Practical Commands for Linux System Administration

In today’s digital age, Linux, as a powerful open-source operating system, has become the preferred platform for server environments and technical professionals due to its high flexibility, security, and stability. This article provides readers with some practical commands for Linux system administration, covering network configuration, system monitoring, file operations, and security management, helping you master Linux operations more efficiently.

Basics of Network Management

Network configuration is a core part of Linux system administration. By using a series of command tools, administrators can gain a comprehensive understanding and control over the system’s network status:

• Use watch ss -tp and netstat -tulpn to monitor network connection status in real-time
• View and modify network interface configurations using ifconfig or ip addr
• Use dig and host commands for DNS queries and domain name resolution
• Set the gateway route using route add default gw [IP]

For network debugging, Linux provides powerful packet capture tools like tcpdump, allowing administrators to analyze network traffic in-depth:

tcpdump -i eth0 -XX -w out.pcap  # Capture traffic on eth0 interface and save to file
tcpdump -i eth0 port 80 dst 2.2.2.2  # Capture traffic to a specific target and port

System Information and Monitoring

Understanding system status is crucial for maintaining server health. Linux provides various tools to view system information:

• uname -a displays kernel information
• cat /etc/*release* to view distribution information
• df -h and du -sh to check disk space and directory size respectively
• ps -ef and top to monitor process activity
• free -m to view memory usage
• lpstat -a to check for available printers

System logs are an important resource for troubleshooting, usually stored in the /var/log directory:

cat /var/log/syslog  # View system log
cat /var/log/auth.log  # View authentication log
grep "ERROR" /var/log/apache2/error.log  # Search Apache error log

File System Operations

Linux inherits the core design philosophy of UNIX – “everything is a file”. This design approach provides a unified interface, allowing the system to handle various types of resources in the same way: whether documents stored on disk, connected external devices, network connections, or even inter-process communication, all are abstracted as byte streams and accessed through the file system. This philosophy keeps the Linux system a simple yet powerful user experience. Directory Structure: The Skeleton of the System Linux organizes the file system in a tree-like hierarchical structure, starting from the root directory (/) and branching downwards. This structure not only facilitates management but also provides a clear navigation path. Each directory has its specific purpose:

• /bin and /sbin: Store essential commands and management tools required for system operation
• /etc: Contains system configuration files, frequently accessed by system administrators
• /home: Storage location for user personal files, with each user having their own subdirectory
• /proc and /sys: Provide a virtual file system for system and process information, reflecting the system status in real-time
• /dev: Device file directory, where Linux creates device nodes to access hardware
• /tmp: Temporary file storage for all users, regularly cleaned by the system

This structure effectively separates system components and user data, enhancing system stability and security.

Basic File Operations

• Create, view, and edit files: touch, cat, nano/vim
• Directory management: mkdir to create, rmdir or rm -rf to delete

• File compression and decompression:

tar czf archive.tar.gz files/  # Create gzip compressed archive
tar xf archive.tar  # Extract tar file

Advanced File Features

• Use find to search for files:

find / -name "*.log" -type f  # Find all log files
find / -perm -4000 -type f  # Find SUID files (security audit)

• File link management:

ln -s target_file link_name  # Create a symbolic link
ln target_file link_name  # Create a hard link

• File permission settings: chmod, chown, and chattr

User and Permission Management

Security management begins with strict user permission control:

• User management: useradd, passwd, usermod
• View current user information: id, who, w, last
• Permission escalation: sudo and su

• Check sensitive file permissions:

ls -l /etc/shadow  # View password file permissions
find /etc -perm -o+w  # Find configuration files writable by other users

• View processes with root privileges

ps aux | grep root
ps -ef | grep root

Service Management and Autostart Configuration

Different distributions have different service management tools:

• On Debian-based systems (like Ubuntu):

service apache2 status  # Check service status
update-rc.d apache2 defaults  # Set to start on boot

• On Red Hat-based systems (like CentOS):

chkconfig --list  # List all service startup statuses
chkconfig httpd on  # Set service to start on boot

• Modern systemd systems:

systemctl status sshd  # Check service status
systemctl enable nginx  # Set to start on boot

• View local task schedules

crontab -l
ls -alh /var/spool/cron
ls -al /etc/ | grep cron
ls -al /etc/cron*
cat /etc/cron*
cat /etc/at.allow
cat /etc/at.deny
cat /etc/cron.allow
cat /etc/cron.deny
cat /etc/crontab
cat /etc/anacrontab
cat /var/spool/cron/crontabs/root

Network Security and Firewall

iptables is the core firewall tool in Linux, used for network traffic filtering and NAT:

# List current firewall rules
iptables -L -v --line-numbers

# Allow SSH connections
iptables -A INPUT -p tcp --dport 22 -m state --state NEW,ESTABLISHED -j ACCEPT
iptables -A OUTPUT -p tcp --sport 22 -m state --state ESTABLISHED -j ACCEPT

# Block a specific IP address
iptables -A INPUT -s malicious_ip -j DROP
# Block an IP range
iptables -A INPUT -s 1.1.1.0/24 -j DROP  
# Block traffic from a specific IP and port
tcpkill host 192.168.1.100 port 80       

# Port forwarding
 iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to-destination 10.0.0.2:80

System Security and Auditing

Security auditing is an important part of system management:

• Find privileged files:

find / -perm -u=s -type f  # Find SUID files
find / -perm -g=s -type f  # Find SGID files

• Check writable directories:

find / -writable -type d 2>/dev/null  # Find globally writable directories

• Check for unowned files:

find / -xdev \( -nouser -o -nogroup \) -print  # Find unowned files

• Attackers may clear operation traces

Command	Description
`<span>history -c</span>`	Clear current session command history
`<span>echo "" > ~/.bash_history</span>`	Clear user history file
`<span>ln /dev/null ~/.bash_history</span>`	Disable history permanently

• Find text that may contain usernames and passwords

grep -i user [filename]
grep -i pass [filename]
grep -C 5 "password" [filename]
find . -name "*.php" -print0 | xargs -0 grep -i -n "var $password" # Joomla

• View hidden files in related directories

ls -ahlR /root/
ls -ahlR /home

Shell Tips for Efficient Work

Mastering these Shell tips can significantly improve work efficiency:

• Use screen or tmux to manage multiple sessions

#Screen multiple sessions
screen -S session_name    # Create a new session
Ctrl+a d                  # Detach session

• Set aliases to simplify common commands: alias ll='ls -la'

• Use pipes to combine commands:

cat large_file.log | grep "ERROR" | wc -l  # Count occurrences of errors

• Redirect output: command > file.txt 2>&1
• Use watch command to execute periodically: watch -n 5 'ps aux | grep httpd'

Automation script example 1:

  # Domain resolution scan
  #!/bin/bash
  for ip in {1..254}; do
    host 192.168.1.$ip | grep "name pointer"
  done

Automation script example 2:

# DNS reverse resolution
for ip in {1 .. 254 .. 1}; do dig -x l.l.l.$ip | grep $ip dns.txt; done;

Data Processing Tools

Linux provides powerful text processing tools:

• grep for text searching:

grep -r "password" /var/www/  # Recursively search for files containing password
grep -v "^#" /etc/ssh/sshd_config  # Show non-comment lines

• sort for data sorting:

sort -t':' -k3 -n /etc/passwd  # Sort by UID value
du -sh * | sort -hr  # Display in descending order by file size

• awk and sed for advanced text processing

Precautions

1. Permission Management: Use rm -rf with caution to avoid accidental deletion of system files.
2. Security Commands: Operations like kill -9 or :(){ :|:& };: or trace cleaning should be done carefully, as they may affect system stability.
3. Script Security: It is recommended to review the code before executing unknown scripts to prevent malicious operations.

Conclusion

The power of the Linux system lies in its flexibility and customizability. By deeply understanding and mastering the commands and techniques introduced in this article, administrators can build efficient, secure, and stable system environments. As experience accumulates, you will be able to tackle various system management challenges and security risks, fully leveraging the potential of Linux.

> Further Reading: “Linux Shell Scripting Guide (2nd Edition)”

References:

https://www.digitalocean.com/community/tutorials/linux–commands
https://bjpcjp.github.io/pdfs/devops/linux-commands-handbook.pdf
https://docs.fab.lse.ac.uk/docs/linux-commands/

Disclaimer:

The content discussed in this article may contain offensive or harmful elements; please be cautious in identifying them. The content of the article is intended for legitimate and compliant uses such as security detection, defense, and research. It should not be used for other purposes. Violators will bear corresponding legal responsibilities, and their actions are unrelated to the creators of this article. Please comply with relevant laws and regulations to maintain a clear online environment! If you have any questions, feel free to contact us.

Previous Issues:

【Daily Vitamin C】
【Daily Vitamin C】

Community Exchange Subscription: