ACCOUNTING
/var/adm/utmp currently connected user access info/var/adm/utmpx new, extended format of utmp
/var/adm/wtmp historical connect-time info logged here (if file exists)
/var/adm/wtmpx extended format of wtmp
ac summarizes connect-time data in wtmp file
who -b time and date of last system boot
ADMIN GUIs
admintool Solarislinuxconf Linux
SAM HP-UX
smit AIX; (smitty for curses version)
BACKUP AND RESTORE
When you apply a tape command to the /dev/rmt/0 device, it automatically rewinds the tape; to prevent rewinding, specify the “don't rewind” version of the device name, i.e. /dev/rmt/0n. You have to position the tape (using mt) at the correct file before using ufsrestore file one section on a tape delineated by EOF marks; can contain multiple UNIX files; numbered from 0volume tape; numbered from 1
mt -f /dev/rmt/0n rewind rewinds the tape
mt -f /dev/rmt/0 offline ejects the tape
mt status prints status info about tape drive, e.g. "Exabyte EXB-8500 8mm Helical Scan tape drive...file no= 0 block no= 0"; defaults to -f /dev/rmt0
mt -f /dev/rmt/0n fsf N position the tape at the beginning of the N'th next file
mt -f /dev/rmt/0n bsf N position the tape at the beginning of the N-1'th previous file
tar –cf archive file(s) creates a tar archive containing all the specified files
-t list file(s) in archive
-u append file(s) to existing archive (“update”)
-v print one line for each file processed (“verbose”)
-x extract file(s) from archive
ufsdump 0bf 126 /dev/rmt/0n filesystem performs a level 0 dump of filesystem to tape device /dev/rmt/0n, writing 126 512-byte
blocks per write
ufsrestore tf /dev/rmt/0n writes a TOC (list of every UNIX filename after the previous EOF mark on the tape) to stdout
ufsrestore if /dev/rmt/0n interactive pseudo-shell for marking and extracting UNIX files; cd into directory containing file to restore; add
filename; extract (can take a long time); quit
ufsrestore xf /dev/rmt/0n PATH-TO-FILE extracts PATH-TO-FILE (relative to dump root, i.e. no leading '/') to directory structure created
below your PWD; PATH-TO-FILE can be the name of a directory which will be recursively restored
COMMANDS (STANDARD)
cat file show contents of FILE-vet show special characters
cd dir change to directory DIR
- change to previous directory
chgrp group file change group ownership of FILE to GROUP; optional argument –R for recursive
chmod perm file change permissions of FILE to PERM; PERM = OGA (Owner-Group-All), 4=Read, 2=Write, 1=Execute; optional argument –R
for recursive
chown user[:group] file change ownership of FILE to USER (and optionally GROUP); optional argument –R for recursive
comm -
comp -
compress -
cpio -
df -k show filesystem utilization in KB
diff compares two text files and lists which lines differ; to create a patchable file, use LC_ALL=C TZ=UTC0 diff –Naur fname.orig fname
> diff.out
dos2unix -437 Solaris command to convert DOS text files to UNIX text files. The ‘-437’ arg suppresses msg about keyboard type (obscure Solaris
bug ID 3002342).
du -k show disk usage in KB
eval list execute the commands in list (e.g. `cat mycmds`)
file FILENAME print file type of FILENAME
find DIR options find files; options:
-exec CMD {} \; run CMD (e.g. grep) on each matching file; if CMD is grep, use with -print
-mtime [+-]N find files that were modified more than (+), less than (-), or exactly N days (24 hr intervals) ago
-name STRING search by file name; enclose strings containing wildcards (e.g. *) in double quotes
-print print names of files that match search criteria
-size Nk search for files at least N kilobytes in size
-type d search for directories
-type f search for plain text files
head -
kill -SIG PID send process PID the signal number SIG (1 HUP, 2 INT, 3 QUIT, 9 KILL, 10 USR1, 15 TERM)
ln -s SRC DEST creates symbolic link from DEST to SRC; without the –s, it creates a hard link. Use ls –l to see the number of hard links to a
file.
logger MESSAGE send MESSAGE to syslogd
-f filename use contents of filename as message
-p facility.level label for message
-t TAG arbitrary label for message
ls list files
-a all files, including hidden files (leading ‘.’)
-l long list (permissions, ownership, timestamp, size)
man NAME view manual page for topic NAME; options:
-F force search of MANPATH rather than use windex
-a display All pages matching the specified name (Solaris?)
-f display one-line summary of each page matching the specified name (Solaris?)
more FILE show contents of FILE a screen-full at a time
mv rename a file
nroff –man MANFILE view formatted man file
rm delete a file
-r recursively delete all subdirectories
od –t c filename print filename contents as printable ASCII (“octal dump”)
patch <>
DIAGNOSTICS/TROUBLESHOOTING
Solaris
dmesg -DISKS/FILESYSTEMS
HP-UX
bdf concise form of df –kHP-UX
ioscan –funC disk lists disk descriptions and device paths (e.g. /dev/disk/c0t2d0)
mount /dev/dsk/c0t2d0 /cdrom CD-ROM must be mounted manually
RedHat
/etc/fstab list of filesystems to be mounted at startupSolaris
partition /dev/[r]dsk/cCtAd0sPC = controller number
A = SCSI target address
P = partition number
/etc/auto_master list of filesystems controlled by the automountd daemon; comment out (#) the /home entry to enable access to home
directories on system boot
/etc/mnttab list of filesystems currently mounted
/etc/vfstab list of filesystems to be mounted at startup
format menu-driven disk maintenance utility; use the verify menu option to view partition (slice) allocations
mount print partitions and mount points
prtvtoc PARTITION print volume table of contents
swap -s print size of swap space
umount unmounts a filesystem
DNS
/etc/hosts assigns hostnames/aliases to IP addrs/etc/host.conf governs behavior of resolver code (e.g. ‘order hosts,bind’)
/etc/networks assigns names to IP network addrs
/etc/nsswitch.conf governs behavior of resolver code (Solaris)
/etc/resolv.conf specifies name servers this host uses
nscd Name Service Caching Daemon provides a cache for the most common name service requests (e.g. hosts, passwd, group, etc)
FILTERS (used between pipes)
awk ’BEGIN{} BODY END {}’ where BEGIN and END are optional, and BODY consists of zero or more pairs of /PATTERN/ {ACTION}RS=”” paragraph, not line, is a record; like perl -00
NR Number of Records
cut extract fields from lines (-c or –f must be specified):
-c LIST character positions to extract, comma-separated (ranges also permitted)
-d“DELIM” fields separated by DELIM; default is tab
-f LIST numbers of fields to extract, comma-separated
egrep -e “REGEXP” print lines containing regular expression REGEXP; uses same flags as grep
fuser file|dirname list processes using a file
grep “STRING” print lines containing string; double quotes optional if STRING contains no whitespace
-c count number of lines containing target string
-i ignore upper/lower case distinction
-l (ell) only print name of file containing match
-v exclude lines containing target string
join perform a database-like join on two files
perl flags useful for writing one-liners:
-00 (zero zero) make blank line the record separator (default is newline)
-e “SCRIPT” execute SCRIPT
-i.bak FILE edit FILE in place and save original with .bak extension
-l (ell not one) auto chop/add line terminator
-ne “SCRIPT” execute SCRIPT inside a while loop
-pe “SCRIPT” execute SCRIPT inside a while loop and print $_ implicitly at bottom of loop
$. line/record number
$? return code from `cmd` or system() (use $?>>8 to get real return code)
sed “s/TARGET/REPLACE/g” substitute each occurrence of TARGET with REPLACE; an ampersand in REPLACE will be replaced with the string
matching TARGET
sort sort the lines in file
-kBEGIN,END sort on key fields BEGIN to END
-n reverse sort by initial numeric string (having optional leading whitespace)
-r reverse sort (hi to lo); default is lo to hi
-t”DELIM” fields separated by DELIM; default is space
-u unique; print only one line if >1 line has same key
uniq print one copy of each (possibly repeated) line; input must be sorted
-c precede each line with number of occurrences
-d suppress non-repeated lines
HARDWARE
HP-UX
model lists server modelHP-UX
Intel
BIOS Configuration From cold boot, press DEL several times during memory countSolaris
/usr/sbin/prtconf show s/w peripheral devices/usr/sbin/psrinfo -v show how long processor(s) have been up (time of last boot), clock speed, position (ordinal number)
/usr/platform/`uname –i`/sbin/prtdiag -v show model, number/speed/cache size of CPUs, memory, various h/w diagnostic info
Sparc
STOP+A EPROM break sequenceINSTALLING SOFTWARE
Any
www.netbsg.org/docs/pkgsrc Package SourceHP-UX
swlist –l product lists all installed software and patchesRedHat
RedHat Package Manager (RPM); tool to manage software package installationrpm –e package_name remove an installed package
rpm –i package.rpm installs a new package
rpm –qa show all installed packages
rpm –qf filename show package that owns filename
rpm –ql show files in an installed package
rpm –qpi package.rpm shows description of uninstalled package
rpm –U package.rpm upgrades currently installed package to new version (contained in package.rpm)
yum is an interactive, automated update program which can be used for maintaining systems using rpm
Solaris
www.sunfreeware.com Binary and source packagesOS patches can be retrieved from www.sun.com -> Download Center -> SunSolve Patches.
/usr/bin/showrev -p lists all installed patches
/usr/bin/unzip –d . patch.zip Extracts ZIP archive with PWD as top level dir (-l lists files in the archive). Starting with Solaris 7, patches
are provided in ZIP format. Use this command to unarchive a patch while in /var/spool/patch
/var/sadm/patch directory containing files replaced by applying a patch
/var/spool/patch conventional directory for storing installable patch files
patchadd /path/to/patch installs an OS patch
-p lists patches currently applied
pkgadd –d /path/filename.pkg installs a package
pkginfo displays package information
KERNEL
HP-UX
/stand/vmunix the kernelRedHat
How to build new do the following:cd /usr/src/linux go to top of source code tree
make menuconfig specify contents of kernel
make dep determine src code compilation dependencies
make clean remove old object files
make bzImage compile kernel
mv /boot/bzImage /boot/bzImage.old save kernel
mv arch/i386/boot/bzImage /boot install kernel
make modules compile kernel modules
make modules_install install kernel modules
update /etc/lilo.conf add new kernel to boot list
/sbin/lilo install updated boot list
kmod does the same thing as kerneld except doesn’t need an external program
/boot/bzImage the kernel
/lib/modules/kernel_version module repository
/sbin/depmod determines module dependencies; usually run in system startup script
/sbin/kerneld daemon that loads modules on-demand
/sbin/modprobe extension of (wrapper around) insmod
/sbin/rmsmod unload module from running kernel
Solaris
/kernel contains all common components needed to boot the system/platform/architecture-name/kernel contains components needed for a specific architecture (e.g. i86pc, sun4u)
/platform/model-name/kernel contains components needed for a specific model (e.g. Ultra-30, Ultra-Enterprise)
/usr/kernel contains components common to all model with a particular instruction set
MAIL/SENDMAIL
/etc/aliases email alias configuration file/usr/bin/newaliases must be run to “activate” changes to /etc/aliases; symbolic link to /sbin/sendmail (on Redhat)
FILES – mail files, show/clear queue
mail –f read contents of mbox rather than system mailbox
mailx USER send a mail message to USER
-s “SUBJECT” specify a subject line
NETWORKING
Devices Linux network devices are created dynamically by the device driver (i.e. there’s no device in /dev). Ethernet DD creates and numbers interfaceseth0..n when it detects the Ethernet hardware
/etc/inetd.conf specifies inetd’s sub-servers
/etc/protocols specifies protocol numbers
/etc/services specifies which TCP/UDP port number a service (program) listens on
arp -a show ARP cache
ethereal X- or MS-Windows packet capture/display app; to view binary snoop capture, use snoop –o filename
ifconfig interface netmask mask addr show, configure, (de-)activate an IP interface
ndd –get /dev/ce \? show network device driver settings
ndd –set /dev/ce attribute value set network device driver settings
netstat show network statistics
-n show network numbers rather than hostnames
-r routing table
-s statistics per protocol
tcpdump [options] trace traffic; options include:
–i interface restrict trace to interface
–s X capture X number of bytes of packet
–x display packet in hex
expression (connect with and, or)
icmp abbrev for ip proto icmp
[src|dest] host ip -
HP-UX
ifconfig lan0 shows IP interfaceOpenBSD
/etc/hostname.fxp0 defines interface IP addr/etc/mygate defines machine’s default route
/etc/myname defines machine’s hostname
RedHat
/etc/rc.d/init.d/network interface and routing configuration script run at system startup/etc/sysconfig/network basic network configuration file referred to by /etc/rc.d/init.d/network
/etc/sysconfig/network-scripts config files for individual interfaces; specify device name IP, mask, n/w addr, bcast addr
/proc/net/route raw (hex) routing table
/usr/bin/netcfg network configuration script
ping IP_or_Name send continuous stream of echo request packets to IP_or_Name; responds with round-trip time; stop with Ctrl-C (prints % pkt loss,
round-trip avg/min/max); specify number of ping with –c X argument.
route add default gw IPaddr create default route
Solaris
sys-unconfig supported way to reconfigure networking; requires a reboot/etc/defaultrouter defines default gateway
/etc/hostname.hme0 defines IP address of this interface; can contain hostname which must be defined in /etc/hosts
/etc/netmasks defines the netmask for each network represented by an interface
ping IP_or_Name send single echo request packet to IP_or_Name; responds with “is alive” or “no answer”.
plumb -
route add default IPaddr create default route
snoop traffic capture utility (similar to tcpdump)
-o filename save captured packets in filename
-P non-promiscuous mode
-V summary display of headers
-v verbose display of headers (decodes and interprets each field)
-x 0 display entire pkt contents in hex and ASCII
host name trace to/from name
icmp|udp|tcp trace ICMP, UDP or TCP packets only
ipaddr trace to/from addr
macaddr trace to/from macaddr
port port trace to/from port (number or name from /etc/services)
Useful Example
snoop –v –x 0 8:0:20:7d:4d:6c
unplumb -
NFS
Solaris
/etc/dfs/dfstab list of share commands to be run at startup/etc/init.d/autofs starts and stops automountd
/etc/rmtab list of remote hosts which have one of my filesystems mounted
/usr/lib/nfs/mountd runs on NFS server; answers requests from NFS clients to mount a server’s filesystem
/usr/lib/nfs/nfsd runs on NFS server; answers requests from client’s biod for files on a previously mounted filesystem
share –F nfs –o rw /dirname make dirname available to all remote hosts for mounting w/RW permission
PCMCIA
RedHat
Modules If modules loaded correctly, lsmod will say:ds 5640 2
i82365 15452 2
pcmcia_core 30012 3
and /var/log/messages should say “host controller found with X sockets detected”
/etc/rc.d/init.d/pcmcia system startup script
/etc/pcmcia/config database of known card types
/etc/pcmcia/config.opts specifies various h/w parms
/etc/pcmcia/network.opts specifies network parms
/etc/sysconfig/pcmcia boot options; PCMICA variable should be “yes”
/var/lib/pcmcia/stab device info for each socket
cardctl config show status/config of sockets
cardctl ident show card ID
PERFORMANCE
iostat -prstat Solaris 8 equivalent of top
sar -
top comprehensive, continuously updated, system resource monitoring freeware program; ASCII based
vmstat -
w -u -
PROCESSES
CPU statesnohup command & tells command to ignore the HUP signal which is sent by the controlling shell/tty to all child processes; alternatively, use the
syntax ( command & ) which immediately orphans the process so that it becomes a child of init (PID 1)
OpenBSD
ps -ax list all processesRedHat
ps list processesa all processes with a tty
x all processes without a tty
e show environment
-e show all processes (format: pid, tty, time, cmd)
f ASCII-art process hierarchy (forest)
o user-specified format, e.g.:
%U effective user
%p PID
%P PPID
%a command and arguments
u user-oriented format (user, pid, %cpu, %mem, …, cmd)
--cols NUM set screen width
Solaris
pgrep -l find and list processes by namepkill kill processes by name
ps show running processes
-e all processes
-f full list (pid, ppid, owner, size)
SECURITY
/etc/default/login the CONSOLE statement, if uncommented, forbids remote access by root/etc/ftpusers specifies usernames denied ftp login access
/etc/hosts.allow specifies hosts/users allowed to access various network server processes
/etc/hosts.deny specifies hosts/users forbidden access to various network server processes
/etc/hosts.equiv system-wide rhosts file
/etc/passwd contains user names and IDs; account:password:UID:GID:GECOS:directory:shell
/etc/securetty specifies ttys on which root can login
/etc/shadow contains encrypted passwords; username:pswd:lastchg:min:max:warn:inactive:expire:flag
/etc/shells specifies valid shells (other than the system std shells like /bin/sh); ftpd reads this file to determine whether to allow a user to log
in based on the validity of the user’s shell
SERIAL COMMUNICATIONS
tip simple terminal emulatorSPECIAL CHARACTERS
\c suppress \n at end of line, e.g. /bin/echo “Enter y/n: \c”; alternatively, use /usr/ucb/echo -n\n newline
\t tab
\X “escape” (turn off) meaning of special character X (below)
\\\\ literal backslash
# (begin comment)
; separate commands on the same line
| “pipe”; send output of one command to input of another
<> redirect output (stdout) to a file (overwrite)
>> redirect output (stdout) to a file (append)
2>&1 redirect error output (stderr) to a same file as stdout
& run program in background
SYSLOG
/etc/syslog.conf entry = SELECTOR SELECTOR = FACILITY[,FACILITY …].LEVEL …
ACTION = FILENAME | @HOSTNAME | USERNAME. (FILENAME must exist; syslogd won’t create it).
FACILITY = kern, user (default if not specifiy), mail, daemon (system daemons), auth (system security), lpr, news, uucp, cron, mark (timestamp),
local0-7, syslog, authpriv (private security), ftp, * (all except mark)
LEVEL = emerg (0), alert (1), crit (2), err (3), warning (4), notice (5), info (6), debug (7), none (suppress msg); a msg is accepted if its level is >= the
level config’d for the facility in syslog.conf
kill –HUP `cat /etc/syslog.pid` tell syslogd to close files, re-read config and start again
exported), 3 (extended multi-user mode, network resources exported), 4 (customizable multi-user mode, not normally used), 5 (shutdown), 6
(shutdown and reboot), Q/q (re-examine /etc/inittab), S/s (single-user mode, only level not requiring /etc/inittab), a/b/c (pseudo-states
that don’t change current run level, process only those /etc/inittab entries having a run level of a,b or c)
/etc/lilo.conf Linux boot loader config file
/etc/rc.d/rc3.d/* server initialization scripts
/var/log/messages system log file
/bin/dmesg display bootup messages
/sbin/lilo installs config specified in lilo.conf
/sbin/shutdown [-r|-h] now shutdown immediately and reboot or halt
/etc/init.d/* initialization and termination scripts for init state changes; linked to rc?.d directories where appropriate
/etc/rc0.d/* server initialization scripts
/etc/rcS.d/* initialization scripts for when the init state changes to single-user mode (run level S)
/sbin/rc2 run by init when state changes to run level 2
/var/adm/messages system log file
/usr/sbin/shutdown –y –g0 –i6 shutdown immediately and reboot; -i5 means power off
sys-unconfig un-configures basic system information (such as hostname, IP address, netmask, domain name, DNS servers, time zone, root password);
when system reboots, user is prompted to provide each individual piece of info (alternative to manually configuring each file); does NOT add default
gateway
lsof list open files:
FILENAME list processes accessing FILENAME
FILESYSTEM list processes accessing FILESYSTEM
-c PROCESSNAME list files accessed by PROCESSNAME
-i list all processes (and port numbers) with open socket
-iTCP@MACHINE:PORT list processes with connection to MACHINE (hostname or IP address) at PORT
-p PID list files accessed by process PID
-P no Port names
Useful Examples
lsof -i | grep "TCP..:telnet"
lsof -i –P | grep "TCP..:23"
sudo -
uncat -
to allow su to root
useradd –u UID –g GID –d homedir –s /bin/bash USER create user login account
userdel USER deletes account
passwd –e USER prompts for new login shell
useradd –u UID –g GID –d homedir –s /bin/ksh USER create user login account
userdel USER removes a user login account
$HOME/.Xdefaults -
$HOME/.Xresources -
$HOME/.fvwmrc user-customized window manager config file; overrides system.fvwmrc
/etc/X11/XF86Config X server config file (e.g. video scan rate)
/usr/lib/X11/fvwm/system.fvwmrc system-wide default window manager config file; describes mouse and button bindings, colors, virtual
display size, etc.
$HOME/.xinitrc user-customized window manager startup script; overrides xinitrc
/etc/X11/xinit/xinitrc shell script that starts initial X-clients and window manager
/usr/X11R6/bin/startx shell script to launch X-Windows with configured window manager; wrapper around /usr/X11R6/bin/xinit
/usr/X11R6/bin/xf86config program to configure X server (RedHat)
Ctrl-Alt-Backspace kill X server
Ctrl-Alt-Numeric +/- switch video modes listed on the Modes line of the Screen section of the XF86Config file
No comments:
Post a Comment