8 favorite Unix admin tricks and time-savers
With the clocks turned back and the Big Vote about to happen, I'm up for a bit of nostalgia. And nothing pleases me more than doting on some of my favorite Unix commands, aliases and "tricks".
Probably my all-time favorite is top. Even with commands like prstat and sar on some of the systems I use routinely, top is there with a quick answer and is nearly, if not completely, ubiquitous. A quick check of a system with top tells me a lot about the system's performance. And, of all the output available through top, the load average gives me some of the best insights. If see something like this on the top line of my top output, I know the system is carrying a very light load. The one-, five, and fifteen-minute load averages provide a quick glimpse into whether processes are queueing up for access to the CPU. With numbers like these, I can tell that a process is waiting only once in a while -- maybe every 8th or 3rd time the system checks. I can also tell that the load is getting a little lighter (though keep in mind that the past 15 minutes doesn't give us a very long time span to examine).
load average: 0.13, 0.21, 0.35
Various find commands have come to my rescue time and time again. Whether I'm searching for especially large files with a command such as this:
# find /var -size +1000000 -ls
or looking for large directories with a command such as this that identifies directories, calculates their sizes and shows them to me in largest-first order:
# find . -maxdepth 1 -type d -print | xargs du -sk | sort -rn 2526744 . 932688 ./share 722228 ./lib 370316 ./local 248664 ./src 203512 ./bin 25440 ./sbin 18796 ./include 596 ./games 92 ./lib64
find helps track down the source of many file system too full problems.
For determining what services are running, there's the netstat command. I only recently discovered that I could stop doing "netstat -an | grep LISTEN" in favor of "netstat -l". If I want to see ports in the LISTEN state, but not the active domain sockets (i.e., the LISTENING lines) as well, I might use an alias like this one:
listen='netstat -l | grep "LISTEN "'
Another very useful command is md5sum. This command helps to verify the integrity of files by generating a reliable checksum. Just knowing that two files are the same size doesn't tell you whether they're identical. If they're on the same system, you can always run a diff (diff file1 file2), but md5sum can tell you if they're the same even when they're on systems separated by thousands of miles.
The pkill command is also one the most handy Unix admin commands that I know. Being able to kill processes by their names rather than having to provide process IDs saves me time. Killing all processes associated with a particular user (e.g., pkill -u badguy) is a real winner.
The fuser command also ranks high in the list of most useful commands as it provides an easy way to figure out who or what process is using a particular file or directory.
# fuser . .: 3326c # ps -ef | grep 3326 root 3326 3319 0 21:04 pts/0 00:00:00 bash
The "c" following the process ID tells us that the current directory is, well, the current directory for process 3326. The type of access could also have been:
e executable being run. f open file. f is omitted in default display mode. F open file for writing. F is omitted in default display mode. r root directory. m mmap'ed file or shared library.
Being a long-time Unix sysadmin, I'm entitled to my moments in extreme laziness and creating an alias for the clear command allows me to clear my screen with two strokes.
I also sometimes use aliases to insert that pesky "sudo" into commands that I know I'm going to run or to forgive me if I get the commands wrong (hmm, is it useradd or adduser?).
if [ $UID -ne 0 ]; then alias reboot='sudo reboot' alias update='sudo apt-get upgrade' alias useradd='sudo /usr/sbin/useradd' alias adduser='sudo /usr/sbin/useradd' alias userdel='sudo /usr/sbin/userdel -f' alias deluser='sudo /usr/sbin/userdel -f' fi
I sure can't end this post without showing appreciation for the unalias command. This is especially useful when I'm working on systems that I don't manage. The rm command is so often aliased to "rm -i" and for good reason. Still, if I'm being my careful best, I may not want to be prompted 87 times to assure the system that, yes, I really mean to delete the files I am asking it to delete. The easy turning off of even a well-meant alias keeps me calm.