This section is meant to be a compilation of useful Sysadmin commands.
The two main commands for managing services are service and systemctl. The main difference over both is the capabilities, where systemctl
is a much more powerful command. Nonetheless, there are some underlying differences that may depend also in specificities of each distro.
What systemctl actually manages are "units" (where services are a subtype of such). These simply are objects that systemd knows how to manage.
Here we do not pretend to delve deeper into this. Instead, we are going to focus into service management.
By default, the command outputs all units that have been loaded. Does the same that systemctl list-units
-
--type=service-> Shows only the services -
--state=running-> Allows to filter by the status of the service (runningcan be replaced by any of the below states)activerunningfailedexited
inactivedead
- More about states here
-
All unit types can be found here.
-
All status types can be found here.
enable-> adds a service to system startupdisable-> removes a service from startupstart-> starts a service at the momentstop-> halts a servicestatus-> checks the status of a service (running, stopped...)
- Digital Ocean - How To Use Systemctl to Manage Systemd Services and Units (Accessed: 02-oct-2023)
- Digital Ocean - Understanding Systemd Units and Unit Files (Accessed: 02-oct-2023)
The services that this command manages are managed by System V.
--status-all-> will output the status of all processes[ + ]means service is running[ - ]means service exited[ ? ]means that the service does not have status
--full-restart-> restarts all running
Source: program man page
Will display a tree with processes and subprocesses.
- Specifying a user will allow us to show only their processes. For example,
pstree $USERwill show only yours.pstreeis the same aspstree root - It is also possible to display the PID of each process
pstree -p
When processes fail, the command systemctl status may not deliver as much information as we need. For this kind of situation, we can check the ctl journal.
journalctlwill output all logs fromsystemctl.journalctl -ewill show only the last entries of the log.jounralctl -u NAME.service(replacingNAME) will allow us to filter by service (for example,docker.service) and debug why it failed to start/run (whatever).
Commands for retrieving information about the system
Prints system info
-aall avaliable entries--helpto see all options (kernel, os, so on)
Shows uptime of the system.
--pretty, hours and minutes of uptime--since, date since system is running
Shows distribution-specific information.
lsb_release -ashows all information. Most recommended.lsb_release -hto get specific information of the release.
To examine or control the kernel ring buffer. Useful to get the latest system logs.
Shows the system limits for the different resources (memory, disk, cpu...)
-
ulimit -ashows all system limits. -
ulimit -<flag> <value>to edit a value (the flag is shown with-a)
lastlatest loginslastlogshows the latest login for every userwhoshows what users have an open sessionwshows who is connected and WHAT is doing
faillog -u %USERshows failed loginspasswd -l userlocks the (password of) a specific accountpasswod -u userto revert
auditctl -w /etc/passwd -p war -k password-file- Documentation (explanation + installation intructions)
- Nagios Plugins archive
- NRPE (check nrpe) archive
- Tutorial instalación y configuración
- Otro caso con NSClient++
- Fail2ban utility (to mitigate automated scripts trying to brute force logins)
sshfs(ssh filesystem) to mount a remote filesystem