Terminal basics Sysadmin skills................
20 terminal commands that all Linux web server admins should know.
Discover the essential commands and skills with Adam Oxford that will turn you into a terminal system admin.
Are you an ‘accidental admin’? Someone who realised, too late, that they were responsible for the workings of a Linux server and – because something has gone wrong – finds themselves lost in a world of terminals and command lines that make little sense to normal humans?
What is SSH, you may be asking yourself. Do those letters after ‘tar’ actually mean anything real? How do I apply security patches to my server? Don’t worry, you’re not alone. And to help you out, we’ve put together this quick guide with essential Linux commands that every accidental admin should know.
Becoming an accidental admin
While we’d argue that they should, not everyone who starts using Linux as an operating system does so through choice. We suspect that most people’s first interaction with Linux happens somewhat unwittingly. You click a button on your ISP’s account page to set up a personal or business web server – for a website, email address or online application – and suddenly you’re a Linux admin. Even though you don’t know it yet.
When you’re starting out with your web server, things are usually straightforward. Nearly all hosting providers will give you a web interface such as Cpanel or Plesk to manage your server. These are powerful pieces of software that give you quick an easy access to logs, mail services and one-click installations of popular applications such as Wordpress or forums. But the first time you have to do something that isn’t straightforward to do through the graphical control panel, you’re suddenly out of the world of icons and explanatory tooltips and into the world of the text-only Terminal.
To make things worse, for a lot of people the first time they have to deal with the Terminal is when something has gone wrong and can’t be fixed through the control panel. Or perhaps you’ve just read that there’s a major security flaw sweeping the web and all Linux servers must be updated at once (it happens – search for ‘Heartbleed’ to find out more). Suddenly you realise that your nice control panel hasn’t actually been updating your server’s operating system with security patches and your small personal blog may well be part of a massive international botnet used to launch DDOS attacks against others. Not only are you a stranger in a strange land, you’re probably trying to recover or fix something that was really important to you, but which you never gave much thought to while it was being hosted for a couple of pounds a month and seemed hassle-free.
You are an ‘accidental admin’. Someone who is responsible for keeping a Linux webserver running and secure—but you didn’t even realise it. You thought all that was included in your couple of pounds a month you pay to your ISP – and only found out it’s not when it was too late.
Since most webservers are running Ubuntu, this guide is based on that particular distribution. And all the commands here are just as applicable to a Linux desktop as they are to a web server, of course.
1 sudo
The most fundamental thing to know about Linux’s approach to administration is that there are two types of accounts that can be logged in: a regular user or an administrator (aka ‘superuser’). Regular users aren’t allowed to make changes to files or directories that they don’t own—and in particular this applies to the core operating system files which are owned by an admin called ‘root’.
Root or admin privileges can be temporarily granted to a regular user by typing sudo in front of any Linux command. So to edit the configuration file that controls which disks are mounted using the text editor, nano, you might type sudo nano /etc/fstab (we really don’t recommend this unless you
know what you’re doing). After entering sudo , you’ll be asked for your user password. On a desktop PC, this is the same one that you use to log in. If you’re logging into your own webserver, however, there’s a good chance that you’ll already be the root user and won’t need a password to make important changes.
If you can’t execute sudo commands, your web host has restricted your level of access and it probably can’t be changed. User accounts can be part of ‘groups’ in Linux and only members of the sudoers groups can use the sudo command to temporarily grant themselves admin privileges.
su
While sudo gives you great power, it still has limitations. Most of all, if you’ve got a whole bunch of commands to enter, you don’t want to have to type it out at the start of every single line [at least the password has a 5 minute timeout–Ed]. This is where su comes in, which will give you superuser powers until you close the terminal window. Type sudo su followed by your password, and you’ll see the prompt change from yourname@yourserver to root@yourserver . You might think su stands for superuser, but It’s actually a command to change to any user on the system and if it’s used without an account name after it, su assumes you want to be root. However, using su myname will switch you back to your original, non-super, login.
ifconfig
Since you’re troubleshooting a web server, it’s probably a good idea to get as many details about its actual connection as possible noted down. The ifconfig command can be run without sudo privileges and tells you details about every live network connection, physical or virtual. Often this is just for checking your IP address, which it reports under the name of the adaptor, but it’s also useful to see if you’re connected to a VPN or not. If a connection is described as eth0, for example, it’s an Ethernet cable meanwhile tun0 is a VPN tunnel.
chown
There’s tons more you can learn about chmod and we strongly recommend that you do, but it has a sister command that’s even more powerful. While chmod dictates what users who aren’t the owner of a file can do, the chown command changes the file owner and group that it belongs to completely. Again, you’ll probably need to put sudo in front of anything you chown , but the syntax is again simple. An example might be chown myname:mygroup filename.file .
service restart
No, we’re not telling you to ‘try turning it off and on again’, but sometimes it’s a good place to start (and sometimes its essential to load changes into memory). It’s possible you might be used to start and stop background processes on a Windows desktop through the graphical System Monitor or Task Manager in Windows. However, in the command line Terminal to a server it’s a little more tricky, but not by much.
Confusingly, because many Linux distributions have changed the way they manage startup services (by switching to systemd) there’s two ways of doing this. The old way, which still works a lot of the time, is to just type service myservice restart , preceded with sudo ,when it’s necessary. The new, correct, way is a little more verbose: systemctl restart
myservice. service . So if you want to restart Apache, for example, the core software which turns a mere computer into a web server, it would be sudo systemctl restart apache2. service .
ls
The key to understanding the console is all in the path ( see PathTobox,below), which tells you whereabouts you are in the folder structure at any given time. But how do you know what else is in your current location? Easy: you use ls . The ls command lists all the files within the folder that you’re currently browsing. If there’s a lot of files to list, use ls | less to pause at the end of each page of filenames.
cat
A command you’ll often see if you’re following instructions you’ve found online – and aren’t always sure what you’re doing – cat is short for concatenate and is used to combine files together. In its simplest form it can be used to take file1. txt and file2.txt and turn them into file3.txt, but it can also be combined with other commands to create a new file based on searching for patterns or words in the original.
Quite often you’ll see cat used simply to explore a single file – if you don’t specify an output filename, cat just writes what it finds to the screen. So online walkthroughs often use cat as a way of searching for text within a file and displaying the results in the terminal. This is because cat is nondestructive—it’s very hard to accidentally use cat to change the original file where other commands might do.
find
A useful and under used command, the find command is pretty self-explanatory. It can be used to find stuff. Typing it by itself is much like ls , except that it lists all of the files within sub-directories of your current location as well as those in your current directory. You can use it to search for filenames using the format find -name “filename.txt” . By inserting a path before the -name option, you can point it at specific starting folders to speed things up. By changing the -name option you can search by days since last accessed ( -atime ) or more.
df
Maybe your server problems are to do with disk space? Type df and you’ll get a full breakdown of the size and usage of every volume currently mounted on your system. By default it’ll give you big numbers in bytes, but if you run df -h (which stands for ‘human readable’ the volume sizes will be reported in megabytes, gigabytes or whatever is appropriate.
apt-get update && upgrade
Probably the single most important command to know and fear. We all know that to keep a computer system secure you need to keep it updated, but if you’ve got control of a Linux box the chances are that it isn’t doing that automatically.
A simple sudo apt-get update will order your system to check for the latest versions of any applications it’s running, and sudo apt-get upgrade will download and install them. For the most part these are safe commands to use and should be run regularly—but occasionally updating one piece of software can break another, so back-up first…
grep
As computer commands go there are few more fantastically named for the newcomer than the grep [it’s a real verb!–Ed] command. How on earth are you ever going to master this Linux stuff if it just makes words up? But grep is a great utility for looking for patterns within files. Want to find every line that talks about cheddar in a book about cheeses? grep "cheddar" bookofcheese.txt will do it for you. Even better you can use it to search within multiple files using wildcards. So grep “cheddar” *.txt will find every text file in which cheddar is reference. So now you grok grep , right?
top
When you’re working in a graphical user interface such as a Linux desktop environment or Windows desktop, there’s always an application like System Monitor or Task Manager which will call up a list of running applications and give you details about how many CPU cycles, memory or storage they’re using. It’s a vital troubleshooting tool if you have a program that’s misbehaving and you don’t know what it is.
In a similar way, you can bring up a table of running applications in the Linux Terminal that does the same thing by typing top .
Like a lot of command line utilities, it’s not immediately obvious how you can close top once you’re finished with it without closing the terminal window itself—the almost universal command to get back to a prompt is Ctrl+c.
kill, killall
Using top you can figure out which application is using all your CPU cycles, but how do you stop it without a right-click > End process menu? You use the command kill followed by the process name. If you want to be sure and kill every process with a name that contains that application name, you use killall . So kill firefox will close down a web browser on a Linux desktop.
w
From the weirdness of grep to the elegance of the w command, a whole command in a single letter. If you think another user is logged into your system, this is an important command to know. You can use w to list all currently active users, although don’t rely on it too much as it’s not hard for a hacker to be hidden.
passwd
You must use passwd with extreme care. Ultra extreme care. Because the next word you write after it will become your login password, so if you type it incorrectly or forget it, you’re going to find yourself in serious trouble.
You can only change your own user’s password by default, but if you grant yourself sudo powers you can change any user’s credentials by including their username after the password itself. Typing sudo passwd , meanwhile, will change the password for root.
Check out the manual ( man passwd ) page for some useful options to expire passwords after a certain period of time and so on.
cd
If you have a graphical interface and file browser, it’s pretty easy to move to new locations on your hard drive just by clicking on them. In the Terminal, we know where we are because of the path ( seePathTobox,left), and switch location using cd which stands for ‘change directory’. The cd command in mainly used in three ways: cd foldername This will move you to that folder, provided it exists within the folder you’re currently browsing (use ls if you’re not sure).
cd ~/path/to/folder This will take you to a specific location within your home folder (the ~ character tells cd to start looking in your home folder). Starting with a / will tell cd to start the path at the root folder of your hard drive. cd .. This final useful command simply takes you up one level in the folder structure.
mv & rm & cp
When you get the hang of it, using a terminal as a file manager becomes pretty simple and quite a joyful experience. As well as cd , the three fundamental commands are mv , rm and cp . The mv command is used to move a file from one location to another, rm is used to remove or delete a file and cp will copy files and folders.
Just as with cd , you can either enter a filename to operate on a file in the directory you’re working in or a full path starting from the root of the drive with ~ . For mv the syntax is mv ~/location1/file1.file ~/location2/location .
The big thing to remember is that in the Terminal there’s no undo or undelete function: if you rm a file and it’s gone forever (or at least will require very specialist skills to retrieve) and in a similar fashion, if you mv or cp a file you’d better make a note of where it went.
nano
It might seem odd, if you’ve spent your life in graphical applications and utilities, but complex programs run in the text terminal, too. There are several text editors which normally come as part of the whole package, notably nano and vi. You can open a blank document by typing nano , or you can edit an existing one by typing nano ~path/to/text.txt (and do the same with vi). Some of the terminology may seem odd, though: To write out (Ctrl+o) means save, for example and so on.
history
And finally, if you’ve been copying and pasting commands from the web all day, you might want to check up on what you’ve actually done. You can use history to give you a list of all the terminal commands entered going back a long, long way. Execute specific numbered commands with !<num> , you can go back through recent commands just by using the up and down arrows (and re-issue them by tapping Enter), or search for commands by pressing Ctrl+r.