dotlinux guide

Essential Linux Commands Every System Administrator Should Know

Linux is the backbone of modern IT infrastructure, powering servers, cloud environments, embedded systems, and supercomputers. For system administrators (sysadmins), proficiency with Linux commands is not just a skill—it’s a necessity. These commands enable efficient system management, troubleshooting, monitoring, and automation. Whether you’re maintaining a single server or a global cluster, mastering essential Linux commands streamlines workflows, reduces downtime, and ensures system security. This blog covers the most critical Linux commands sysadmins need, organized by functional categories. Each section includes command purposes, usage examples, common practices, and best practices to avoid pitfalls. By the end, you’ll have a solid foundation to manage Linux systems with confidence.

Table of Contents

System Information Commands

Understanding your system’s state is the first step in effective management. These commands provide critical hardware, OS, and resource usage data.

uname – Kernel Information

Displays kernel version, hostname, and system architecture.
Usage:

uname -a  # Show all system information (kernel version, hostname, CPU architecture)
uname -r  # Show only kernel release version (e.g., 5.4.0-100-generic)

hostname – System Hostname

Shows or sets the system’s hostname.
Usage:

hostname           # Display current hostname
hostname new-host  # Temporarily set hostname to "new-host" (persist with `hostnamectl` on systemd)

uptime – System Uptime

Shows how long the system has been running, plus load averages (1/5/15 minute).
Usage:

uptime  # Output: 14:30:00 up 2 days, 4 hours, 2 users, load average: 0.10, 0.25, 0.30

Load averages <1 indicate low system load; >1 may indicate congestion.

top/htop – Real-Time Process Monitoring

top is a built-in tool for monitoring processes and resource usage. htop (a modern alternative) adds color, mouse support, and easier navigation (install with apt install htop or yum install htop).
Usage:

top       # Launch basic process monitor
htop      # Launch enhanced process monitor (use F5 for tree view, F9 to kill processes)

df -h – Disk Space Usage

Shows free/used disk space for mounted filesystems ( -h for human-readable units like GB).
Usage:

df -h  # Output: /dev/sda1  20G  8.5G   11G  45% /

free -h – Memory Usage

Displays RAM and swap usage.
Usage:

free -h  # Output: Mem: 15G  8.2G  4.3G  2.5G  Swap: 2G   0B   2G

File and Directory Management

Sysadmins spend 40% of their time managing files. Master these commands to avoid costly mistakes (e.g., accidental data loss).

ls – List Directory Contents

Lists files and directories. Use flags to customize output.
Common Flags:

  • -l: Long format (permissions, owner, size, timestamp).
  • -a: Show hidden files (start with .).
  • -h: Human-readable sizes (e.g., 1K, 2M).

Usage:

ls -la  # List all files (including hidden) in long format
ls -lh /var/log  # List log files with human-readable sizes

cd/pwd – Navigate Directories

  • cd <path>: Change directory (e.g., cd /home/user, cd .. for parent).
  • pwd: Print working directory (show current path).

Usage:

cd /var/log  # Move to log directory
pwd          # Output: /var/log

mkdir/rmdir – Create/Delete Directories

  • mkdir <dir>: Create a directory.
  • rmdir <dir>: Delete an empty directory (use rm -r for non-empty).

Usage:

mkdir project-docs          # Create single directory
mkdir -p app/{logs,config}  # Create nested directories (app/logs and app/config)
rmdir old-dir               # Delete empty directory

rm – Delete Files/Directories

DANGER: rm is irreversible! Always double-check paths.
Common Flags:

  • -r: Recursively delete directories.
  • -f: Force delete (no prompts).
  • -i: Interactive (prompt before deletion).

Usage:

rm old-file.txt          # Delete a file
rm -i sensitive-data/*   # Prompt before deleting files in sensitive-data/
rm -rf temp-dir/         # Force-delete a non-empty directory (use with extreme caution!)

Best Practice: Avoid rm -rf on production systems. Use mv to a “trash” directory (e.g., mv risky-file ~/trash/) before permanent deletion.

cp/mv – Copy/Move Files

  • cp <source> <dest>: Copy files.
  • mv <source> <dest>: Move/rename files.

Usage:

cp report.txt /backup/          # Copy report.txt to /backup/
cp -r project/ /external-drive/ # Copy entire project directory recursively
mv old-name.txt new-name.txt    # Rename a file
mv logs/* /archive/logs/        # Move all logs to archive

find – Search for Files

Locate files by name, type, size, or modification time.
Common Flags:

  • -name "<pattern>": Match filename (use * for wildcards).
  • -type f/d: Search for files (f) or directories (d).
  • -mtime -7: Modified in the last 7 days.
  • -size +100M: Larger than 100MB.

Usage:

find /home -name "*.log" -type f          # Find all .log files in /home
find /var -mtime -1 -type f               # Find files modified in the last 24 hours
find / -size +1G -exec ls -lh {} \;       # Find files >1GB and list details

grep – Search Text in Files

Filter text using patterns (supports regex).
Usage:

grep "ERROR" /var/log/syslog       # Find "ERROR" in syslog
grep -i "warning" app.log          # Case-insensitive search for "warning"
grep -r "failed login" /var/log/   # Recursively search log directory for failed logins

User and Permission Management

Linux is multi-user, so controlling access is critical for security.

useradd/userdel – Manage Users

  • useradd <user>: Create a new user.
  • userdel -r <user>: Delete a user and their home directory (-r for recursive).

Usage:

useradd -m john  # Create user "john" with home directory (-m)
userdel -r john  # Delete john and /home/john

passwd – Change Passwords

Update a user’s password (requires root for others).
Usage:

passwd john  # Change password for "john" (root only)
passwd       # Change your own password

chmod – Modify Permissions

Control read (r), write (w), and execute (x) access for users, groups, and others. Use numeric (0-7) or symbolic notation.

Numeric Notation:

  • r=4, w=2, x=1; sum for each category (user, group, others).
    Example: chmod 755 file → User: rwx (7), Group: r-x (5), Others: r-x (5).

Symbolic Notation:

  • u (user), g (group), o (others), a (all).
  • + (add), - (remove), = (set) permissions.

Usage:

chmod 600 secret.txt          # User: rw-, Group: ---, Others: --- (secure file)
chmod u+x script.sh           # Add execute permission for user
chmod g-w,o-r shared-docs/    # Remove write from group, read from others

Best Practice: Follow the principle of least privilege (e.g., 600 for sensitive files, 755 for public scripts).

chown/chgrp – Change Owner/Group

  • chown <user>:<group> <file>: Set user and group ownership.
  • chgrp <group> <file>: Set group ownership only.

Usage:

chown john:dev-team app.py  # Make john the owner and dev-team the group
chgrp admins report.pdf     # Change group to "admins"

Process Management

Keep systems stable by monitoring and controlling processes.

ps – List Processes

ps (process snapshot) shows running processes. Use flags for details.
Common Flags:

  • aux: Show all processes (a=all users, u=user details, x=no terminal).

Usage:

ps aux | grep "nginx"  # Find all nginx processes

systemctl – Manage Services

Control systemd services (start, stop, enable on boot). Replaces legacy tools like service or chkconfig.
Usage:

systemctl start nginx    # Start nginx service
systemctl enable nginx   # Start nginx on boot
systemctl status nginx   # Check status (active/inactive/failed)
systemctl stop apache2   # Stop apache2

kill – Terminate Processes

Stop unresponsive processes using their PID (process ID).
Common Signals:

  • SIGTERM (15): Graceful shutdown (default).
  • SIGKILL (9): Force kill (use only if SIGTERM fails).

Usage:

kill 1234          # Send SIGTERM to PID 1234
kill -9 5678       # Force-kill PID 5678
pkill "python3"    # Kill all processes named "python3"

Best Practice: Always try kill <PID> first; use kill -9 as a last resort (may corrupt data).

Networking Commands

Diagnose issues and manage network resources.

ip – Network Interface Management

Replaces ifconfig (deprecated). Configure IP addresses, routes, and interfaces.
Usage:

ip addr show           # List all interfaces and IPs
ip addr add 192.168.1.10/24 dev eth0  # Assign IP to eth0
ip route show          # Show routing table

ping – Test Connectivity

Check if a host is reachable (sends ICMP echo requests).
Usage:

ping google.com -c 4   # Send 4 pings to google.com

ss – Monitor Network Connections

Replaces netstat (faster and more feature-rich). Show open ports and connections.
Usage:

ss -tuln  # Show listening TCP/UDP ports (-t=tcp, -u=udp, -l=listening, -n=numeric)
ss -p     # Show process ID/name using the port

scp – Secure File Transfer

Copy files between systems over SSH (encrypted).
Usage:

scp backup.tar.gz user@server:/backups/  # Copy local file to remote server
scp user@server:/logs/app.log ./        # Copy remote file to local machine

Package Management

Install, update, and remove software efficiently. Commands vary by distro:

Debian/Ubuntu (apt)

apt update               # Update package list
apt upgrade -y           # Upgrade all packages (-y auto-accepts prompts)
apt install nginx        # Install nginx
apt remove apache2       # Remove apache2 (keeps configs)
apt purge apache2        # Remove apache2 and configs
apt autoremove           # Clean up unused dependencies

RHEL/CentOS (dnf/yum)

dnf (faster) replaces yum in RHEL 8+/CentOS 8+.

dnf check-update         # Check for updates
dnf install -y mysql     # Install mysql
dnf remove httpd         # Remove httpd
dnf autoremove           # Clean up dependencies

Best Practice: Always run apt update/dnf check-update before upgrading to fetch the latest package lists.

Disk and Storage Management

Prevent outages by monitoring and expanding storage.

df -h/du -sh – Disk Usage

  • df -h: Free space on filesystems (global view).
  • du -sh <dir>: Disk usage of a directory ( -s=summary, -h=human-readable).

Usage:

du -sh /var/log  # Size of log directory (e.g., 2.5G)

mount/umount – Manage Filesystems

Mount external drives or network shares.
Usage:

mount /dev/sdb1 /mnt/external-drive  # Mount /dev/sdb1 to /mnt/external-drive
umount /mnt/external-drive          # Unmount (use `umount -l` if busy)

Log Management

Troubleshoot issues by analyzing logs (stored in /var/log/).

tail – View Logs in Real Time

tail -f follows a log file as it updates (critical for monitoring).
Usage:

tail -f /var/log/auth.log  # Monitor authentication attempts (e.g., SSH logins)
tail -n 50 /var/log/syslog # Show last 50 lines of syslog

grep + Logs – Filter Errors

Combine grep with log files to find issues.
Usage:

grep "Failed password" /var/log/auth.log  # Find failed SSH logins
tail -f /var/log/nginx/error.log | grep "500"  # Monitor 500 errors in nginx

Advanced Tips and Tricks

Boost productivity with these pro techniques:

Aliases

Create shortcuts for frequent commands in ~/.bashrc or ~/.zshrc:

alias ll='ls -la'
alias upd='sudo apt update && sudo apt upgrade -y'
alias logs='tail -f /var/log/syslog'

Run source ~/.bashrc to apply changes immediately.

Command History

  • history: Show recent commands.
  • !123: Re-run command #123 from history.
  • Ctrl+R: Search history interactively (type to filter).

Piping and Redirection

  • | (pipe): Send output of one command to another (e.g., ps aux | grep nginx).
  • >/>>: Redirect output to a file (> overwrites, >> appends).
  • 2>: Redirect errors (e.g., command 2> errors.log).

Usage:

dmesg | grep "USB" > usb-events.log  # Save USB events to log
ls non-existent-dir 2> errors.log    # Save error to file

Conclusion

Mastering these Linux commands is foundational for system administrators. They enable you to monitor systems, manage users, troubleshoot issues, and automate tasks efficiently. Remember: practice makes perfect. Experiment in a sandbox (e.g., a VM) to build confidence, and always back up critical data before running destructive commands like rm -rf or chmod 777.

As Linux evolves, stay curious—new tools (e.g., htop, ss) replace legacy ones, but the core principles of system administration remain constant.

References