Linux Commands Cheatsheet

pwd                    # Print working directory
cd /path/to/dir        # Change directory
cd ~                   # Home directory
cd -                   # Previous directory
cd ..                  # Parent directory
cd ../..               # Two levels up

ls                     # List files
ls -l                  # Long format
ls -la                 # Include hidden files
ls -lh                 # Human-readable sizes
ls -lt                 # Sort by time
ls -lS                 # Sort by size
ls -lR                 # Recursive listing
ls -i                  # Show inodes

mkdir dirname               # Create directory
mkdir -p path/to/nested/dir # Create parent directories
mkdir -m 755 dirname        # Set permissions

touch file.txt              # Create empty file
touch file1 file2 file3     # Multiple files
touch -t 202401011200 file  # Set timestamp

cp source dest              # Copy file
cp -r sourcedir destdir     # Copy directory recursively
cp -p source dest           # Preserve permissions/timestamps
cp -u source dest           # Update (copy if newer)
cp -v source dest           # Verbose

mv source dest              # Move or rename
mv file1 file2 file3 dir/   # Move multiple files
mv -i source dest           # Interactive (prompt)
mv -n source dest           # No overwrite

rm file.txt                 # Remove file
rm -r dirname               # Remove directory recursively
rm -f file.txt              # Force remove (no prompt)
rm -rf dirname              # Force remove directory
rm -i file.txt              # Interactive

find /path -name "*.txt"              # By name
find /path -type f                    # Files only
find /path -type d                    # Directories only
find /path -size +100M                # Larger than 100MB
find /path -mtime -7                  # Modified in last 7 days
find /path -user username             # By owner
find /path -perm 644                  # By permission
find /path -name "*.log" -delete      # Find and delete
find /path -name "*.txt" -exec rm {} \;  # Execute command

updatedb                    # Update locate database
locate filename             # Fast file search
locate -i filename          # Case insensitive
locate -c filename          # Count matches

ln -s /path/to/file link    # Symbolic link
ln /path/to/file hardlink   # Hard link
readlink link               # Read link target
unlink link                 # Remove link

cat file.txt                # Display entire file
cat -n file.txt             # With line numbers
cat file1 file2             # Concatenate files
tac file.txt                # Reverse order (cat backwards)

less file.txt               # Page through file (better than more)
more file.txt               # Page through file
head file.txt               # First 10 lines
head -n 20 file.txt         # First 20 lines
tail file.txt               # Last 10 lines
tail -n 50 file.txt         # Last 50 lines
tail -f file.txt            # Follow file (real-time)
tail -F file.txt            # Follow with retry

grep "pattern" file.txt                # Search for pattern
grep -i "pattern" file.txt             # Case insensitive
grep -r "pattern" /path                # Recursive search
grep -v "pattern" file.txt             # Inverse match
grep -n "pattern" file.txt             # Show line numbers
grep -c "pattern" file.txt             # Count matches
grep -l "pattern" *.txt                # Files with match
grep -E "regex" file.txt               # Extended regex
grep -A 3 "pattern" file.txt           # 3 lines after
grep -B 3 "pattern" file.txt           # 3 lines before
grep -C 3 "pattern" file.txt           # 3 lines context

sed 's/old/new/' file.txt              # Replace first occurrence
sed 's/old/new/g' file.txt             # Replace all
sed -i 's/old/new/g' file.txt          # In-place edit
sed -n '10,20p' file.txt               # Print lines 10-20
sed '/pattern/d' file.txt              # Delete matching lines
sed '5d' file.txt                      # Delete line 5

awk '{print $1}' file.txt              # Print first field
awk '{print $1, $3}' file.txt          # Print fields 1 and 3
awk -F: '{print $1}' /etc/passwd       # Custom delimiter
awk '$3 > 100' file.txt                # Conditional
awk '{sum+=$1} END {print sum}' file   # Sum column
awk 'NR==10' file.txt                  # Print line 10

cut -d: -f1 /etc/passwd                # First field with : delimiter
cut -c1-10 file.txt                    # Characters 1-10
cut -f1,3 file.txt                     # Fields 1 and 3

sort file.txt                          # Sort lines
sort -r file.txt                       # Reverse sort
sort -n file.txt                       # Numeric sort
sort -k2 file.txt                      # Sort by 2nd field
sort -u file.txt                       # Sort and unique
uniq file.txt                          # Remove duplicates (must be sorted)
uniq -c file.txt                       # Count occurrences

whoami                      # Current user
id                          # User ID and groups
id username                 # Specific user info
w                           # Who is logged in
who                         # Logged in users
last                        # Last logged in users
lastlog                     # Last login for all users

sudo useradd username       # Add user
sudo useradd -m -s /bin/bash username  # With home and shell
sudo usermod -aG groupname username    # Add to group
sudo userdel username       # Delete user
sudo userdel -r username    # Delete user and home
sudo passwd username        # Set password

groups                      # Current user's groups
groups username             # User's groups
sudo groupadd groupname     # Create group
sudo groupdel groupname     # Delete group
sudo gpasswd -a user group  # Add user to group
sudo gpasswd -d user group  # Remove from group

chmod 755 file              # rwxr-xr-x
chmod u+x file              # Add execute for user
chmod go-w file             # Remove write for group/others
chmod -R 755 directory      # Recursive
chmod a+r file              # Add read for all
 
# Numeric permissions:
# 4 = read (r)
# 2 = write (w)
# 1 = execute (x)
# Examples:
# 644 = rw-r--r--
# 755 = rwxr-xr-x
# 777 = rwxrwxrwx

sudo chown user file        # Change owner
sudo chown user:group file  # Change owner and group
sudo chown -R user:group dir # Recursive
sudo chgrp group file       # Change group only

chmod u+s file              # Set SUID
chmod g+s file              # Set SGID
chmod +t directory          # Set sticky bit
chmod 4755 file             # SUID (4000 + 755)
chmod 2755 directory        # SGID (2000 + 755)
chmod 1755 directory        # Sticky bit (1000 + 755)

getfacl file                # Get ACL
setfacl -m u:user:rwx file  # Set user ACL
setfacl -m g:group:rx file  # Set group ACL
setfacl -x u:user file      # Remove user ACL
setfacl -b file             # Remove all ACLs
setfacl -R -m u:user:rwx dir # Recursive

ps                          # Current shell processes
ps aux                      # All processes (BSD style)
ps -ef                      # All processes (Unix style)
ps -u username              # User's processes
ps -p PID                   # Specific process
pstree                      # Process tree
pgrep process_name          # Find process ID by name

top                         # Interactive process viewer
top -u username             # User's processes
htop                        # Better top (if installed)
 
# Top commands:
# k - kill process
# r - renice
# M - sort by memory
# P - sort by CPU
# q - quit

kill PID                    # Terminate process (SIGTERM)
kill -9 PID                 # Force kill (SIGKILL)
kill -15 PID                # Graceful termination
killall process_name        # Kill by name
pkill process_name          # Pattern kill
pkill -u username           # Kill user's processes

command &                   # Run in background
jobs                        # List background jobs
fg %1                       # Bring job 1 to foreground
bg %1                       # Resume job 1 in background
nohup command &             # Run immune to hangups
disown %1                   # Detach from shell

nice -n 10 command          # Start with nice value (lower priority)
nice -n -10 command         # Higher priority (needs sudo)
renice 10 -p PID            # Change running process priority
renice 10 -u username       # Change user's processes

watch -n 2 'ps aux'         # Run command every 2 seconds
strace -p PID               # Trace system calls
lsof                        # List open files
lsof -p PID                 # Open files by process
lsof -u username            # Open files by user
lsof -i :80                 # Processes using port 80

uname -a                    # All system info
uname -r                    # Kernel version
uname -m                    # Machine hardware
hostname                    # System hostname
hostnamectl                 # Detailed hostname info
uptime                      # System uptime
date                        # Current date/time
timedatectl                 # Time and timezone
cal                         # Calendar

lscpu                       # CPU information
lsmem                       # Memory information
lsblk                       # Block devices
lspci                       # PCI devices
lsusb                       # USB devices
dmidecode                   # DMI/SMBIOS info (needs sudo)
hdparm -I /dev/sda          # Hard drive info

free -h                     # Memory usage (human-readable)
free -m                     # In megabytes
vmstat                      # Virtual memory statistics
vmstat 2 5                  # Every 2 seconds, 5 times
cat /proc/meminfo           # Detailed memory info

cat /proc/cpuinfo           # Detailed CPU info
lscpu                       # CPU architecture info
nproc                       # Number of processors
mpstat                      # CPU statistics (if sysstat installed)

lsmod                       # List loaded modules
modinfo module_name         # Module information
sudo modprobe module_name   # Load module
sudo modprobe -r module_name # Remove module
dmesg                       # Kernel ring buffer
dmesg | tail                # Recent kernel messages
dmesg -T                    # With timestamps

ip addr show                # Show IP addresses
ip addr add IP/mask dev eth0 # Add IP address
ip link show                # Show network interfaces
ip link set eth0 up         # Bring interface up
ip route show               # Show routing table
ip route add default via IP # Add default route

ifconfig                    # Network interfaces (deprecated)
ifconfig eth0               # Specific interface
route -n                    # Routing table
netstat -tuln               # Listening ports
netstat -ant                # All TCP connections
netstat -i                  # Interface statistics

ss -tuln                    # Listening sockets (better than netstat)
ss -tan                     # All TCP sockets
ss -p                       # Show process using socket
ss -s                       # Socket statistics
ss -4                       # IPv4 only
ss -6                       # IPv6 only

nslookup domain.com         # DNS lookup
dig domain.com              # Detailed DNS query
dig @8.8.8.8 domain.com     # Query specific DNS server
dig +short domain.com       # Short output
host domain.com             # Simple DNS lookup
resolvectl status           # DNS resolver status

ping host                   # Test connectivity
ping -c 4 host              # 4 packets only
ping6 host                  # IPv6 ping
traceroute host             # Trace route to host
tracepath host              # Similar to traceroute
mtr host                    # Combined ping/traceroute

wget URL                    # Download file
wget -c URL                 # Continue partial download
wget -O filename URL        # Save as filename
curl URL                    # Transfer data
curl -O URL                 # Save with original filename
curl -L URL                 # Follow redirects
curl -I URL                 # Headers only

tcpdump -i eth0             # Packet capture
tcpdump -i eth0 port 80     # Specific port
tcpdump -i eth0 -w file.pcap # Write to file
iftop                       # Interface bandwidth
nethogs                     # Per-process bandwidth
iptraf-ng                   # Interactive IP traffic monitor

sudo iptables -L            # List rules
sudo iptables -A INPUT -p tcp --dport 22 -j ACCEPT
sudo iptables -D INPUT 1    # Delete rule 1
sudo iptables-save          # Save rules
sudo iptables-restore       # Restore rules

sudo firewall-cmd --list-all
sudo firewall-cmd --add-port=8080/tcp
sudo firewall-cmd --remove-port=8080/tcp
sudo firewall-cmd --add-service=http
sudo firewall-cmd --runtime-to-permanent

sudo apt update             # Update package lists
sudo apt upgrade            # Upgrade packages
sudo apt install package    # Install package
sudo apt remove package     # Remove package
sudo apt purge package      # Remove with config files
sudo apt autoremove         # Remove unused dependencies
apt search keyword          # Search packages
apt show package            # Package details
apt list --installed        # List installed packages

sudo yum update             # Update packages
sudo yum install package    # Install package
sudo yum remove package     # Remove package
yum search keyword          # Search packages
yum info package            # Package details
yum list installed          # List installed
 
# DNF (newer)
sudo dnf update
sudo dnf install package
sudo dnf remove package

rpm -qa                     # List all installed packages
rpm -qi package             # Package info
rpm -ql package             # List package files
rpm -qf /path/to/file       # Which package owns file
sudo rpm -ivh package.rpm   # Install package
sudo rpm -Uvh package.rpm   # Upgrade package
sudo rpm -e package         # Remove package

snap list                   # List installed snaps
sudo snap install package   # Install snap
sudo snap remove package    # Remove snap
sudo snap refresh           # Update snaps
snap find keyword           # Search snaps

sudo systemctl start service    # Start service
sudo systemctl stop service     # Stop service
sudo systemctl restart service  # Restart service
sudo systemctl reload service   # Reload config
sudo systemctl status service   # Service status
sudo systemctl enable service   # Enable at boot
sudo systemctl disable service  # Disable at boot
sudo systemctl is-active service
sudo systemctl is-enabled service

systemctl list-units --type=service          # Running services
systemctl list-units --type=service --all    # All services
systemctl list-unit-files --type=service     # Available services
systemctl list-dependencies service          # Service dependencies

journalctl                         # All logs
journalctl -u service              # Service logs
journalctl -f                      # Follow logs
journalctl --since today           # Today's logs
journalctl --since "2024-01-01"    # Since date
journalctl --until "1 hour ago"    # Time range
journalctl -p err                  # Error priority
journalctl -k                      # Kernel messages
journalctl --disk-usage            # Log disk usage
journalctl --vacuum-time=7d        # Clean logs older than 7 days

df -h                       # Disk free space (human-readable)
df -i                       # Inode usage
du -sh directory            # Directory size
du -sh *                    # Size of all items in current dir
du -ah directory            # All files with sizes
du -h --max-depth=1         # One level deep
ncdu                        # Interactive disk usage (if installed)

mount                       # Show mounted filesystems
sudo mount /dev/sdb1 /mnt   # Mount device
sudo umount /mnt            # Unmount
sudo mount -a               # Mount all in /etc/fstab
lsblk                       # List block devices
blkid                       # Block device attributes

sudo mkfs.ext4 /dev/sdb1    # Create ext4 filesystem
sudo mkfs.xfs /dev/sdb1     # Create XFS filesystem
sudo tune2fs -l /dev/sdb1   # Filesystem info
sudo fsck /dev/sdb1         # Check filesystem (unmounted)
sudo e2fsck -f /dev/sdb1    # Force check ext filesystem

sudo pvdisplay               # Physical volumes
sudo vgdisplay               # Volume groups
sudo lvdisplay               # Logical volumes
sudo pvcreate /dev/sdb       # Create physical volume
sudo vgcreate vg01 /dev/sdb  # Create volume group
sudo lvcreate -L 10G -n lv01 vg01  # Create logical volume
sudo lvextend -L +5G /dev/vg01/lv01 # Extend volume

cat /proc/mdstat             # RAID status
sudo mdadm --detail /dev/md0 # RAID array details
sudo mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb /dev/sdc

tail -f /var/log/syslog     # General system log (Debian/Ubuntu)
tail -f /var/log/messages   # General system log (RHEL/CentOS)
tail -f /var/log/auth.log   # Authentication log
tail -f /var/log/kern.log   # Kernel log
tail -f /var/log/dmesg      # Device driver messages

tail -f /var/log/apache2/access.log
tail -f /var/log/nginx/error.log
tail -f /var/log/mysql/error.log

logrotate -f /etc/logrotate.conf # Force rotation
cat /etc/logrotate.conf          # Configuration
ls /etc/logrotate.d/             # Service-specific configs

watch -n 1 'df -h'          # Disk space every second
watch -n 2 'free -h'        # Memory every 2 seconds
watch 'ps aux --sort=-pcpu | head -n 10' # Top CPU processes

iostat                      # CPU and I/O statistics
iostat -x 2                 # Extended stats every 2 seconds
iostat -d 2                 # Disk stats only
iotop                       # Top for I/O (needs sudo)

sar                         # System activity report
sar -u 2 5                  # CPU usage, 2 sec intervals, 5 times
sar -r                      # Memory usage
sar -b                      # I/O statistics
sar -n DEV                  # Network statistics

atop                        # Advanced system monitor
dstat                       # Versatile resource statistics
glances                     # Modern monitoring tool
nmon                        # Performance monitor

sysctl -a                   # List all kernel parameters
sudo sysctl -w parameter=value  # Set parameter
sysctl vm.swappiness        # View specific parameter
cat /proc/sys/vm/swappiness # Alternative view

sudo command                # Run as root
sudo -i                     # Root shell
sudo -u user command        # Run as different user
sudo -l                     # List sudo privileges
visudo                      # Edit sudoers file safely

sudo chattr +i file         # Make immutable
sudo chattr -i file         # Remove immutable
lsattr file                 # List attributes

getenforce                  # SELinux status
sestatus                    # Detailed status
sudo setenforce 0           # Set to permissive
sudo setenforce 1           # Set to enforcing
ls -Z                       # SELinux context
chcon -t type file          # Change context
restorecon file             # Restore default context

sudo aa-status              # AppArmor status
sudo aa-enforce profile     # Enforce profile
sudo aa-complain profile    # Complain mode
sudo aa-disable profile     # Disable profile

passwd                      # Change own password
sudo passwd username        # Change user password
sudo passwd -l username     # Lock account
sudo passwd -u username     # Unlock account
sudo chage -l username      # Password expiry info
sudo chage -M 90 username   # Max password age

tar -czf archive.tar.gz dir   # Create gzip compressed
tar -cjf archive.tar.bz2 dir  # Create bzip2 compressed
tar -cJf archive.tar.xz dir   # Create xz compressed
tar -xzf archive.tar.gz       # Extract gzip
tar -xjf archive.tar.bz2      # Extract bzip2
tar -xJf archive.tar.xz       # Extract xz
tar -tzf archive.tar.gz       # List contents
tar -xzf archive.tar.gz -C /path  # Extract to path

gzip file                   # Compress file
gunzip file.gz              # Decompress
bzip2 file                  # Better compression
bunzip2 file.bz2            # Decompress bzip2
xz file                     # Best compression
unxz file.xz                # Decompress xz
zip -r archive.zip dir      # Create zip
unzip archive.zip           # Extract zip

ssh user@host               # Connect to host
ssh -p 2222 user@host       # Custom port
ssh -i keyfile user@host    # Use specific key
ssh user@host command       # Execute command
ssh -L 8080:localhost:80 user@host  # Local port forward
ssh -R 8080:localhost:80 user@host  # Remote port forward
ssh -D 9090 user@host       # SOCKS proxy

ssh-keygen                  # Generate key pair
ssh-keygen -t rsa -b 4096   # RSA 4096-bit key
ssh-keygen -t ed25519       # Ed25519 key (recommended)
ssh-copy-id user@host       # Copy public key
ssh-add keyfile             # Add key to agent
ssh-add -l                  # List loaded keys

scp file user@host:/path    # Copy file to remote
scp user@host:/path file    # Copy from remote
scp -r dir user@host:/path  # Copy directory
rsync -avz source/ dest/    # Sync directories
rsync -avz -e ssh source/ user@host:/path/
rsync --delete source/ dest/ # Delete extra files

screen                      # Start screen session
screen -S name              # Named session
screen -ls                  # List sessions
screen -r                   # Reattach
screen -r name              # Reattach to named
# Ctrl+A D to detach
 
tmux                        # Start tmux
tmux new -s name            # Named session
tmux ls                     # List sessions
tmux attach -t name         # Attach
# Ctrl+B D to detach

crontab -l                  # List cron jobs
crontab -e                  # Edit cron jobs
crontab -r                  # Remove all cron jobs
 
# Crontab format:
# * * * * * command
# m h dom mon dow
 
# Examples:
# 0 2 * * * /backup.sh       # Every day at 2 AM
# */15 * * * * /script.sh    # Every 15 minutes
# 0 0 * * 0 /script.sh       # Every Sunday at midnight

at 2:00 PM                  # Schedule for 2 PM
at now + 2 hours            # 2 hours from now
at midnight                 # At midnight
atq                         # List scheduled jobs
atrm job_number             # Remove job

find . -name "*.txt" | xargs rm  # Delete all .txt files
cat files.txt | xargs -I {} cp {} /dest/  # Copy files
echo {1..10} | xargs -n 1 -P 4 command    # Parallel execution

parallel echo {} ::: 1 2 3 4   # Simple parallel
cat urls.txt | parallel wget   # Parallel downloads
parallel -j 4 command ::: $(cat list.txt)  # 4 jobs at once

export VAR=value            # Set variable
echo $VAR                   # Print variable
env                         # List all variables
printenv VAR                # Print specific variable
unset VAR                   # Remove variable
export PATH=$PATH:/new/path # Add to PATH

# Find the process
ps aux | grep apache
top -u www-data
 
# Or by port
lsof -i :80
ss -tlnp | grep :80
 
# Kill gracefully
sudo systemctl restart apache2
 
# Or force kill if hung
sudo pkill -9 apache2
sudo systemctl start apache2
 
# Verify
sudo systemctl status apache2

# Check overall usage
df -h
 
# Find large directories
du -sh /var/* | sort -hr | head -10
du -sh /home/* | sort -hr | head -10
 
# Find large files
find / -type f -size +100M -exec ls -lh {} \; 2>/dev/null | awk '{print $9, $5}'
find /var/log -type f -size +100M -ls
 
# Check log files
du -sh /var/log/*
journalctl --disk-usage
 
# Clean logs
sudo journalctl --vacuum-time=7d
sudo find /var/log -name "*.log" -mtime +30 -delete

# Check load average
uptime
cat /proc/loadavg
 
# Top CPU processes
top
ps aux --sort=-pcpu | head -20
 
# Top memory processes
ps aux --sort=-rss | head -20
 
# I/O wait
iostat -x 2 5
iotop
 
# Check for zombie processes
ps aux | grep Z
 
# Check disk I/O
sar -d 2 5
 
# Network activity
ss -s
netstat -s
iftop

# Check if port is open locally
ss -tlnp | grep 3306
netstat -tlnp | grep 3306
 
# Check if service is running
sudo systemctl status mysql
 
# Test connectivity
telnet db-host 3306
nc -zv db-host 3306
 
# Check DNS resolution
nslookup db-host
dig db-host
 
# Check routing
ip route get db-host-ip
traceroute db-host
 
# Check firewall
sudo iptables -L -n | grep 3306
sudo firewall-cmd --list-all
 
# Check if process is listening
lsof -i :3306

# If recently deleted and process still has it open
lsof | grep deleted
lsof +L1
 
# Find the file descriptor
cd /proc/<PID>/fd
cat <fd_number> > /path/to/recovered/file
 
# Using ext4 features (if ext4)
sudo grep -a -B 100 -A 100 'partial file content' /dev/sda1 > recovered.txt
 
# Using extundelete (ext3/ext4)
sudo extundelete /dev/sda1 --restore-file /path/to/file
 
# Using testdisk/photorec
sudo photorec /dev/sda1

# Check memory usage
free -h
vmstat 1
 
# Find memory hogs
ps aux --sort=-rss | head -20
top -o %MEM
 
# Check OOM killer logs
dmesg | grep -i oom
journalctl -p err | grep -i oom
 
# Configure swap
sudo swapon --show
sudo fallocate -l 4G /swapfile
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfile
 
# Tune swappiness
sudo sysctl vm.swappiness=10
echo "vm.swappiness=10" | sudo tee -a /etc/sysctl.conf
 
# Set memory limits
ulimit -m 2048000  # Max memory size
# In /etc/security/limits.conf:
# username hard rss 2048000

# Check auth logs
grep "Failed password" /var/log/auth.log
grep "Failed password" /var/log/secure
 
# Count by IP
grep "Failed password" /var/log/auth.log | \
  awk '{print $(NF-3)}' | sort | uniq -c | sort -nr
 
# Last failed logins
lastb
 
# Using journalctl
journalctl _SYSTEMD_UNIT=ssh.service | grep "Failed"
 
# Real-time monitoring
tail -f /var/log/auth.log | grep "Failed"
 
# Install fail2ban for automatic blocking
sudo apt install fail2ban
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

# Check I/O wait
top  # Look at 'wa' in CPU line
iostat -x 2 5
 
# Per-process I/O
sudo iotop
 
# Detailed I/O stats
sar -d 2 5
 
# Check disk queue
cat /proc/diskstats
 
# Find processes doing I/O
sudo lsof | grep deleted  # Files deleted but still written
sudo iotop -o  # Only show active I/O
 
# Check for disk errors
dmesg | grep -i error
smartctl -a /dev/sda
 
# Optimize I/O scheduler
cat /sys/block/sda/queue/scheduler
echo deadline | sudo tee /sys/block/sda/queue/scheduler

# users.csv format: username,fullname,group
 
#!/bin/bash
while IFS=, read -r username fullname group; do
    # Create user
    sudo useradd -m -s /bin/bash -c "$fullname" "$username"
    
    # Set temporary password
    echo "$username:TempPass123!" | sudo chpasswd
    
    # Force password change on first login
    sudo chage -d 0 "$username"
    
    # Add to group
    sudo usermod -aG "$group" "$username"
    
    # Set quota if needed
    # sudo setquota -u "$username" 10000000 12000000 0 0 /home
    
    echo "Created user: $username"
done < users.csv

# Find broken symlinks
find /opt -type l ! -exec test -e {} \; -print
 
# Find and delete broken symlinks
find /opt -type l ! -exec test -e {} \; -delete
 
# Or with xargs
find /opt -type l ! -exec test -e {} \; -print0 | xargs -0 rm
 
# Verbose version
find /opt -type l ! -exec test -e {} \; -print0 | \
  while IFS= read -r -d '' file; do
    echo "Removing broken symlink: $file"
    rm "$file"
  done

#!/bin/bash
LOGFILE="/var/log/application.log"
MAX_SIZE=$((1024*1024*1024))  # 1GB in bytes
 
while true; do
    SIZE=$(stat -f%z "$LOGFILE" 2>/dev/null || stat -c%s "$LOGFILE")
    
    if [ "$SIZE" -gt "$MAX_SIZE" ]; then
        # Alert
        echo "Log file exceeds 1GB" | mail -s "Log Alert" admin@example.com
        
        # Rotate
        mv "$LOGFILE" "$LOGFILE.$(date +%Y%m%d-%H%M%S)"
        touch "$LOGFILE"
        
        # Restart service if needed
        sudo systemctl restart application
    fi
    
    sleep 300  # Check every 5 minutes
done

# Install auditd
sudo apt install auditd
 
# Add watch rule
sudo auditctl -w /etc -p wa -k etc_changes
 
# View watches
sudo auditctl -l
 
# Search audit logs
sudo ausearch -k etc_changes
sudo ausearch -k etc_changes -ts today
 
# Generate report
sudo aureport -f
 
# Make rules persistent
echo "-w /etc -p wa -k etc_changes" | \
  sudo tee -a /etc/audit/rules.d/etc.rules

# Check MySQL process
ps aux | grep mysql
top -u mysql
 
# Check MySQL status
sudo systemctl status mysql
 
# Connect and check
mysql -u root -p -e "SHOW PROCESSLIST;"
mysql -u root -p -e "SHOW ENGINE INNODB STATUS\G"
 
# Check slow query log
sudo tail -f /var/log/mysql/slow-query.log
 
# Enable slow query log if not enabled
mysql -u root -p
SET GLOBAL slow_query_log = 'ON';
SET GLOBAL long_query_time = 2;
 
# Check table sizes
mysql -u root -p -e "
  SELECT table_schema AS 'Database',
         ROUND(SUM(data_length + index_length) / 1024 / 1024, 2) AS 'Size (MB)'
  FROM information_schema.TABLES
  GROUP BY table_schema;"
 
# Optimize tables
mysql -u root -p -e "OPTIMIZE TABLE database.table;"

# Boot into rescue mode / single user mode
# At GRUB, select Advanced Options > Recovery Mode
 
# Or boot from live CD/USB
 
# Mount filesystems
mount /dev/sda1 /mnt
mount -t proc proc /mnt/proc
mount -t sysfs sys /mnt/sys
mount -o bind /dev /mnt/dev
mount -t devpts pts /mnt/dev/pts
 
# Chroot
chroot /mnt
 
# Check kernel logs
dmesg | tail -50
journalctl -xb -1  # Previous boot
 
# List installed kernels
dpkg -l | grep linux-image  # Debian/Ubuntu
rpm -qa | grep kernel       # RHEL/CentOS
 
# Reinstall or use older kernel
apt install --reinstall linux-image-$(uname -r)
 
# Update GRUB
update-grub  # Debian/Ubuntu
grub2-mkconfig -o /boot/grub2/grub.cfg  # RHEL/CentOS
 
# Exit and reboot
exit
umount -l /mnt
reboot

# Check cron service
sudo systemctl status cron
sudo systemctl status crond  # RHEL/CentOS
 
# Check cron logs
grep CRON /var/log/syslog
journalctl -u cron
 
# Verify crontab
crontab -l
 
# Common issues and fixes:
# 1. Environment variables
crontab -e
# Add at top:
SHELL=/bin/bash
PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
 
# 2. Use absolute paths in script
# Instead of: python script.py
# Use: /usr/bin/python3 /full/path/to/script.py
 
# 3. Redirect output to log
0 2 * * * /path/to/script.sh >> /var/log/myscript.log 2>&1
 
# 4. Make script executable
chmod +x /path/to/script.sh
 
# 5. Test cron entry
# Run command exactly as in crontab
/bin/bash -c "cd /path && ./script.sh"

# File operations
ls, cd, pwd, mkdir, cp, mv, rm, find, grep
 
# System
ps, top, kill, df, du, free, uptime
 
# Network
ip, ss, ping, curl, wget
 
# Logs
journalctl, tail, grep
 
# Services
systemctl, service
 
# Package management
apt/yum/dnf install/update/remove
 
# Permissions
chmod, chown, chgrp
 
# Archives
tar -czf/-xzf

uptime                      # Load average
free -h                     # Memory
df -h                       # Disk space
iostat -x                   # I/O stats
top                         # CPU/Memory processes
ss -s                       # Network sockets
journalctl -p err           # Error logs