A Linux User Reference

Search tips
  • search ignores words that are less than 4 characters in length
  • searches are case insensitve
  • if a search does not return anything try it in Boolean mode then Query expansion mode by checking the appropriate radio button e.g. searching for 'cron' in just the Administration category returns nothing - presumably because the 50% threshold is reached. Boolean mode ignores this threshold so a search for 'cron' returns several hits
  • in Boolean mode preceding a word with a '+' means the result must include that word, a '-' means it must not
  • in Boolean mode '+crontab -anacron' means match articles about crontab that DO NOT mention anacron
  • to match a phrase e.g. 'manage system' check the Boolean mode radio button and enclose the phrase in quotes "some phrase ..."
  • in Query expansion mode the search context is expanded beyond the keywords you entered - relevancy of hits may well be degraded


Common tasks

  • Print or set the system date,time
    • Must specify at least month, day, hour, and minute in MMDDhhmm format.
    • See man page for all formats.

    Setting and viewing the system date and time

    # date 0709221407
    Mon Jul 9 22:14:00 EDT 2007
    $ date
    Fri Apr 17 18:04:23 BST 2009
    $ date -u
    Fri Apr 17 17:04:47 UTC 2009
    $ date '+%a %b %d %H:%M:%S %Z %Y'
    Fri Apr 17 18:10:19 BST 2009
    $ date +%c
    Fri 17 Apr 2009 18:12:28 BST
    $ date +%a" "%D
    Fri 04/17/09
  • Query or set the hardware clock

    Synchronise system time with the hardware clock

    # hwclock -s

    Synchronise hardware clock with the system time

    # hwclock -w
  • System drift
    • Hardware and system clock drift further and further apart over time.
    • '/sbin/hwclock' keeps track of changes made to the hardware clock in order to compensate for inaccuracies in the clock frequency.
    • The necessary data points are kept in /etc/adjtime, which is an ASCII file.

    Compare the software and hardware clocks

    $ date; hwclock
    Fri Apr 17 15:00:11 BST 2009
    Fri 17 Apr 2009 15:00:16 BST -0.636836 seconds

    Display or set kernel time variables - /sbin/adjtimex

    • If not using the Network Time Protocol, you can use this.
    • Compensates for clock drift.
    • Anyone may print out the time variables, but only the superuser may change them.
    adjtimex [options]
  • Network Time Protocol (NTP)
    • A protocol to synchronise computer clocks over a network.
    • Synchronisation is usually to UTC Internet time servers, these are organised into strata.
    • A relatively small number of stratum 1 servers maintain very accurate time from a source such as an atomic clock.
    • A larger number of stratum 2 servers get their time from stratum 1 servers and make it available to an even larger number of Stratum 3 servers and so on.
    • To ease the load on time servers, a large number of volunteers donate time services through
    • Round robin DNS servers accomplish NTP load balancing by distributing NTP server requests among a pool of available servers.
  • Ubuntu default configuration

    Sample configuration file

    # Permit time synchronisation with time source, but do not permit
    # the source to query or modify the service on this system.
    restrict default kod nomodify notrap nopeer noquery
    restrict -6 default kod nomodify notrap nopeer noquery
    # Permit all access over the loopback interface
    restrict -6 ::1
    # Hosts on local network are less restricted.
    #restrict mask nomodify notrap
    # Use public servers from the project
    server dynamic
    server dynamic
    server dynamic
  • NTP daemon

    Performs the following tasks:

    • Synchronises the PC clock with a remote NTP server
    • Allows synchronisation from other NTP clients
    • Adjusts (slews) the rate of the kernels clock tick so that it tends to keep the correct time
    • Reads time synchronisation data from Administration time sources such as GPS receivers
    • '/usr/sbin/ntpdate' sets time and date via NTP. Deprecated, functionality replaced by 'ntpd -q'
    • '/usr/sbin/ntpq' standard NTP query program
    • '/usr/sbin/ntpdc' extended version of 'ntpq'. Only likely to work if talking to ntpd of same version
  • NTP trace utility

    Trace a chain of NTP servers back to the primary source

    # ntptrace
    Localhost: stratum 4, offset 0.0019529, synch distance 0.144135 stratum 2, offset 0.0124263, synch distance 0.115784 stratum 1, offset 0.0019298, synch distance 0.011993, refid WWVB

    '-n' option results in no name resolution

  • Running perl scripts

    The Perl language

    • Practical Extraction and Report Language.
    • Perl is a language optimised for scanning arbitrary text files, extracting information from those text files and printing reports based on that information.
    • It's also a good language for many system management tasks.

    Use perl instead of a shell

    $ cat
    #!/usr/bin/perl -w
    $ ./
    Fri May 15 16:13:25 BST 2009
  • Using the perl interpreter directly
    $ cat file4                        (A text file with perl command in it)
    $ perl -w file4                    (Get perl to execute the command, display any warnings)
    Fri May 15 16:13:35 BST 2009
    $ cat file5
    use strict;                        (Use the strict module)
    $ perl -w file5
    Fri May 15 16:20:31 BST 2009
    $ perl -wT file5                   (Security related warnings displayed)
    Insecure $ENV{PATH} while running with -T switch at file5 line 2.
  • Install perl modules

    Comprehensive Perl Archive Network (CPAN)

    • CPAN handles dependencies and download locations in an automated manner.
    • Has both an interactive shell and a command-line operation.
    • To configure run the interactive shell once (first time), will be prompted for configuration options.

    Interact with CPAN from the command line

    # cpan -i DNS                        (Install DNS module)
    # cpan
    cpan> install Net::DNS               (Install DNS module)
    # perl -MCPAN -e shell
    readline support enabled 
    cpan> i /DNS/                        (Search/look for a module to support DNS)
    cpan> install Net::DNS               (Install DNS module)
    # perl -MCPAN -e install Net::DNS    (Install DNS module)

    There are several command line options

  • Find the process ID of a running program

    If the system has a start-stop-daemon program that should be used instead.

    Is a program running?

    # pidof sshd 
    # ls /var/run|grep .pid 
    # /etc/init.d/sshd status 
    sshd (pid 2038) is running... 
    # ps -ef | grep sshd                                     (Returns it's own command)
    root  26690  1  0 17:16 ?    00:00:00 /usr/sbin/sshd 
    root  27034 21296  0 17:29 pts/0    00:00:00 grep sshd 
    # ps -ef | grep ss[h]d                     (Regex mangling)
    root  26690  1  0 17:16 ?    00:00:00 /usr/sbin/sshd

    Send mail if a program is not running

    # if ! pidof sshd >>/dev/null;    \
    then echo "sshd not running " | /bin/mail -s "Catastrophe" mark; fi

    The above as a cron script

    if pidof sshd >/dev/null
         :;       # Is running so ok
         /usr/sbin/sendmail -t <<EOM
    Subject: sshd not running
    sshd is not running on $(uname -n)
  • Display information about logged in users
    /usr/bin/w, who

    'w' and 'who' are interchangeable.

    Determine who is currently logged in

    # w 
     17:42:21 up  5:44,  1 user,  load average: 0.00, 0.02, 0.00 
    USER     TTY      FROM     LOGIN@   IDLE   JCPU   PCPU WHAT 
    mark     pts/0    :0.0     14:23    0.00s  0.59s  7.26s gnome-terminal 
    # who 
    mark     pts/0    2008-01-05 14:23 (:0.0)

    Example script

    # Parse the output of the 'who' command to 'awk'
    who | awk '
    BEGIN {} 
        { FROM="locally";
          users++; } 
        /^mark.*[^:0.0]\)$/ { FROM="from "$5; } 
        /^mark/             { print "mark: logged in at "$3" "$4" "FROM; mark++; } 
    END { print "mark: logged in "mark" times. "; 
          print "Total users: "users; 

    Output when the above script is run

    mark: logged in at 2008-01-05 14:23 locally 
    mark: logged in at 2008-01-05 18:23 locally 
    mark: logged in at 2008-01-05 19:44 from (g86local) 
    mark: logged in 3 times. 
    Total users: 3
  • List last logged in users, bad login attempts
    /usr/bin/last, lastb

    Display logins recorded in /var/log/tmp

    # last 
    mark     pts/0        :0.0             Sat Jan  5 14:23   still logged in   
    mark     :0                            Sat Jan  5 11:59   still logged in   
    reboot   system boot  Sat Jan  5 11:58          (05:56)    
    mark     pts/0        :0.0             Fri Jan  4 13:06 - 14:41  (01:35)    

    Display the last 5 lines of login entries including shutdown and runlevel change entries

    # last -x -n 5 
    mark     pts/0        :0.0             Sat Jan  5 14:23   still logged in   
    mark     :0                            Sat Jan  5 11:59   still logged in   
    runlevel (to lvl 5)  Sat Jan  5 11:58 - 18:01  (06:03)    
    reboot   system boot  Sat Jan  5 11:58          (06:03)    
    shutdown system down  Fri Jan  4 14:42 - 18:01 (1+03:19)
  • Compare two files

    By default, 'cmp' is silent if the files are the same, if different the byte number and the line at which the FIRST difference occured is displayed.

    Exit status

    0      - The files are identical
    1      - The files are different
    >1     - An error occurred

    Usage examples based on the following two files

    # file1              #file2
    1                    1
    2                    4
    3                    3
    4                    2

    Compare file1 with file2

    $ cmp  file1 file2
    file1 file2 differ: byte 3, line 2
    $ cmp -b file1 file2
    file1 file2 differ: byte 3, line 2 is  62 2  64 4
    $ cmp -bl file1 file2
    3  62 2     64 4
    7  64 4     62 2
    $ cmp -l file1 file2
    3  62  64
    7  64  62
  • Find differences between two files

    Exit status

    0      - No differences were found
    1      - Some differences were found
    2      - Trouble

    Find differences between file2 and file2

    $ diff file1 file2
    < 2
    < 3
    > 3
    > 2
    $ diff -y file1 file2
    1          1
    2         <
    3         <
    4          4

    Examples based on the same two files used previously.

  • Notification via locally connected ascii terminal

    For a locally connected ascii terminal, the message is displayed before (above) the login prompt. Often used for Indemnification notices.

    Fedora default /etc/issue configuration

    Fedora release 7 (Moonshine)
    Kernel \r on an \m
  • Notification via remotely connected ascii terminal

    As for /etc/issue but for a remotely connected ascii terminal, visible if connecting via telnet.

    Fedora default /etc/ configuration

    Fedora release 7 (Moonshine)
    Kernel \r on an \m
  • Message of the day
    • Idea was to get messages to users using less disk space than an email.
    • Displayed after a successful logon.

    Ubuntu default /etc/motd configuration

    Linux dnssvr 2.6.24-23-generic #1 SMP Wed Apr 1 21:47:28 UTC 2009 i686

    On Debian/Ubuntu

    • Message Of The Day is generated a fresh on each boot.
    • To modify, add any notification message to _/etc/motd.tail
    • Not all escape characters work.
    • Will come into effect on next boot

    Escape characters common to 'motd', 'issue' and ''

    Character Description
    \d Insert current date
    \m Machine architecture e.g. x86_64
    \n Node/hostname
    \o Domain name
    \r Kernel release number
    \s System/os name
    \t Current time
    \u Number of current users logged on, does not insert the number
    \v OS version number
    \U Insert string "n users" where n=no. of users, does not insert the number
  • Send a message to all
    • Send a message to everybody logged in who has their 'mesg' permission set to 'yes'.
    • Use contents of a file as the message text or use stdin.

    Send a message to all logged in users

    $ echo "System will be shutting down soon .." | wall
    Broadcast Message from mark@ub-desktop                                         
            (/dev/pts/0) at 11:56 ...                                              
        System will be shutting down soon ..
  • Quota limits

    The root/top level directory of each filesystem has up to five types of quota limits.

    Limit type Description
    Per user soft Once exceeded, warning sent to user. Can write to disk until hard limit is reached
    Per user hard Maximum amount of space allowed. Once used up cannot write to disk
    Per group soft Warnings sent to all logged in group members once limit is reached
    Per group hard No group member can write to disk once reached
    Grace period Starts when a soft limit has been reached. After grace period expires the soft limit acts as a hard limit until enough space is freed up to satisfy the soft limit
  • Enable, disable configured quotas
    /sbin/quotaon, quotaoff
    • With the '-a' flag all quota configured filesystems in /etc/fstab, except those with noauto option, will be enabled/disabled.
    • The '-a' flag is usually used at boot/shutdown.
    • A Filesystem can be stipulated as either device name or mount point.

    Turn on user quotes for '/home' filesystem if configured

    # quotaon /home

    Print state – whether on or off

    # quotaon -p /home 

    Turn off all user and group quotas for filesystems in '/etc/fstab'

    # quotaoff -a

    Turn off group quotas for '/home'

    # quotaon -f -g /home

    Can be used with the '-f' flag to behave in the same manner as 'quotaoff'. It enables/disables both user and group quotas.

  • Other quota commands

    Check quotas. Behaves as quotaon but checks user and or group quotas.


    Display quota disk usage and disk quotas.


    Modify user or group quotas.


    Print a summary of the disk usage and quotas.

  • Enabling quotas
    a checklist
    • To enable quotas a filesystem needs to be configured for quotas i.e. mounted with the usrquota and or grpquota option(s).
    • Quota files (user.quota, group.quota for version1; aquota.user, for version2) must be in the specified filesystem.
    Step Action
    (1) Edit /etc/fstab to include 'usrquota' and or 'grpquota' in the selected filesystem's mount options field
    (2) Create/touch the quota DB files (user.quota, group.quota or aquota.user, for version2) in the top-level/root directory of each filesystem
    (3) Set DB file ownership to root, permissions to 600 or 644 if you want user and groups to read quotas or run 'quotacheck -ac' to create DB files
    (4) Run 'quotacheck -av' to initialise the DB files
    (5) Check that DB files exist and are greater than zero length
    (6) Enable quotas with 'quotaon -a'
    (7) Add an entry to crontab to periodically check using '/sbin/quotacheck -a'