The Linux CheatSheet

Published: January 25, 2015 by

• Categories:
• cheatsheet 1
• linux 2

• Tags:
• hack 5
• kali 2

• Linux main directory
• File commands
• Counting | Sorting
• Search
• Find
  • Basic
  • Action
  • Usage Example
• Zip
  • Explanation: gzip vs bzip2 vs tar
• Hard link / Symbolic link
  • Hardlink vs Symlink?
• Redirect
• Pipe
• User
• Permission
  • Owner (user/group)
  • Accessible Types
• Shell
  • Basic Usage
  • Keyboard Shortcuts
  • Shell Variables
  • Define Shell Variables
  • Environment Variables
• Shell Script
  • Basic Usage
  • Basic Syntax
  • alias
  • function
• Package
• File System/Device Files
  • Device files
  • Log files
• Cron
  • at
• Network
  • Main Protocols
  • Main Port Number
  • Basic Commands
• Others
  • Locale
  • About local environment variables
  • Useful tips

Linux main directory

• /boot : necessary file for start up system like Linux kernel
• /bin : command for general users
• /dev : device files
• /etc : system setting files
• /home : home directory for users
• /lib : library
• /media : mount point for outer media
• /proc : process information of system
• /root : home directory for root users
• /sbin : commands for system admin users
• /tmp : temporary files
• /usr : programs, libraries, documents, etc.
• /var : frequently updated files like log files

File commands

# cd
$ cd    #changes directory to home
$ cd - 	#goes back to previous files

# less
$ less test.md
# f/b : show next/previous page
# q   : quits
# =   : show file name and current line number
# /   : search in forward order
# ?   : search in backward order
# v   : launch vi editor

#head/tail
$ head -5 test.md # shows 5 heading lines of test.md
$ tail -3 test.md # shows 3 bottom lines of test.md

#copy
$ cp -i test.md tmp # overwrites with confirmation
$ cp -i test.md tmp # overwrites without confirmation
$ cp -r tmp tmp2   # copy directory

# move/rename
$ mv -i data.txt tmp 	# overwrites with confirmation
$ mv -f data.txt tmp 	# overwrites without confirmation
$ mv tmpdir mydir	# -r is not necessary for moving directory like `rm` or `cp` commands

# remove
$ rm -i data.txt 	# removes with confirmation
$ rm -f data.txt 	# removes without confirmation
$ rm -r tmp 	# removes directory(even when the directory is NOT empty)
$ rm -R tmp   # removes directory(same with -r option)
$ rmdir tmp   # `rmdir` also removes EMPTY files

# create directory
$ mkdir -p tmp/tmp2 	# parents directory will be also created
$ mkdir -m 705 mydir 	# creates directory with set permissions

Counting | Sorting

# count
$ ls -l | wc 			# shows bytes/lines/words count
$ wc -c count.txt # shows only bytes count
$ wc -l count.txt # shows only lines count
$ wc -w count.txt # shows only words count

# sort
$ ls -l | sort 		# sorts by alphabetic order
$ ls -l | sort -b # sorts ignoring spaces in the opening sentence
$ ls -l | sort -f # sorts ignoring Small/Capital
$ ls -l | sort -r # sorts in reverse way
$ ls -l | sort -n # sorts number not as a string but as a number

Search

# `locate` commands search based on database
# therefore it is faster than `find` command
$ locate sort

# to update database
# * this is usually executed regularly
$ updatedb

Find

# `maxdepth` option defines the depth of search target
$ find . -name "README.md" -maxdepth 1

Basic

# find [targetDirectory] [option]

# By name
$ find . -name "README.md"

# By size
$ find . -size 1k 		# file size = 1k byte
$ find . -size +100k 	# file size > 100 byte
$ find . -size +1k 		# file size > 1k byte
$ find . -size -100k 	# file size < 100 byte
$ find . -size -1k 		# file size < 1k byte

# By types
$ find . -type f # files
$ find . -type d # directories
$ find . -type l # symlinks

# By modified time
$ find . -mtime -1 # files modified in a day
$ find . -mtime 7  # files which have not modified over a week

# By accessed time
$ find . -amin -60 # files accessed in last 60 minutes
$ find . -atime 7  # files which have not accessed over a week

# By permission
$ find . -perm a+r 	# all read-permission is allowed
$ find . -perm 644  # permission code is 644
$ find . -perm -444 # read-permission is allowed for all users
$ find . -perm +444 # read-permission is allowed for one of owner, owner group or other users

# By users
$ find . -user jared # files owned by jared
$ find . -uid XXXXXX # files owned by declared uid

# By regexp
$ find . regex ".*git*"

Action

# print
$ find . -name "*git*" 				# shows matched files(default)
$ find . -name "*git*" -print # shows matched files(default)
$ find . -name "*git*" -ls		# shows file's information also

# `-exec` enables you to execute command to the result
$ find . -name "README.md" -exec rm {} ¥; # without confirmation
$ find . -name "README.md" -ok rm {} ¥;		# with confirmation

Usage Example

# finds files updated within a day
$ find . -type f -mtime -1

# finds files updated within past 30 minutes
$ find . -type f -mmin -60

# find and delete files which have not been accessed in 200 days
$ find . -atime +200 -exec rm {} ¥;

Zip

######################################
# gzip
######################################
# zip file
$ cal > cal.txt
$ gzip cal.txt 									# this creates cal.txt.gz but cal.txt would be deleted
$ gzip -c cal.txt > cal.txt.gz 	# if original files should not be deleted

# zip directory
$ mkdir tmp
$ cp cal.txt tmp
$ gzip -r tmp			# be sure that `gzip -r` will not zip directory itself

# check the difference
$ ls -l 					# see the difference of sizes
$ cat cal.txt 		# you can see the calander
$ cat cal.txt.gp 	# but this shows misterious results

# unzip
$ gzip -d cal.txt.gp # unzip file
$ gzip -dr tmp			 # unzip files in tmp directory
$ gunzip cal.txt.gp  # equals with `gzip -d` command

######################################
# bzip2
######################################
$ bzip2 sample.dat    		# this creates sample.dat.bz2
$ bzip2 -d sample.dat.bz2 # unzip

######################################
# tar (and then gzip)
######################################
# tar [options] archivefile.tar targetDirectory
#
# options
# -c : creates archive
# -x : unzip archive
# -t : show files in archived file
# -f : select archive file by file name
# -r : add files to archived file
# -v : show info in details
# -z : gzip
# -j : bzip2

# example
$ mkdir tmp
$ ls -l > tmp/ls.txt
$ cal > tmp/cal.txt
# creates archived files
$ tar cvf tmp.tar tmp 			# just archived and not compressed
$ tar cvfz tmp.tar.gz tmp  	# archived and compressed with gzip
$ tar cvfj tmp.tar.bz2 tmp 	# archived and compressed with bzip2
# see the de-references
$ ls -l

Explanation: gzip vs bzip2 vs tar

gzip/bzip2 vs tar?

tar isnt a compression format - its a way to combine multiple files into one file.

bz2 and gz are compression formats - variations on a theme - similar compression ratio's I think. The default archive manager with ubuntu can open most if not all of these type of files.

Then gzip vs bzip2?

bz2 generally compresses better than gz, but is slower. gz is the de facto standard because it is older, and bz2 is not avaialble by default on some OSes (that's why you mostly find .gz files).

Hard link / Symbolic link

# shows hardlinks
$ ls -i1 # with `-i` options, `ls` shows index node(i node)

# creates hard links
$ touch test.txt 				# creates test.txt
$ ln test.txt test.hard # creates hardlink of test.txt
$ ls -i1 								# check that i node of test.txt equals with test.hard

# creates symbol links
$ touch symbol.txt
$ ln -s symbol.txt symbol.sym
$ ls -i1

# let's have a look at the differene between hard and symbol
$ touch {hard,symbol}.txt 			# creates hard.txt and symbol.txt
$ ln hard.txt hard.hard 				# creates hard link
$ ln -s symbol.txt symbol.sym 	# creates symbol link
$ rm {hard,symbol}.txt 					# removes original .txt files
$ cat hard.hard 								# see how it works
$ cat symbol.sym 								# see how it works

Hardlink vs Symlink?

A hardlink isn't a pointer to a file, it's a directory entry (a file) pointing to the same inode. Even if you change the name of the other file, a hardlink still points to the file…

On the other hand, a symlink is actually pointing to another path (a file name); it resolves the name of the file each time you access it through the symlink.

@see

• http://askubuntu.com/questions/108771/what-is-the-difference-between-a-hard-link-and-a-symbolic-link
• http://stackoverflow.com/questions/185899/what-is-the-difference-between-a-symbolic-link-and-a-hard-link

Redirect

# redirect result
$ ls > redirect.txt 			# the result of `ls` command would be written to redirect2.txt
$ cat redirect.txt
$ ls -i1 >> redirect.txt 	# adds the result to the existing file

# redirect error
$ ls -222 2> error.txt 	# 2> writes error log
$ ls -333 2>> error.txt # 2>> adds error log to the existing file

# redirect both result and error
# .   = current file
# aaa = not-existring file
$ ls . aaa > ls.log 2>&1 # wrtites both the result and error log

# tips
# by combining `cat` and redirect, you can join the result of
# multiple files contents
$ cat apple.txt banana.txt > banapple.txt

# input redirect
# `tr a-z A-Z` replaces all small caps to Capital caps, but
# this command cannot have file as an argument.
# By usring input `<`, a content of file can be sent to commands.
$ tr a-z A-Z  < error.txt

Pipe

$ ls -l > ls.txt
$ tr a-z A-Z < ls.txt

# By using pipe, above process can be written in one line
$ ls -l | tr a-z A-Z

# If you want to send the result both to a file and other command
# then use `tee`
$ ls -l | tee result.log | less

User

#############
# basic
#############

# shows all users
$ id

# shows all groups
$ groups

# see User Database
$ less /etc/passwd

# see Group Database
$ less /etc/group

# adds user
$ useradd jared
$ useradd -u 1000 jared # with udi
$ useradd -d /home/dev  # with custome home directory path

# changes password
$ passwd jared

# deletes user
$ userdel jared
$ userdel -r jared # deletes with home directory

# adds group
$ groupadd designer

# deletes group
$ groupdel designer

#############
# usermod
#############

# locks user
# (when users would not be used for a long time)
$ usermod -L jared

# unlocks user
$ usermod -U jared

# changes primary group
$ usermod -g develop jared

# changes sub group
$ usermod -G develop jared

# changes uid
$ usermod -u 1000 jared

# changes home directory path
$ usermod -d /home/dev/ jared

Permission

Owner (user/group)

# changes owner
$ chown chelsie sample
$ chown -R chelsie sample # changes all files in the directory

# changes group
$ chgrp develp tmp
$ chgrop -R develop tmp

# changes owner and group at the same time
$ chown chelsie:develop tmp

Accessible Types

• Permission
  • r: read (4)
  • w: write (2)
  • x: execute (1)
• Target Segment
  • owner
  • group to which the owner belongs
  • other users
• Permission Counters
  • 7 : 4 + 2 + 1 = r + w + x
  • 5 : 4 + 0 + 1 = r + x
  • 4 : 4 + 0 + 0 + r

$ touch sample.txt
$ ls -l sample.txt
-rw-r--r--  1 username  group  0  1 10 10:11 sample.txt
# user   = can read and write
# group  = can read only
# others = can read only

# changes permission of sample.txt
$ chmod 755 sample.txt
$ ls -l sample.txt
-rwxr-xr-x  1 username  group  0  1 10 10:11 sample.txt

# other options
# - target	: u, g, o
# - control	: +, -, =
# - type		: r, w, x
#
$ chmod ug+rx sample.txt
$ ls -l sample.txt
-rwxr--r--  1 username  group  0  1 10 10:11 sample.txt

Shell

This is bash! #!/bin/bash

Basic Usage

# shows all shells list which you can use
$ cat /etc/shells
/bin/bash
/bin/csh
/bin/ksh
/bin/sh
/bin/tcsh
/bin/zsh

# shows PATH
$ echo $PATH

# `;`
# commands would be continually executed
$ git init; git add -A; git commit -m "first commit"

# `&&`
# means "AND"
$ touch README.md && git add README.md

# `||`
# means "OR"
$ cd /tmp || echo "there is no such directory"

# shows executed commands history
$ history
$ history -c 			# deletes history
$ history 5  			# shows the 5 latest history
$ echo $HISTSIZE 	# shows the size of saved history
$ !cat 						# executes the latest command begin with `cat`
$ !732   					# executes the history with the number
$ !! 							# executes the last command in history
$ !-3 						# executes the 3 before command in history
$ ^cat^ls         # executes the latest command, after replacing `ls` command with `cat`

Keyboard Shortcuts

There are some userful keyboard shortcut in bash.

• tab : complement commands or paths
• ctrl + a : move cursor to the head of the line
• ctrl + e : move cursor to the end of the line
• crll + l : clear display
• ctrl + c : stop currently executing process
• ctrl + s : stop showing result onto the display
• ctrl + q : restart showing result onto the display
• ctrl + z : stop currently executing process temporarily
• ctrl + d : log out
• ctrl + r : starts incremental search (commands history)

Shell Variables

# history
$ echo $HISTFILE
$ echo $HISTFILESIZE
$ echo $HISTSIZE

# home directory path
$ echo $HOME

# hostname
$ echo $HOSTNAME

# language
$ echo $LANG

# command search path
$ echo $PATH

# prompt string
# @see http://www.unix.com/shell-programming-and-scripting/131510-need-explanation-ps1-ps2-ps3-ps4.html
$ echo $PS1
$ echo $PS2 # subshell prompt string, by default ">"

# current directory path
$ echo $PWD

# current shell
$ echo $SHELL

# terminal type
$ echo $TERM

# user
$ echo $UID
$ echo $USER

Define Shell Variables

# defines variables
$ name="jared doe"

# use defined variables
$ echo $name

# unset defined variables
$ unset name

Environment Variables

# lists all environment variables
$ printenv

# lists all shell and environment variables
$ set

# sets environment variables
$ export VAR=Ubuntu

Shell Script

Basic Usage

# executes shell script
$ source sampleshell.sh
$ . sampleshell.sh      # this is the same with the above command

Basic Syntax

Parameters

• $# : the number of parameters
• $@ : all parameters
• $1 : 1st parameter
• $2 : 2nd parameter
• $3 : 3rd parameter…

Condition Expression

• Filetype ( return true when… )
  • -e : file exists
  • -f : file type is file (not directory, etc)
  • -d : file type is 'directory'
  • -r : file exists and is readable
  • -w : file exists and is writable
  • -x : file exists and is executable
  • -L : is symbolic link
• Number ( return true when… )
  • A -eq B : A equals with B
  • A -ge B : A is greater/equal than/with B
  • A -gt B : A is greater then B
  • A -le B : A is less/equal than/with B
  • A -lt B : A is less than B
  • A -ne B : A does not equal with B
• String ( return true when… )
  • -z A : the size of A is 0
  • A = B : A equals with B
  • A != B : A does not equal with B
• Boolean (return trueh when… )
  • ! A : A is false
  • A -a B : A and B are true
  • A -o B : A or B is true

if statement

# when the 1st parameter id directory,
# return `ls -l`

if [ -d $1 ]
	then
		ls -l $1
	else
		echo 'No such directory'
fi

case statement

case $1 in
	[ -d $1 ] )
		echo "Is directory"
		;;
	[ -f $1 ] )
		echo "Is file"
		;;
	*)
		echo "Undefined"
		;;
esac

while statement

i=1
while [ $i -le $1 ]
do
	echo $i
	let i=i+1
done

for statement

i=1
for uid in Will Smith jared
	echo $i
done

alias

# lists all defined alias
$ alias

# sets new alias
$ alias la='ln -la'

# uses new defined alias
$ la

# unset alias
$ unalias la

function

# lists all declared function

# you need space before and after `{}` blanckets
# $N means arguments
$ function dlist() { ls -l $1 | grep '^d'; }

# uses defines function like below
$ dlist /

# above is the same with below command
$ ls -l / | grep '^d'

# unset defined function
$ unset dlist

Package

# shows system architecture
# return
# 	- i386 / i686 : 32 bit binary package
# 	- x86_64			: 64 bit binary package
# 	- noarch			: architecture-independent package
# 	- src 				: source package
#
$ arch

File System/Device Files

# shows detailed info about Linux file system
$ dumpe2fs /dev/sda1

# shows all device files
$ ls /dev

# add `&` at the end of the command line to run the command in the background
$ find / -name "*node*" -type f > nodelog.log 2>&1 &

# shows all jobs
$ jobs

# terminate jobs
$ kill %1

Device files

As for the device files, have a look at below table for futher information.

• sda : 1st disk device
• sdb : 2nd disk device
• sda* : other disk device
• scd* : CD/DVD drive
• tty* : terminals
• pts : vertual terminals
• ttysS* : serial ports
• lp : printer device

Log files

• var/log/messages : general log
• var/log/secure : log about authentication
• var/log/cron : log about cron
• var/log/maillog : log about maillog
• var/log/boot.log : log about starting up system
• var/log/wtmp : log about user logging in
• var/log/lastlog : log about each user last logging in
• var/run/utmp : log about currently-logging-in user

Cron

$ crontab -e # edits crontab
$ crontab -l # lists crontab
$ crontab -r # remobes crontab

When you run the above $ crontab -e command, an editor would be launched and now you can edit the cron file. Here is the basic grammer rules when writing cron.

# *general rule*
# min hour day month DOW command

# run `/usr/bin/updatedb`
# everyday, at 4 am
0 4 * * * /usr/bin/updatedb

# run `/usr/bin/updatedb`
# on every 15th of each month, 1am
0 1 15 * * /usr/bin/updatedb

# run `/user/bin/updatedb`
# on every 5 minutes
*/5 * * * * /usr/bin/updatedb

at

If you want to run not continuously but once, then user at command.

# lists all scheduled jobs
$ at -l
# or use this
$ atq

# deletes scheduled jobs with job number
$ at -d <job number>

# notify user by sending email when a job is done
$ at -m

Network

Main Protocols

Here are the main and basic protocol at least you should remember.

• TCP : Transimission Control Protocol
• UDP : User Datagram Protocol
• ICMP : Internet Control Message Protocol
• IP : Internet Protocol
• HTTP : HyperText Transfer Protocol
• SSL : Secure Socket Layer
• SMTP : Simple Message Transfer Protocol
• POP3 : Post Office Protocol
• FTP : File Transfer Protocol
• DNS : Domain Name Service
• DHCP : Dynamic Host Configuration Protocol

Main Port Number

• 20, 21 : FTP
• 22 : SSH
• 23 : TELNET
• 25 : SMTP
• 53 : DNS
• 67 : DHCP
• 80 : HTTP
• 110 : POP3
• 143 : IMAP4
• 443 : HTTPS

Basic Commands

# checks whether there is connection or not
$ ping -c 3 www.google.com

# gets DNS info and IP addresses
$ host www.google.com

# shows all connection
$ netstat
$ netstat -a # shows all socket status
$ netstat -n # shows without name resolution
$ netstat -u # shows UDP
$ netstat -p # shows process also
$ netstat -m # shows statistics recoreded by the memory management routines

# shows traceroute until host
$ traceroute www.google.com

# shows DNS server info
$ cat /etc/resolv.conf

# shows IP Addresses and Host name relationship
$ cat /etc/hosts

Others

Locale

# shows local environment variables
$ locale

# shows timezone
$ ls /usr/share/zoneinfo/

# sets timezone
$ export TZ='Asia/Tokyo'

# sets timezone in command shell
$ tzselect

About local environment variables

• LANG : all catetories
• LC_MESSAGES : used for showing message
• LC_TIME : format of date/time
• LC_MONETARY : format of currency
• LC_NUMERIC : format of number
• LC_ALL : all categories

Useful tips

# {}
# the first command is equals with the second one
$ touch test{1,2,3}.md
$ touch test1.md test2.md test3.md

# Date
$ date +"%Y%m%d %H:%M %a(%b)"

# NTP(Network Time Protocol)
$ ntpdate ntp.ring.gr.jp