Killing all processes associated with a particular user (e.g., pkill -u badguy) is a real winner.
The fuser command also ranks high in the list of most useful commands as it provides an easy way to figure out who or what process is using a particular file or directory.
# fuser . .: 3326c # ps -ef | grep 3326 root 3326 3319 0 21:04 pts/0 00:00:00 bash
The "c" following the process ID tells us that the current directory is, well, the current directory for process 3326. The type of access could also have been:
e executable being run. f open file. f is omitted in default display mode. F open file for writing. F is omitted in default display mode. r root directory. m mmap'ed file or shared library.
Being a long-time Unix sysadmin, I'm entitled to my moments in extreme laziness and creating an alias for the clear command allows me to clear my screen with two strokes.
I also sometimes use aliases to insert that pesky "sudo" into commands that I know I'm going to run or to forgive me if I get the commands wrong (hmm, is it useradd or adduser?).
if [ $UID -ne 0 ]; then alias reboot='sudo reboot' alias update='sudo apt-get upgrade' alias useradd='sudo /usr/sbin/useradd' alias adduser='sudo /usr/sbin/useradd' alias userdel='sudo /usr/sbin/userdel -f' alias deluser='sudo /usr/sbin/userdel -f' fi
I sure can't end this post without showing appreciation for the unalias command. This is especially useful when I'm working on systems that I don't manage. The rm command is so often aliased to "rm -i" and for good reason. Still, if I'm being my careful best, I may not want to be prompted 87 times to assure the system that, yes, I really mean to delete the files I am asking it to delete. The easy turning off of even a well-meant alias keeps me calm.