• Get application security done the right way! Detect, Protect, Monitor, Accelerate, and more…
  • Linux offers countless commands and utilities, which help you perform your system administration tasks quickly and efficiently.

    Your work as system admin includes installing and running software, controlling access, monitoring, ensuring availability, backups, restoring backups, and of course firefighting. 😜

    In this article, we review some of the commands frequently used by Linux system administrators in their day to day work.

    uname

    Use uname command with the -a flag to print system information. This command will show you the kernel name, kernel release, kernel version, hostname, processor type & your hardware platform information.

    [email protected]:~$ uname -a
    Linux ubuntu18 5.3.0-1028-azure #29~18.04.1-Ubuntu SMP Fri Jun 5 14:32:34 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux

    Here is what this means:

    kernel name:Linux 
    hostname: ubuntu18 
    kernel release: 5.3.0-1028-azure 
    kernel version: #29~18.04.1-Ubuntu SMP Fri Jun 5 14:32:34 UTC 2020 
    machine hardware name: x86_64 
    processor: x86_64 
    hardware-platform: x86_64 
    operating system: GNU/Linux

    df

    Use df command to verify the size of the filesystem and the space available. This command used by itself shows output in 1K blocks. 

    [email protected]:~$ df 
    Filesystem     1K-blocks    Used Available Use% Mounted on
    udev              437208       0    437208   0% /dev
    tmpfs              91100     692     90408   1% /run
    /dev/sda1       30309264 2383952  27908928   8% /
    ....
    

    Option -h shows output in a human-readable format, that is in MB and GB.

    [email protected]:~$ df -h
    Filesystem      Size  Used Avail Use% Mounted on
    udev            427M     0  427M   0% /dev
    tmpfs            89M  692K   89M   1% /run
    /dev/sda1        29G  2.3G   27G   8% /
    tmpfs           445M     0  445M   0% /dev/shm
    tmpfs           5.0M     0  5.0M   0% /run/lock
    tmpfs           445M     0  445M   0% /sys/fs/cgroup
    /dev/sda15      105M  3.6M  101M   4% /boot/efi
    /dev/sdb1       3.9G   16M  3.7G   1% /mnt
    tmpfs            89M     0   89M   0% /run/user/1001 

    To ignore any file system, for example, tmpfs, that is for a cleaner output, use flag -x

    [email protected]:~$ df -h -x tmpfs
    Filesystem      Size  Used Avail Use% Mounted on
    udev            427M     0  427M   0% /dev
    /dev/sda1        29G  2.3G   27G   8% /
    /dev/sda15      105M  3.6M  101M   4% /boot/efi
    /dev/sdb1       3.9G   16M  3.7G   1% /mnt

    To list a specific filesystem type only, use -t flag. for example, to view only ext4 filesystem:

    [email protected]:~$ df -h -t ext4
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda1        29G  2.3G   27G   8% /
    /dev/sdb1       3.9G   16M  3.7G   1% /mnt

    Using total flag will add a line showing grand totals:

    [email protected]:~$ df -h -t ext4 --total
    Filesystem      Size  Used Avail Use% Mounted on
    /dev/sda1        29G  2.3G   27G   8% /
    /dev/sdb1       3.9G   16M  3.7G   1% /mnt
    total            33G  2.3G   31G   8% -

    du

    To check disk space usage in a directory, use du command. For example to see disk space usage in the /var/log directory. Use -h flag for human-readable format.

    [email protected]:~$ sudo du -h /var/log
    24K	/var/log/Microsoft/Azure/NetworkWatcherAgent/Logs
    28K	/var/log/Microsoft/Azure/NetworkWatcherAgent
    32K	/var/log/Microsoft/Azure
    36K	/var/log/Microsoft
    60K	/var/log/apt
    4.0K	/var/log/samba
    177M	/var/log/journal/0f4f926f583b4691af7de11025b19ff6
    177M	/var/log/journal
    ...
    204M	/var/log

    To see only the total usage only use -s (summary) flag.

    [email protected]:~$ sudo du -hs /var/log
    204M	/var/log

    free

    Use free command to see total, used, and free system memory. Use -h flag for human-readable format.

    [email protected]:~$ free -h
                  total        used        free      shared  buff/cache   available
    Mem:           889M        272M        100M        712K        517M        443M
    Swap:            0B          0B          0B
    total - Total installed memory (memtotal + swaptotal)
    used - used memory
    free - unused memory (memfree + swapfree)
    buffers - memory used by kernel buffers
    cache - memory used by page caches
    buff/cache - sum of buffers and cache
    available - Estimated memory available for starting new applications, without swapping

    ps

    Use ps to display status information about processes running on the system. To see all processes owned by user ubuntu, use -u flag with the user name:

    [email protected]:~$ ps -u ubuntu
       PID TTY          TIME CMD
      7804 ?        00:00:00 systemd
      7805 ?        00:00:00 (sd-pam)
      7940 ?        00:00:00 sshd
      7941 pts/0    00:00:00 bash
      8111 ?        00:00:00 sshd
      8112 pts/1    00:00:00 bash
     13868 ?        00:00:00 sshd
     13869 pts/2    00:00:00 bash
     13885 pts/0    00:00:00 man
     13895 pts/0    00:00:00 pager
     18111 pts/2    00:00:00 man
     18121 pts/2    00:00:00 pager
     18485 pts/1    00:00:00 ps

    To view all processes run ps with aux flags:

    [email protected]:~$ ps aux
    USER        PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
    root          1  0.0  0.7 160076  7020 ?        Ss   Jun29   0:34 /sbin/init
    root          2  0.0  0.0      0     0 ?        S    Jun29   0:00 [kthreadd]
    root          3  0.0  0.0      0     0 ?        I<   Jun29   0:00 [rcu_gp]
    root          4  0.0  0.0      0     0 ?        I<   Jun29   0:00 [rcu_par_gp]
    root          6  0.0  0.0      0     0 ?        I<   Jun29   0:00 [kworker/0:0H-kb]
    ....

    where

    Heading Meaning
    PID Process Identification Number
    %CPU Percentage of CPU time the process is using
    %MEM Percentage of RAM process is using
    VSZ Virtual memory being used in KB
    RSS Physical memory the process is using in KB
    TTY Terminal associated with the process
    STAT R – Running or ready to run, S – Sleeping, I – Idle, T – Stopped, Z – Zombie, D – Waiting for Disk I/O, X – Dead, W – Swapped out, N – Low priority process, < – High priority process

    top

    While ps command shows a snapshot of the state of processes at any moment, top shows a continuously updating (every three seconds, by default) list of system processes in order of process activity.

    The top command output consists of two main parts: The system summary at the top and the table of processes sorted by CPU activity.

    top - 14:25:32 up 44 days, 11:37,  1 user,  load average: 0.00, 0.00, 0.00
    Tasks: 114 total,   1 running,  59 sleeping,   0 stopped,   0 zombie
    %Cpu(s):  0.3 us,  0.0 sy,  0.0 ni, 99.7 id,  0.0 wa,  0.0 hi,  0.0 si,  0.0 st
    KiB Mem :   910992 total,   101208 free,   274712 used,   535072 buff/cache
    KiB Swap:        0 total,        0 free,        0 used.   458492 avail Mem 
    
       PID USER      PR  NI    VIRT    RES    SHR S %CPU %MEM     TIME+ COMMAND    
     50497 ubuntu    20   0   44528   3944   3368 R  0.7  0.4   0:00.15 top        
         1 root      20   0  160076   7020   4400 S  0.0  0.8   0:34.85 systemd    
         2 root      20   0       0      0      0 S  0.0  0.0   0:00.08 kthreadd   
         3 root       0 -20       0      0      0 I  0.0  0.0   0:00.00 rcu_gp     
         4 root       0 -20       0      0      0 I  0.0  0.0   0:00.00 rcu_par_gp 
         6 root       0 -20       0      0      0 I  0.0  0.0   0:00.00 kworker/0:+
         9 root       0 -20       0      0      0 I  0.0  0.0   0:00.00 mm_percpu_+

    Some of the fields in the system summary are as follows:

    up Uptime. Time since the machine was last booted.
    load average Load average refers to the number of processes that are waiting to run, value less than 1.0 means the machine is not busy. There are 3 values. First is the average of the last 60 seconds, second is the average of the last 5 minutes and the third shows the average of the last 15 minutes.
    %Cpu(s)

     

     

    This row describes the activities of the CPU.

    0.3 us, user 0.3% CPU is being used for user processes.
    0.0 sy, system 0.0% CPU is being used for system processes.
    0.0 ni, nice 0.0% CPU is being used by low priority(nice) processes
    99.7 id, idle 99.7% CPU is idle
    0.0 wa, IO-wait 0.0% CPU is waiting for I/O
    0.0 hi time spent on hardware interrupts
    0.0 si time spent on software interrupts
    0.0 st time stone from this VM by the hypervisor

    Process table fields are as follows:

    PID Process Identification Number
    USER Process owner
    PR Priority
    NI Nice value
    VIRT Virtual memory used by the process (KB)
    RES Physical memory used by the process
    SHR Shared memory used by the process
    S Process status. R – Running, S – sleeping, I – Idle, T – stopped, Z – zombie, D – waiting for disk I/O, W- swapped out, X – dead
    %CPU CPU time process is using in percentage
    %MEM The physical memory process is using
    TIME[+] Total CPU time used by the process
    COMMAND Name of the program

    While top is running, you can issue a number of commands. Press h or ? to see commands which can be run while top is running. Press k to kill a process. Press q to quit top.

    dig

    dig is a great tool for DNS queries. It is used as follows :

    dig <DNS server> <domain> <query-type>

    where

    • <DNS server> is the DNS server name you wish to query
    • <domain> is the domain name you wish to query about
    • <query-type> is the name of the record you wish to know – A, MX, NS SOA, etc.

    To suppress verbose output, use +short flag.

    To view A record for google.com use:

    [email protected]:~$ dig google.com +short
    172.217.164.174

    To see MX records for google.com use:

    [email protected]:~$ dig google.com MX  +short
    50 alt4.aspmx.l.google.com.
    10 aspmx.l.google.com.
    20 alt1.aspmx.l.google.com.
    40 alt3.aspmx.l.google.com.
    30 alt2.aspmx.l.google.com.

    If you need to query DNS records on the Internet, you can use the DNS lookup tool.

    who and w

    who shows users who are logged on.

    [email protected]:~$ who
    ubuntu   pts/0        2020-08-14 17:28 (183.83.211.129)
    ubuntu   pts/1        2020-08-14 17:58 (183.83.211.129)

    w shows users currently logged on and their processes. The header shows the current time, system uptime, number of users logged on, and system load averages.

    [email protected]:~$ w
     18:07:33 up 46 days, 15:19,  2 users,  load average: 0.00, 0.00, 0.00
    USER     TTY      FROM             [email protected]   IDLE   JCPU   PCPU WHAT
    ubuntu   pts/0    183.83.211.129   17:28    2.00s  0.10s  0.00s w
    ubuntu   pts/1    183.83.211.129   17:58    9:07   0.05s  0.01s vi

    The next part shows the usernames, the terminal, and the remote IP from which they are logged on, login time, idle time, JCPU, PCPU, and the program they are running. JCPU is the time used by all processes attached to the tty whereas PCPU is the time used by the current process.

    tar

    With GNU tar you can archive multiple files into a single file.

    As an example create a directory myfiles and three files a.txt, b.txt, c.txt in myfiles directory:

    [email protected]:~$ mkdir myfiles ; touch myfiles/{a.txt,b.txt,c.txt}

    Now to create an archive named allfiles.tar containing all files in myfiles directory:

    [email protected]:~$ tar -cvf allfiles.tar myfiles
    myfiles/
    myfiles/c.txt
    myfiles/a.txt
    myfiles/b.txt

    List all files in the current directory. You can see myfiles directory and allfiles.tar archive:

    [email protected]:~$ ls
    allfiles.tar  myfiles

    You may unpack an archive with -x flag. So, to unpack allfiles.tar:

    [email protected]:~$ tar -xvf allfiles.tar
    myfiles/
    myfiles/c.txt
    myfiles/a.txt
    myfiles/b.txt

    You may also compress this archive with -z flag. This would create an archive compressed with gzip.

    [email protected]:~$ tar -zcvf allfiles.tar.gz myfiles
    myfiles/
    myfiles/c.txt
    myfiles/a.txt
    myfiles/b.txt
    [email protected]:~$ ls
    allfiles.tar.gz  myfiles

    To unpack a compressed archive use -z with -x flag.

    [email protected]:~$ tar -zxvf allfiles.tar.gz 
    myfiles/
    myfiles/c.txt
    myfiles/a.txt
    myfiles/b.txt

    grep

    grep is used to search for a pattern in a file, or a set of files. It print all lines matching that pattern. For example, to search for the line containing “ServerRoot” in /etc/apache2/apache2.conf:

    [email protected]:~$ grep ServerRoot /etc/apache2/apache2.conf 
    # ServerRoot: The top of the directory tree under which the server's
    #ServerRoot "/etc/apache2"

    To search in all files in a directory use *. To include search in subdirectories use -r (recursive) flag. So, to search for all lines containing the pattern “VirtualHost” in all files in /etc/apache2:

    [email protected]:~$ cd /etc/apache2
    [email protected]:/etc/apache2$ grep -r VirtualHost *
    apache2.conf:# If you do not specify an ErrorLog directive within a <VirtualHost>
    apache2.conf:# logged here.  If you *do* define an error logfile for a <VirtualHost>
    conf-available/localized-error-pages.conf:# even on a per-VirtualHost basis.  If you include the Alias in the global server
    conf-available/other-vhosts-access-log.conf:# Define an access log for VirtualHosts that don't define their own logfile
    ports.conf:# have to change the VirtualHost statement in
    sites-available/000-default.conf:<VirtualHost *:80>
    ...
    

    rsync

    rsync is a fast command-line tool for synchronizing files and directories between two locations. Can be used for both local and remote copying and is fast because it sends only the differences between the source files and the existing files in the destination.

    It is widely used for backups and as an improved copy command for daily use.

    Here is an example:

    To copy/rsync all files from myfiles directory to backups directory:

    [email protected]:~$ rsync -avh myfiles/ /backups
    sending incremental file list
    ./
    a.txt
    b.txt
    c.txt
    
    sent 218 bytes  received 76 bytes  588.00 bytes/sec
    total size is 0  speedup is 0.00

    To rsync all files from myfiles directory to backups directory on a remote host, include remote_user @remote_host in destination name. So, to rsync myfiles folder to a remote host with IP 10.0.0.50:

    [email protected]:~$ rsync -avh myfiles/ [email protected]:/home/vagrant
    [email protected]'s password: 
    sending incremental file list
    ./
    a.txt
    b.txt
    c.txt
    
    sent 230 bytes  received 76 bytes  47.08 bytes/sec
    total size is 0  speedup is 0.00

    ss

    ss command is used to dump socket statistics, similar to the legacy netstat utility. To display TCP sockets use -t flag.

    [email protected]:~$ ss -t 
    State       Recv-Q        Send-Q                 Local Address:Port                     Peer Address:Port         
    ESTAB       0             0                           10.0.0.4:53852                   168.63.129.16:8037         
    ESTAB       0             0                           10.0.0.4:ssh                    183.83.211.129:64118        
    ESTAB       0             0                           10.0.0.4:33256                 169.254.169.254:http         
    ESTAB       0             1080                        10.0.0.4:ssh                     222.186.30.35:11527        
    ESTAB       0             0                           10.0.0.4:ssh                    183.83.211.129:63049

    This would not display sockets that are listening. To include both listening and non-listening sockets use -t and -a flags.

    [email protected]:~$ ss -t -a 
    State        Recv-Q        Send-Q                Local Address:Port                     Peer Address:Port         
    LISTEN       0             128                         0.0.0.0:ssh                           0.0.0.0:*            
    LISTEN       0             80                        127.0.0.1:mysql                         0.0.0.0:*            
    LISTEN       0             128                   127.0.0.53%lo:domain                        0.0.0.0:*            
    ESTAB        0             0                          10.0.0.4:53852                   168.63.129.16:8037         
    ESTAB        0             0                          10.0.0.4:ssh                    183.83.211.129:64118        
    ESTAB        0             0                          10.0.0.4:33256                 169.254.169.254:http         
    ESTAB        0             1080                       10.0.0.4:ssh                     222.186.30.35:11527        
    ESTAB        0             120                        10.0.0.4:ssh                    183.83.211.129:63049        
    LISTEN       0             128                            [::]:ssh                              [::]:*            
    LISTEN       0             128                               *:http                                *:*

    locate

    The locate command uses a database to search for files and actually can be much faster than find command. Very simple to use, to search for a file, say, apache2.conf:

    [email protected]:~$ locate apache2.conf
    /etc/apache2/apache2.conf
    /var/lib/dpkg/info/apache2.conffiles

    You can use -c flag if you want only the count of files matching the search pattern.

    [email protected]:~$ locate -c apache2.conf
    2

    At times, you may need to refresh the database used by locate, which is mlocate. To update the database use updatedb command. This would need superuser privileges.

    [email protected]:~$ sudo updatedb

    find

    One of the most frequently used commands on Linux. Use it to search for files based on filenames, permissions, userid,  groupid, size, file type, besides other criteria.

    To search for a file by name in the current directory, use -name flag followed by the filename to search.:

    [email protected]:~$ find . -name a.txt
    ./myfiles/a.txt

    To search for directories, use -type d flag:

    [email protected]:~$ find . -type d
    .
    ./.ssh
    ./myfiles
    ./.cache
    ./.gnupg
    ./.gnupg/private-keys-v1.d
    ./docker

    To search for files by size, say files larger than 20MB, use -size flag:

    [email protected]:~$ find . -size +20M
    ./docker/docker-ce-cli_5%3a19.03.12~3-0~ubuntu-bionic_amd64.deb
    ./docker/docker-ce_5%3a19.03.12~3-0~ubuntu-bionic_amd64.deb

    systemctl

    Now that systemd has replaced SysV init process in most Linux distributions, use systemctl command to manage systemd services and units.

    To start a service, for example apache2:

    [email protected]:~$ sudo systemctl start apache2.service

    You may leave the service suffix.

    To stop a service:

    [email protected]:~$ sudo systemctl stop apache2

    To see service status, use systemctl status command. The following example shows apache2 status while it is running:

    [email protected]:~$ sudo systemctl status apache2
    ● apache2.service - The Apache HTTP Server
       Loaded: loaded (/lib/systemd/system/apache2.service; enabled; vendor preset: enabled)
      Drop-In: /lib/systemd/system/apache2.service.d
               └─apache2-systemd.conf
       Active: active (running) since Wed 2020-08-19 11:34:04 UTC; 2s ago
      Process: 25346 ExecStop=/usr/sbin/apachectl stop (code=exited, status=0/SUCCESS)
      Process: 18202 ExecReload=/usr/sbin/apachectl graceful (code=exited, status=0/SUCCESS)
      Process: 25536 ExecStart=/usr/sbin/apachectl start (code=exited, status=0/SUCCESS)
     Main PID: 25555 (apache2)
        Tasks: 55 (limit: 1024)
       CGroup: /system.slice/apache2.service
               ├─25555 /usr/sbin/apache2 -k start
               ├─25558 /usr/sbin/apache2 -k start
               └─25559 /usr/sbin/apache2 -k start
    
    Aug 19 11:34:04 ubuntu18 systemd[1]: Starting The Apache HTTP Server...
    Aug 19 11:34:04 ubuntu18 systemd[1]: Started The Apache HTTP Server.

    ufw command

    UFW – uncomplicated firewall is an easy to use frontend for iptables. It is available by default, on Ubuntu-based distributions. On CentOS, you can install ufw from the EPEL repository.

    To enable ufw:

    $ sudo ufw enable

    Check firewall status with ufw status:

    $ sudo ufw status
    Status: active

    Default UFW policies allow all outgoing traffic and block all incoming traffic.

    The following command allows incoming  traffic on HTTP port:

    $ sudo ufw allow http
    Rule added
    Rule added (v6)

    You can deny traffic on any port. Here is an example to block traffic on port 21:

    $ sudo ufw deny 21
    Rule added
    Rule added (v6)

    journalctl

    Use journalctl to view logs collected by systemd. systemd collects log in a central location in a binary format. To view these logs:

    [email protected]:~$ sudo journalctl
    -- Logs begin at Mon 2020-06-29 02:48:31 UTC, end at Wed 2020-08-19 15:07:59 UTC. --
    Jun 29 02:48:31 ubuntu kernel: Linux version 5.3.0-1028-azure ([email protected]) (gcc version 7.5.0 (Ubuntu
    Jun 29 02:48:31 ubuntu kernel: Command line: BOOT_IMAGE=/boot/vmlinuz-5.3.0-1028-azure root=UUID=b0dd9d06-536e-41
    Jun 29 02:48:31 ubuntu kernel: KERNEL supported cpus:
    Jun 29 02:48:31 ubuntu kernel:   Intel GenuineIntel
    ...

    Mostly, you would prefer seeing the logs in reverse order, that is, the latest logs first:

    [email protected]:~$ sudo journalctl -r
    -- Logs begin at Mon 2020-06-29 02:48:31 UTC, end at Wed 2020-08-19 15:10:16 UTC. --
    Aug 19 15:10:16 ubuntu18 sudo[31263]: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
    Aug 19 15:10:16 ubuntu18 sudo[31263]:   ubuntu : TTY=pts/1 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/bin/journalc
    Aug 19 15:10:11 ubuntu18 sudo[31213]: pam_unix(sudo:session): session closed for user root
    Aug 19 15:07:59 ubuntu18 sudo[31213]: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
    Aug 19 15:07:59 ubuntu18 sudo[31213]:   ubuntu : TTY=pts/1 ; PWD=/home/ubuntu ; USER=root ; COMMAND=/bin/journalc
    Aug 19 15:07:56 ubuntu18 sudo[31183]: pam_unix(sudo:session): session closed for user root
    Aug 19 15:06:47 ubuntu18 sudo[31183]: pam_unix(sudo:session): session opened for user root by ubuntu(uid=0)
    ...

    To view logs of a specific service, for example mysql use -u flag:

    [email protected]:~$ sudo journalctl -u mysql
    -- Logs begin at Mon 2020-06-29 02:48:31 UTC, end at Wed 2020-08-19 15:11:34 UTC. --
    Aug 16 12:30:02 ubuntu18 systemd[1]: Starting MySQL Community Server...
    Aug 16 12:30:03 ubuntu18 systemd[1]: Started MySQL Community Server.
    Aug 19 15:03:27 ubuntu18 systemd[1]: Stopping MySQL Community Server...
    Aug 19 15:03:29 ubuntu18 systemd[1]: Stopped MySQL Community Server.

    kill and killall

    You may need to kill a runaway process or when you need to free some system resources. kill with -l flag shows all the signals you can send to a process.

    [email protected]:~$ kill -l
     1) SIGHUP	 2) SIGINT	 3) SIGQUIT	 4) SIGILL	 5) SIGTRAP
     6) SIGABRT	 7) SIGBUS	 8) SIGFPE	 9) SIGKILL	10) SIGUSR1
    11) SIGSEGV	12) SIGUSR2	13) SIGPIPE	14) SIGALRM	15) SIGTERM
    16) SIGSTKFLT	17) SIGCHLD	18) SIGCONT	19) SIGSTOP	20) SIGTSTP
    ....

    Two most commonly used signals are SIGTERM AND SIGKILL. You can also use -9 for SIGKILL and -15 for SIGTERM. SIGTERM allows a process to complete before it is terminated and therefore is called soft kill. SIGKILL terminates the process immediately. Here is an example:

    List all apache2 processes

    [email protected]:~$ ps aux|grep apache2
    root      45521  0.0  0.5  78188  4688 ?        Ss   Aug08   0:03 /usr/sbin/apache2 -k start
    www-data  45524  0.0  0.5 830480  4816 ?        Sl   Aug08   0:00 /usr/sbin/apache2 -k start
    www-data  45525  0.0  0.7 830480  6856 ?        Sl   Aug08   0:00 /usr/sbin/apache2 -k start
    ubuntu    70374  0.0  0.1  14852  1040 pts/0    S+   07:45   0:00 grep --color=auto apache2

    To kill apache2 process with process id 45525:

    [email protected]:~$ sudo kill -9 45525

    Again view the list of apache2 processes:

    [email protected]:~$ ps aux|grep apache2
    root      45521  0.0  0.5  78188  4688 ?        Ss   Aug08   0:03 /usr/sbin/apache2 -k start
    www-data  45524  0.0  0.5 830480  4816 ?        Sl   Aug08   0:00 /usr/sbin/apache2 -k start
    ubuntu    70525  0.0  0.1  14852  1052 pts/0    S+   07:52   0:00 grep --color=auto apache2

    Use killall to kill a program by name. Which means killall kills the control(parent) process and all child processes. To kill all instances of the apache2 process in the example above:

    [email protected]:~$ sudo killall apache2

    Use kill and killall with caution. These commands might leave the system in an unstable state.

    IP

    The ip command replaces ifconfig in the newer Linux distributions. Use it to configure and display network interfaces. Also used to display and modify IP addresses, routes, and neighbor objects.

    Display information about all network interfaces:

    [email protected]:~$ ip a
    1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
        link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
        inet 127.0.0.1/8 scope host lo
           valid_lft forever preferred_lft forever
        inet6 ::1/128 scope host 
           valid_lft forever preferred_lft forever
    2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
        link/ether 00:0d:3a:9b:88:d6 brd ff:ff:ff:ff:ff:ff
        inet 10.0.0.4/24 brd 10.0.0.255 scope global eth0
           valid_lft forever preferred_lft forever
        inet6 fe80::20d:3aff:fe9b:88d6/64 scope link 
           valid_lft forever preferred_lft forever

    To bring an interface up or down use ip link set dev followed by the device name. For example, to bring the interface eth0 online:

    [email protected]:~$ ip link set eth0 up

    And to bring it down:

    [email protected]:~$ ip link set eth0 down

    date

    A very commonly used command, here we explore some interesting ways to use this command.

    [email protected]:~$ date
    Tue Aug 11 07:42:49 UTC 2020

    To see next Sunday’s date:

    [email protected]:~$ date -d 'next sunday'
    Sun Aug 16 00:00:00 UTC 2020

    To see last Sunday’s date:

    [email protected]:~$ date -d 'last sunday'
    Sun Aug  9 00:00:00 UTC 2020

    You can also use –date instead of -d flag:

    [email protected]:~$ date --date='last sunday'
    Sun Aug  9 00:00:00 UTC 2020

    To see date 6 days ago:

    [email protected]:~$ date --date='6 days ago'
    Wed Aug  5 08:06:37 UTC 2020

    Date 6 days from now:

    [email protected]:~$ date --date='6 days'
    Mon Aug 17 08:08:37 UTC 2020

    You can easily control date output format. Here is an example:

    [email protected]:~$ date '+%d-%B-%Y'
    11-August-2020

    Summary

    You as a system administrator, keep the world’s computing infrastructure running. You need to solve problems, maintain and keep the systems running optimally while ensuring security.

    Hope these commands will come in handy and help you do your job better.