for GNU/Linux 3.2.0, stripped |
https://linux.die.net/man/1/file |
find |
GNU find searches the directory tree rooted at each given file name by evaluating the given expression from left to right, according to the rules of precedence (see section OPERATORS), until the outcome is known (the left hand side is false for and operations, true for or), at which point find moves on to the next file name. | find ./ -name grubFinds a file called "grub" in the current directory |
https://linux.die.net/man/1/find |
firewall-cmd |
The command line client of the firewalld daemon. It provides an interface to manage the runtime and permanent configurations. Often found running on Redhad based distributions |
firewall-cmd --add-port=443/tcpOpens port 443 for TCP connections at a run-time level. Change will be lost at reboot or firewall reload |
https://firewalld.org/documentation/man-pages/firewall-cmd.html |
grep |
search for matching pattern, can be used in combination with 'cat' for example | cat /var/log/messages | grep warning this will search the 'messages' file for the pattern 'warning' |
https://man7.org/linux/man-pages/man1/grep.1.html |
groupadd |
Used to add groups to the system | groupadd cheeseAdds a group called "cheese" |
https://linux.die.net/man/8/groupadd |
groupdel |
Used to remove groups from the system | groupdel cheeseRemoves a group called "cheese" |
https://linux.die.net/man/8/groupdel |
groupmod |
Used to change details for a group already on the system | groupmod -n fromage cheeseChanges the group name from "cheese" to "fromage" |
https://linux.die.net/man/8/groupmod |
ip |
show / manipulate routing, devices, policy routing and tunnels | ip aThis will show the status of all networking devices |
https://linux.die.net/man/8/ip |
iptables |
Administration tool for IPv4 packet filtering and NAT. Is used to set up, maintain, and inspect the tables of IP packet filter rules in the Linux kernel. | iptables -A INPUT -p tcp --dport 443 -j ACCEPT Modifies the packet filter to accept incoming packets on port 443 (on all iterfaces). |
https://linux.die.net/man/8/iptables |
iscsiadm |
The iscsiadm utility is a command-line tool allowing discovery and login to iSCSI targets, as well as access and management of the open-iscsi database. | iscsiadm -m discovery -t sendtargets -p <ip>:3260 This will ask the server at the given IP to show what targets (portals) are available |
https://linux.die.net/man/8/iscsiadm |
ln |
Used to create links between files | ln -s /path/to/target /link/file This will create a symbolic link between '/link/file' and '/path/to/target'. This can either be files or directories. |
https://linux.die.net/man/1/ln |
ls |
list directory | ls /home/user this will list out the contents of the users home directory |
https://man7.org/linux/man-pages/man1/ls.1.html |
lspci |
list PCI devices connected to machine. Use with verbose option (-v or -vv or -vvv) for useful information |
https://linux.die.net/man/8/lspci | |
man |
Used to load a manual for a command in a text shell | man lsWill load the manual for the ls command |
https://man7.org/linux/man-pages/man1/man.1.html |
passwd |
Used to change or set passwords for accounts | passwd flokiWill prompt the user, if allowed, to set the password for the 'floki' account. |
https://linux.die.net/man/1/passwd |
pinfo |
A program used for viewing info files, developed by the GNU project | pinfo tarDisplays the tar info page. |
https://linux.die.net/man/1/pinfo |
realpath |
Converts each filename argument to an absolute pathname, which has no components that are symbolic links or the special . or .. directory entries. | realpath .bashrc returns /home/user/.bashrc |
https://linux.die.net/man/1/realpath |
rm |
Removes files or directories | rm file1 file2 file3This command will remove file1, file2 and file3. |
https://linux.die.net/man/1/rm |
sed |
Stream EDitor. For filtering and transforming text | sed -i 's/pc-i440fx-rhel7.0.0/pc-i440fx-7.2/g' virtual_machine.xmlReplaces "pc-i440fx-rhel7.0.0" with "pc-i440fx-7.2". Search/replace pattern takes the form s/regex/replacement/. |
https://linux.die.net/man/1/sed |
scp |
secure copy between hosts using SSH | scp user01@host1:file user01@host2:file copy file from host1 to host2 |
https://man7.org/linux/man-pages/man1/scp.1.html |
ssh |
A program to login to to a remote host using a Secure SHell | ssh user@host02Creates a secure, encrypted link between current host and host02 and attempts to login as "user" |
https://linux.die.net/man/1/ssh |
su |
Log in as another user without having to log out. If you are not the 'root' user, the password fo the target user will be required. | su - user03logs in as 'user03' and loads the environment variables for that user. If the '-' is ommitted, then the environment variables are not loaded |
https://linux.die.net/man/1/su |
sudo |
Usually used to execute a command as a user with escalated priviledge | sudo apt updatethe apt command cannot be run under ordinary user rights and must be run as a privildged user (e.g. root). |
https://linux.die.net/man/8/sudo |
smartctl |
smartctl controls the Self-Monitoring, Analysis and Reporting Technology (SMART) system built into many ATA-3 and later ATA, IDE and SCSI-3 hard drives. The purpose of SMART is to monitor the reliability of the hard drive and predict drive failures, and to carry out different types of drive self-tests. | smartctl -i /dev/sdaOuputs drive info for /dev/sdasmartctl -a /dev/sda -d sat+megaraid,00Gets all info from a disk behind a PERC controller where /dev/sda is the array and 00 is the first disk in that array |
https://linux.die.net/man/8/smartctl |
strings |
For each file given, GNU strings prints the printable character sequences that are at least 4 characters long (or the number given with the options below) and are followed by an unprintable character. By default, it only prints the strings from the initialized and loaded sections of object files; for other types of files, it prints the strings from the whole file. | strings .face outputs <svg version="1" viewBox="0 0 512 512" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><defs><linearGradient id="b" x1="211.18" x2="349.73" y1="370.82" y2="232.27" gradientTransform="matrix(1.0606 0 0 1.0606 -62.005 -15.504)" gradientUnits="userSpaceOnUse">...... |
https://linux.die.net/man/1/strings |
systemctl |
systemctl may be used to introspect and control the state of the "systemd" system and service manager |
systemctl start sshdThis will start the sshd daemon |
https://www.man7.org/linux/man-pages/man1/systemctl.1.html |
tar |
GNU 'tar' saves many files together into a single tape or disk archive, and can restore individual files from the archive. | tar -cf archivename.tar /files-to-includeCreates an archive called "archivename.tar" with the file "files-to-include". |
https://linux.die.net/man/1/tar |
tcpdump |
Prints out a description of the contents of packets on a network interface | tcpdump -i enp0s3Prints packets captured on enp0s3 to the console |
https://linux.die.net/man/8/tcpdump |
useradd |
Command used to add users to the system. By default it will configure new users' home ddirectories | useradd thorAdds a user called 'thor' with the default settings |
https://linux.die.net/man/8/useradd |
userdel |
Used to delete users from a system | userdel lokiDelets 'loki' from the system, home directory may still remain |
https://linux.die.net/man/8/userdel |
usermod |
Used to modify existing users | usermod -L huginnThis will lock the account 'huginn' preventing any login |
https://linux.die.net/man/8/usermod |
vim |
A text editor that is upwards compatible to Vi. It can be used to edit all kinds of plain text. It is especially useful for editing programs. | vim ~/newfileRuns vim and opens "newfile" or creates "newfile" if "newfile" does not exist |
https://linux.die.net/man/1/vi |
wget |
Wget is a free utility for non-interactive download of files from the Web. It supports HTTP , HTTPS , and FTP protocols, as well as retrieval through HTTP proxies. | wget -m https://dell.comOption "-m" will mirror the target URL and pull down all associated files, including CSS files etc |
https://linux.die.net/man/1/wget |
General commands
Virtualisation related commands
cd command is used to navifate directories in the Linux space.
| Command | Use |
|---|---|
cd dirName |
Moves fromthe current working directory to the directory named "dirName", supposing that "dirName" is a valid directory inside the current directory |
cd ~ |
Changes from wherever you are in the filesystem back to your home directory. Simply typing cd can usually be used for the same purpose |
cd - |
This will take you back to the last working directory. E.g. if you were in /home/user/Documents and did cd ../Downloads to change to the "Downloads" directory, typing cd - will take you back to the "Documents" directory |
cd .. |
This will take you to one directory above the current working directory |
cd ../.. |
This will take you to two directoryies above the current working directory |
cd / |
This will take you to the root of the file system |
cd -al |
This will list all files (including hidden files) with a the long listing to show all the file permissions etc |
cd /bin |
From wherever you are in the filesystem, this will take you to the "/bin" directory |
| Command | Explanation |
|---|---|
chmod u+x file |
Adds the executable permission to file |
chmod g-rw file |
Removes read/write permissions from file for the group |
chmod o-rwx file |
Removes read/write/execute permissions from file for users that are not the user or in the group |
chmod ug+rwx |
Adds read/write/execute permissions to file for the user and group members |
| Command | Explanation |
|---|---|
chown root:wheel file |
Changes the ownership of file to the 'root' user and the 'wheel' group |
chown user1: file |
Changes the ownership of file to the 'user1' user and the 'user1' group. Leaving a trailing colon makes the command assume that the user is the same as the group name |
| Command | Explanation |
|---|---|
firewall-cmd --get-services |
Lists out the 'services' available. These are predefined rules for services such as http, https, ssh and so on. |
firewall-cmd --add-service=http |
Opens the ports associated with the 'http' predefined service at runtime on the default zone (change will be lost at reboot or firewall reload) |
firewall-cmd --permanent --add-port=139/tcp |
Opens port 139 for TCP connections on the default zone and ensures that the change will be loaded after a reboot. |
firewall-cmd --reload |
This will reload the firewall from the permanent settings, any unsaved runtime changes will be lost |
firewall-cmd --state |
Checks the firewall status. |
firewall-cmd --list-all |
Lists all firewall rules and zones. |
firewall-cmd --zone=public --list-all |
Lists all rules in the 'public' zone. |
firewall-cmd --remove-service=http --permanent |
Removes the permanent HTTP service rule. |
see [[RHSCA Key Topics#Common grep options|grep]]
| option | use |
|---|---|
-i |
Makes the search case insensitive |
-v |
Inverts the search - finds things that do not match the pattern |
pattern1\\|patern2 |
searchers for "patern1" or "patern2" |
See ip
| Command | Explanation |
|---|---|
ln /path/to/target /path/to/link |
This creates a hard link. If the target file is deleted, then there will still be a hard link to /path/to/link. In order for the file to be effectively removed from the file systems all hardlinks must be deleted. |
ln -s /path/to/target /path/to/link |
This will create a symbolic/soft link from a specified path back to the target. Oftentimes this will be transparent to applications. If the link is deleted, the file remains intact in at its original location. If the file at /path/to/target is deleted, then the symbolic link will remain in place, but will link to nothing. |
| Command | Explanation |
|---|---|
lspci -v |
Lists PCI(e) devices in a verbose manner. You can increase the verbosity by adding up to two more v, e.g. lspci -vv or lspci -vvv |
lspci -d :1042 |
Lists devices of a certain class. In this example, this will list SCSI storage devices. |
lspci -nn |
Lists PCI vendor and device codes as both numbers and names. You can then use these with the -d option listed above. |
lspci -t |
Lists PCI(e) devices in a tree view, can be used in conjuction with verbosity options for more detail. |
See nmcli
See man
pinfo has similar navigation commands as man. See the table below to understand the differences between the two.
| Navigation | pinfo | man |
|---|---|---|
| Scroll forward (down) one screen | PageDown or Space | PageDown or Space |
| Scroll backward (up) one screen | PageUp or b | PageUp or b |
| Display the directory of topics | d | - |
| Scroll forward (down) one half-screen | - | d |
| Display the parent node of a topic | u | - |
| Display the top (up) of a topic | HOME | g |
| Scroll backward (up) one half-screen | - | u |
| Scroll forward (down) to next hyperlink | DownArrow | - |
| Open topic at cursor location | Enter | - |
| Scroll forward (down) one line | - | DownArrow or Enter |
| Scroll backward (up) to previous hyperlink | UpArrow | - |
| Scroll backward (up) one line | - | UpArrow |
| Search for a pattern | /string | /string |
| Display next node (chapter) in topic | n | - |
| Repeat previous search forward (down) | / then Enter | n |
| Display previous node (chapter) in topic | p | - |
| Repeat previous search backward (up) | - | N |
| Quit the program | q | q |
rm command can be used to remove directories and files. Note that if you try to remove a directory using rm dirname and the dirname has files inside it, then the command will fail.
| Command | Use |
|---|---|
rm file1 |
Removes file1. Can add multiple file names here to be removed. |
rm -r dir |
Recurse in to dir and remove dir |
rm -r $(find -maxdepth 1 -type d) |
This will find directories (-type d option) and then delete them without recursing in to subdirectories (-maxdepth 1 option). This is using a combination of the find command and passing the output from that to the rm command |
See rsync
scp used to transfer files between hosts using the SSH protocol.
| Command | Use |
|---|---|
scp -o ProxyJump=user@host2:22 user@host1:/path/to/file user@host3:/path/to/destination |
Copy a file from host1 to host3 using host2 as a proxy |
ssh is used to create a secure, encrypted link between two, untrusted, hosts.
| Command | Use |
|---|---|
ssh host02 |
Open a secure link between current host and host02. As a user is not specified, the user on the current host will be used |
ssh -X user@host02 |
Opens a secure link between current host and host02, attempts to begin logon as "user" and enables X-forwarding |
ssh -i ~/.ssh/hostkey user@host02 |
The -i option specifies an "indenty file" (or key file) to use to connect to host02 and attempt to login as "user". For information on generating a key file, please see ssh-key-gen |
ssh -L 5900:localhost:5901 user@host02 |
Creates an ssh tunnel from one machine to another. In this example, connecting to port 5900 on your local machine will forward to port 5901 on the remote system |
From the man page for virsh:
The virsh program is the main interface for managing virsh guest domains. The program can be used to create, pause, and shutdown domains. It can also be used to list current domains. Libvirt is a C toolkit to interact with the virtualization capabilities of recent versions of Linux (and other OSes). It is free software available under the GNU Lesser General Public License. Virtualization of the Linux Operating System means the ability to run multiple instances of Operating Systems concurrently on a single hardware system where the basic resources are driven by a Linux instance. The library aims at providing a long term stable C API. It currently supports Xen, QEMU, KVM, LXC, OpenVZ, VirtualBox and VMware ESX.
The virsh command can either be used directly from the terminal (e.g. virsh net-list will output the list of virtual networks on the host) or it can be used in an interactive CLI by running virsh with no options.
Help is available by either running virsh --help from BASH or help when in interactive mode.
| Command | Use |
|---|---|
net-list |
List the virtual networks on the host |
net-dhcp-leases <network> |
List the DHCP leases on <network> (which is a required argument) |
net-destroy default |
Deletes the "default" network |
net-define br0-network.xml |
Creates the "br0-network" from an xml file |
net-start br0-network |
Starts the "br0-network |
list [--all] |
Lists domains on the host. If --all is omitted, then it will list the running domains (virtual machines/containers) |
dominfo <domain> |
Lists basic information about a domain. Domain can either be the domain ID or name (these can both be found using the list command) |
define virtualmachine.xml |
Creates a virtual machine from an xml file |
QEMU Disk image utility. Allows you to create, convert and modify images offline. It can handle all image formats supported by QEMU.
qcow2 is the default image for QEMU and is, by default, thin provisioned
| Command | Use |
|---|---|
qemu-img info /path/to/image.qcow2 |
Gives basic information about "image.qcow2" |
qemu-img create -f qcow2 image.qcow2 20G |
Creates an image named "image.qcow2" with size of 20 gigs with -format "qcow2". |
qemu-img resize image.qcow2 30G |
This will resize the image to 30 gigs. If the image is larger than 30G, it you will receive a warning and it will suggest that you use the --shrink option to shrink the image if that is what you want to do. Instead of specifying the size of the disk, you can also add on a set number of bytes, e.g. +10G would add 10 gigs to the image. Should not be used on a "live" image, the VM should be shut off |
qemu-img convert -O qcow2 vmwareimage.vmdk qemuimage.qcow2 |
This will convert from VMware format (vmdk) to QEMU format (qcow2). Though it should be noted that QEMU can work with VMDK images. |