Whoever says he is not familiar with Linux commands, throw this to him!

Posted by apacheguy on Wed, 05 Jan 2022 17:52:15 +0100

Although most of my work is Java related development, I am exposed to Linux system every day, especially after using Mac. I work in the command line environment with black background every day I don't have a good memory. I can't remember many useful linux commands very well. Now I'll summarize them gradually for later viewing.

basic operation

Linux Shutdown, restart
#Shut down
shutdown -h now
#Restart
shutdown -r now
View system and CPU Information
# View system kernel information
uname -a

# View system kernel version
cat /proc/version

# View current user environment variables
env

cat /proc/cpuinfo

# Look at several logical CPUs, including cpu models
cat /proc/cpuinfo | grep name | cut -f2 -d: | uniq -c

# Check how many CPUs are there, and how many cores are each
cat /proc/cpuinfo | grep physical | uniq -c

# Check whether the current CPU is running in 32bit or 64bit mode. If it is running in 32bit, it does not mean that the CPU does not support 64bit
getconf LONG_BIT

# The result is greater than 0, indicating that 64 bit calculation is supported lm refers to long mode and 64bit if lm is supported
cat /proc/cpuinfo | grep flags | grep ' lm ' | wc -l
establish Soft connection
ln -s /usr/local/jdk1.8/ jdk
rpm relevant
#Check if the software is installed through rpm
rpm -qa | grep Software name
sshkey
# Create sshkey
ssh-keygen -t rsa -C your_email@example.com

#id_ rsa. Copy the contents of pub to the home / username /. Of the server to be controlled ssh/authorized_ In keys, if not, create a new one (. SSH permission is 700, authorized_keys permission is 600)
command rename
#In the of each user bash_ Add rename configuration in profile
alias ll='ls -alF'
Synchronize server time
sudo ntpdate -u ntp.api.bz
Background operation command
# Run in the background and have nohup Out output
nohup xxx &

# Run in the background without outputting any logs
nohup xxx > /dev/null &

# Run in the background and output the error information to the log as standard 
nohup xxx >out.log 2>&1 &
force Active user exit
#Command to complete the force active user exit Where TTY represents the terminal name
pkill -kill -t [TTY]
see Command path
which <command>
View the maximum fd number of all open processes
ulimit -n
Configure dns
vim /etc/resolv.conf
nslookup , view the domain name routing table
nslookup google.com
last, list of recent login information
#5 recently logged in accounts
last -n 5
Set fixed ip
ifconfig em1  192.168.5.177 netmask 255.255.255.0
View environment variables loaded in process
#You can also go to the cd / proc directory to view the things loaded in the process memory
ps eww -p  XXXXX(Process number)
View the process tree to find the server process
ps auwxf
View process Start path
cd /proc/xxx(Process number)
ls -all
#cwd corresponds to the startup path
Add user , configure sudo permissions
# New user
useradd user name
passwd user name

#Add sudo permission
vim /etc/sudoers
# Modify the in the file
# root    ALL=(ALL)       ALL
# Username all = (all) all
Force the shutdown of all processes whose process name contains xxx
ps aux|grep xxx | grep -v grep | awk '{print $2}' | xargs kill -9

Disk, file and directory related operations

vim operation
#In normal mode, g represents the global, x represents the searched content, and y represents the replaced content
:%s/x/y/g

#In normal mode
0  # Move the cursor to the beginning of the line (number 0)
$  # Move cursor to end of line
shift + g # Skip to the end of the file
gg # Skip to file header

# set number 
:set nu

# Remove line number
:set nonu

# retrieval
/xxx(Search content)  # Search from the beginning and press n to find the next one
?xxx(Search content)  # Retrieve from tail
Open a read-only file and save it after modification (you can save it without switching users)
#In normal mode
:w !sudo tee %
View basic information of disk, file and directory
# View disk mounting
mount

# View disk partition information
df

# View directory and subdirectory size
du -H -h

# Check the space occupied by each file and folder in the current directory without recursion
du -sh *
wc command
# See how many lines are in the file
wc -l filename

# See how many word s there are in the file
wc -w filename

# What is the longest line in the file
wc -L filename

# Count bytes
wc -c

Common compression and decompression commands

compress command
tar czvf xxx.tar Compressed directory
zip -r xxx.zip Compressed directory
Decompression command
tar zxvf xxx.tar

# Extract to the specified folder
tar zxvf xxx.tar -C /xxx/yyy/

unzip xxx.zip

Change the user and user group to which the file belongs

chown eagleye.eagleye xxx.log

cp, scp, mkdir

#copy
cp xxx.log

# Copy and force overwrite of files with the same name
cp -f xxx.log

# Copy folder
cp -r xxx(Source folder) yyy(Destination folder)

# Remote replication
scp -P ssh port username@10.10.10.101:/home/username/xxx /home/xxx

# Cascade create directory
mkdir -p /xxx/yyy/zzz

# When creating folders in batch, Java and resources folders will be created under test and main
mkdir -p src/{test,main}/{java,resources}
compare Two files
diff -u 1.txt 2.txt
The number of bytes of log output, which can be used as a performance test
#If you do a performance test, you can output "." to the log every time you execute it In this way, the number of bytes in the log is the actual number of performance test runs, and the real-time rate can be seen
tail -f xxx.log | pv -bt
View, remove special characters
# View special characters
cat -v xxx.sh

# Remove special characters
sed -i 's/^M//g’ env.sh remove the special characters of the file, such as ^ M: you need to enter: ctrl+v+enter
Handle the problem of special characters in files due to system reasons
# It can be converted to the file format under the system
cat file.sh > file.sh_bak

# First set file Copy the contents of the file in SH, run it, paste the contents, and finally ctrl + d to save and exit
cat > file1.sh

# In vim, set the file code and file format as follows
:set fileencodings=utf-8 ,then w (Save it) and it can be converted into utf8 Format,
:set fileformat=unix

# Using dos2unix to format files under mac
find . -name "*.sh" | xargs dos2unix
tee , output to screen while redirecting
awk '{print $0}' xxx.log | tee test.log

Retrieval correlation

grep(Learn a Linux command every day (5): grep)
# Reverse matching to find content that does not contain xxx
grep -v xxx

# Exclude all blank lines
grep -v '^/pre>

# If result 2 is returned, the second line is empty
grep -n "^$" 111.txt    

# Query rows starting with abc
grep -n "^abc" 111.txt 

# Also list the lines on which the word appears in the article
grep 'xxx' -n xxx.log

# Count the number of occurrences of the string
grep 'xxx' -c xxx.log

# When comparing, do not care about the difference between case and case
grep 'xxx' -i xxx.log
awk(One Linux command per day (4): awk)
# Take ':' as the separator. If there is a user in the fifth field, this line will be output
awk -F ':' '{if ($5 ~ /user/) print $0}' /etc/passwd 

# Count the number of occurrences of a character (string) (Chinese is invalid) in a single file
awk -v RS='character' 'END {print --NR}' xxx.txt
find search command( Learn a Linux command every day (20): find)
# Find the suffix in the directory mysql files
find /home/eagleye -name '*.mysql' -print

# Start from the / usr directory to find the files fetched from the memory in the last 3 days.
find /usr -atime 3 –print

# I will start from the / usr directory to find the files that have been modified in the last 5 days.
find /usr -ctime 5 –print

# I will start from the / doc directory and look for jacky's file with the file name beginning with j.  
find /doc -user jacky -name 'j*' –print

# Start from the / doc directory and look for files with file names beginning with ja or ma.
find /doc \( -name 'ja*' -o- -name 'ma*' \) –print

#  Start from the / doc directory, find the file with bak at the end of the file name, and delete it- The exec option means to execute, rm means to delete the command, {} means the file name, "\;" Is the end of the specified command. 
find /doc -name '*bak' -exec rm {} \;

Network related

See what processes use this port
lsof -i:por
Get native ip address
/sbin/ifconfig -a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print $2}'|tr -d "addr:"
iptables
# View iptables status
service iptables status

# To block an ip
iptables -I INPUT -s ***.***.***.*** -j DROP

# To unseal an IP, use the following command:
iptables -D INPUT -s ***.***.***.*** -j DROP

remarks: parameter-I Yes, it means Insert(Add),-D express Delete(Delete). Followed by rules, INPUT Indicates inbound,***.***.***.***It means to close IP,DROP Indicates abandoning the connection.

#Open access to port 9090
/sbin/iptables -I INPUT -p tcp --dport 9090 -j ACCEPT 

# Firewall on, off and restart
/etc/init.d/iptables status
/etc/init.d/iptables start
/etc/init.d/iptables stop
/etc/init.d/iptables restart
nc command, tcp debugging tool
#When sending a TCP request to an endpoint, the content of data is sent to the opposite end
nc 192.168.0.11 8000 < data.txt

#nc can be used as a server to listen to a port number and store the contents of a request in received_ In data
nc -l 8000 > received_data

#The upper side only listens once. If it listens multiple times, the - k parameter can be added
nc -lk 8000
tcpdump(Learn a Linux command every day (72): tcpdump)
#dump the tcp packet of the local port 12301
tcpdump -i em1 tcp port 12301 -s 1500 -w abc.pcap
Track network routing path
# traceroute uses udp mode by default. If it is - I, it will be changed to icmp mode
traceroute -I www.163.com

# Track from ttl 3rd hop
traceroute -M 3 www.163.com  

# Plus port tracking
traceroute -p 8080 192.168.10.11
ss
# Displays all ports open locally
ss -l 

# Displays the specific open socket of each process
ss -pl 

# Show all TCP sockets
ss -t -a 

# Show all UDP Socekt
ss -u -a 

# Displays all established SMTP connections
ss -o state established '( dport = :smtp or sport = :smtp )'  

# Displays all established HTTP connections 
ss -o state established '( dport = :http or sport = :http )'  

#Identify all processes connected to the X server
ss -x src /tmp/.X11-unix/*  

#List current socket statistics
ss -s 

Explanation: netstat Is traversal/proc Each of the following PID catalogue ss Direct reading/proc/net The following statistics. therefore ss Resources consumed during execution, and
netstat
# Output the number of connections per ip and the total number of connections in each state
netstat -n | awk '/^tcp/ {n=split($(NF-1),array,":");if(n<=2)++S[array[(1)]];else++S[array[(4)]];++s[$NF];++N} END {for(a in S){printf("%-20s %s\n", a, S[a]);++I}printf("%-20s %s\n","TOTAL_IP",I);for(a in s) printf("%-20s %s\n",a, s[a]);printf("%-20s %s\n","TOTAL_LINK",N);}'

# Count all connection status, 
# CLOSED: no connection is active or in progress
# LISTEN: the server is waiting for an incoming call
# SYN_RECV: a connection request has arrived, waiting for confirmation
# SYN_SENT: the application has started. Open a connection
# ESTABLISHED: normal data transmission status
# FIN_WAIT1: the application says it's finished
# FIN_WAIT2: the other side has agreed to release
# ITMED_WAIT: wait for all packets to die
# CLOSING: both sides try to close at the same time
# TIME_WAIT: the state of actively closing one end of the connection before waiting for feedback from the other end
# LAST_ACK: wait for all packets to die
netstat -n | awk '/^tcp/ {++state[$NF]} END {for(key in state) print key,"\t",state[key]}'

# Find more time_wait connection
netstat -n|grep TIME_WAIT|awk '{print $5}'|sort|uniq -c|sort -rn|head -n20

Monitoring linux performance commands

top

Press the uppercase F or O key, and then press a-z to sort the processes according to the corresponding columns, and then enter. The uppercase R key can reverse the current sort. Learn a Linux command every day (48): top

PID process id
PPID Parent process id
RUSER Real user name
UID User of the process owner id
USER User name of the process owner
GROUP Group name of the process owner
TTY The name of the terminal that started the process. Processes that are not started from the terminal are displayed as ?
PR priority
NI nice Value. Negative values indicate high priority and positive values indicate low priority
P Last used CPU,Only in many CPU Meaningful in the environment
%CPU Last updated to now CPU Time occupancy percentage
TIME Used by the process CPU Total time in seconds
TIME+ Used by the process CPU Total time in 1/100 second
%MEM Percentage of physical memory used by the process
VIRT The total amount of virtual memory used by the process, in kb. VIRT=SWAP+RES
SWAP The size, unit, of the virtual memory used by the process kb. 
RES The size of physical memory used by the process and not swapped out, unit kb. RES=CODE+DATA
CODE Physical memory occupied by executable code, unit kb
DATA Parts other than executable code(Data segment+Stack)Amount of physical memory occupied, in kb
SHR Shared memory size in kb
nFLT Number of page errors
nDRT The number of pages that have been modified since the last write.
S Process status. D=Non interruptible sleep state,R=function,S=sleep,T=track/stop it,Z=Zombie process
COMMAND Command name/command line
WCHAN If the process is sleeping, the system function name in sleep is displayed
Flags Task flag, reference sched.h
dmesg, view the system log
dmesg
iostat, disk IO monitoring
iostat -xz 1

# r/s, w/s, rkB/s, wkB/s: respectively represents the number of reads and writes per second and the amount of data read and written per second (kilobytes). Excessive reading and writing may cause performance problems.
# await: average wait time of IO operation, in milliseconds. This is the time consumed when the application interacts with the disk, including IO waiting and actual operation time. If this value is too large, the hardware device may encounter a bottleneck or failure.
# avgqu-sz: the average number of requests to the device. If this value is greater than 1, the hardware device may be saturated (some front-end hardware devices support parallel writing).
# %util: device utilization. This value indicates the busy degree of the equipment. The empirical value is that if it exceeds 60, the IO performance may be affected (refer to the average waiting time of IO operation). If it reaches 100%, the hardware device is saturated.
# If the data of logical devices is displayed, the device utilization does not mean that the actual hardware devices at the back end are saturated. It is worth noting that even if the IO performance is not ideal, it does not necessarily mean that the application performance will be poor. Strategies such as pre read and write cache can be used to improve the application performance.

free, memory Usage

free -m

eg:

     total       used       free     shared    buffers     cached
Mem:          1002        769        232          0         62        421
-/+ buffers/cache:          286        715
Swap:          1153          0       1153

Part I Mem line:

total Total memory: 1002
Mused Memory used: 769M
free Free memory: 232M
shared It has been abandoned,Always 0
buffers Buffer Cache memory: 62M
cached Page Cache memory:421M

Relationship: total(1002M) = used(769M) + free(232M)

Part 2 (- / + buffers/cache):

(-buffers/cache) used Memory: 286 M (Refers to the first part of the Mem In line used – buffers – cached)
(+buffers/cache) free Number of memory: 715M (Refers to the first part of the Mem In line free + buffers + cached)

It can be seen that - buffers/cache reflects the memory actually eaten by the program, while + buffers/cache reflects the total amount of memory that can be misappropriated

The third part refers to the switching partition

sar to view the network throughput status
# Here you can view the throughput of network devices with the sar command. When troubleshooting performance problems, you can judge whether the network equipment is saturated by the throughput of the network equipment.

sar -n DEV 1

#
# The sar command is used here to view the TCP connection status, including:
# active/s: the number of locally initiated TCP connections per second, i.e. TCP connections created through connect call;
# passive/s: the number of remote initiated TCP connections per second, that is, the TCP connections created through the accept call;
# retrans/s: number of TCP retransmissions per second;
# The number of TCP connections can be used to determine whether the performance problem is due to the establishment of too many connections, and further determine whether it is an actively initiated connection or a passively accepted connection. TCP retransmission may be caused by poor network environment or excessive server pressure
sar -n TCP,ETCP 1
vmstat, monitor CPU utilization, memory usage, virtual memory interaction, IO read and write at a given time
# 2 indicates that the status information is collected every 2 seconds, and 1 indicates that it is collected only once (ignored or collected all the time)

vmstat 2 1

eg:
r b swpd free buff cache si so bi bo in cs us sy id wa
1 0 0 3499840 315836 3819660 0 0 0 1 2 0 0 0 100 0
0 0 0 3499584 315836 3819660 0 0 0 0 88 158 0 0 100 0
0 0 0 3499708 315836 3819660 0 0 0 2 86 162 0 0 100 0
0 0 0 3499708 315836 3819660 0 0 0 10 81 151 0 0 100 0
1 0 0 3499732 315836 3819660 0 0 0 2 83 154 0 0 100 0
  • r indicates the running queue (that is, how many processes are really allocated to the CPU). At present, the CPU of the server I tested is relatively idle and no programs are running. When this value exceeds the number of CPUs, a CPU bottleneck will appear. This is also related to the top load. Generally, the load is higher when it exceeds 3, higher when it exceeds 5, and abnormal when it exceeds 10. The state of the server is very dangerous. The load of top is similar to the running queue per second. If the running queue is too large, it indicates that your CPU is very busy, which generally leads to high CPU utilization.
  • b represents a blocked process. I won't say much about it. Process blocking, you know.
  • If the used size of swpd virtual memory is greater than 0, it means that your machine is out of physical memory. If it is not the cause of program memory leakage, you should upgrade memory or migrate memory consuming tasks to other machines.
  • Free is the size of free physical memory. My machine memory is 8G in total, with 3415M remaining.
  • The buff Linux/Unix system is used to store the cache of contents, permissions, etc. in the directory. My local machine takes about more than 300 M
  • cache cache is directly used to remember the files we open and buffer the files. My machine occupies about more than 300 m (here is the wisdom of Linux/Unix. Part of the free physical memory is used as the cache of files and directories to improve the performance of program execution. When the program uses memory, buffer/cached will be used quickly.)
  • The amount of virtual memory that si reads from the disk every second. If this value is greater than 0, it means that the physical memory is not enough or the memory is leaked. Find the memory consuming process and solve it. My machine has plenty of memory and everything is normal.
  • so the size of virtual memory written to disk per second. If this value is greater than 0, the same as above.
  • The number of blocks received by the bi block device per second. The block device here refers to all disks and other block devices on the system. The default block size is 1024byte. There is no IO operation on my machine, so it has always been 0. However, I have seen it on the machine that processes and copies a large amount of data (2-3T). It can reach 140000/s, and the disk write speed is almost 140M per second
  • bo block the number of blocks sent by the device per second. For example, when we read a file, bo must be greater than 0. bi and bo are generally close to 0, or IO is too frequent and needs to be adjusted.
  • in the number of CPU interrupts per second, including time interrupts
  • cs the number of context switches per second. For example, when we call a system function, we need to perform context switching, thread switching and process context switching. The smaller the value, the better. If it is too large, we should consider reducing the number of threads or processes, for example, in web servers such as apache and nginx, Generally, we will conduct thousands or even tens of thousands of concurrent tests when we do performance tests. The process of selecting Web server can be lowered by the peak value of process or thread until cs reaches a relatively small value. The number of processes and threads is a more appropriate value. System calls are the same. Every time we call a system function, our code will enter the kernel space, resulting in context switching. This is very resource consuming. We should also try to avoid calling system functions frequently. Too many context switches means that most of your CPU is wasted on context switching, resulting in less time for the CPU to do serious things, and it is not advisable to make full use of the CPU.
  • The CPU time of the us user. I used to do encryption and decryption frequently on a server. I can see that the us is close to 100 and the R running queue reaches 80 (the machine is doing stress testing and its performance is poor).
  • sy system CPU time. If it is too high, it indicates that the system call time is long, such as frequent IO operations.
  • ID idle CPU time. Generally speaking, id + us + sy = 100. Generally, I think id is idle CPU utilization, us is user CPU utilization, and sy is system CPU utilization.
  • wt wait IO CPU time.

Readers who need to learn more Linux system commands can refer to: 120 common commands of Linux system

Source: Siye 1982 github. io/2016/02/25/linux-list

Topics: Java Linux Operation & Maintenance Back-end Programmer