System status check
*******************
# server information
uname -a
# server config information
prtconf
sysdef -i
# server up time
uptime
# disk free, listed in KB
df -kt
# mounted devices
mount
# network status
netstat -rn
# network configuration info
ifconfig -a
# processes currently running
ps -elf
# user processes
w
whodo
who am i
finger
ps
# virtual memory statistics
vmstat 5 5
# system activity reporter (Solaris/AIX)
sar 5 5
# report per processor statistics (Solaris)
mpstat 5 5
psrinfo
# swap disk status (Solaris)
swap -l
# shared memory
ipcs -b
===============================================
System shutdown
***************
# shutdown the server in 60 seconds, restart system in administrative state
# (Solaris)
/usr/sbin/shutdown -y -g60 -i1 "System is begin restarted"
# shutdown the server immediately, cold state
# (Solaris)
/usr/sbin/shutdown -y -g0 -i0
# shutdown AIX server, reboot .. also Ctrl-Ctrl/Alt
shutdown -Fr
# restart the server
/usr/sbin/reboot
===============================================
User accounts
*************
# add jsmith account .. the -m parm forces the home dir creation
useradd -c "Jim Smith" -d /home/jsmith -m -s "/usr/bin/ksh" jsmith
# change group for jsmith
chgrp staff jsmith
# change jsmith password
passwd jsmith
# change jsmith description
usermod -c "J.Smith" jsmith
# remove ksmith account
userdel ksmith
# display user accounts
cat /etc/passwd
===============================================
Displaying files
****************
# display file contents
cat myfile
# determine file type
file myfile
# display file, a screen at a time (Solaris)
pg myfile
# display first 100 lines of a file
head -100 myfile
# display last 50 lines of a file
tail -50 myfile
# display file that is changing, dynamically
tail errlog.out -f
===============================================
File permissions
****************
Permission flags: r = read, w = write, x = execute Permissions are displayed for owner, group, and others.
# display files, with permissions
ls -l
# make file readable, writeable, and executable for group/others
chmod 777 myfile
# make file readable and executable for group/others
chmod 755 myfile
# make file inaccessible for all but the owner
chmod 700 myfile
# make file readable and executable for group/others,
# user assumes owner's group during execution
chmod 4755 myfile
# change permission flags for directory contents
chmod -R mydir
# change group to staff for this file
chgrp staff myfile
# change owner to jsmith for this file
chown jsmith myfile
===============================================
Listing files
*************
# list all files, with directory indicator, long format
ls -lpa
# list all files, sorted by date, ascending
ls -lpatr
# list all text files
ls *.txt
===============================================
Moving/copying files
********************
# rename file to backup copy
mv myfile myfile.bak
# copy file to backup copy
cp myfile myfile.bak
# move file to tmp directory
mv myfile /tmp
# copy file from tmp dir to current directory
cp /tmp/myfile .
===============================================
Deleting files
**************
# delete the file
rm myfile
# delete directory
rd mydir
# delete directory, and all files in it
rm -r mydir
===============================================
Disk usage
**********
# display disk free, in KB
df -kt
# display disk usage, in KB for directory
du -k mydir
# display directory disk usage, sort by largest first
du -ak / | sort -nr | pg
===============================================
Using tar
*********
# display contents of a file
tar tvf myfile.tar
# display contents of a diskette (Solaris)
volcheck
tar tvf /vol/dev/rdiskette0/unnamed_floppy
# copy files to a tar file
tar cvf myfile.tar *.sql
# format floppy, and copy files to it (Solaris)
fdformat -U -b floppy99
tar cvf /vol/dev/rdiskette0/floppy99 *.sql
# append files to a tar file
tar rvfn myfile.tar *.txt
# extract files from a tar filem to current dir
tar xvf myfile.tar
===============================================
Starting a process
******************
& - run in background
nohup (No Hang Up) - lets process continue, even if session is disconnected
# run a script, in the background
runbackup &
# run a script, allow it to continue after logging off
nohup runbackup &
# Here nohup.out will still be created, but any output will
# show up in test70.log. Errors will appear in nohup.out.
nohup /export/spare/hmc/scripts/test70 > test70.log &
===============================================
Killing a process
*****************
1) In your own session; e.g. jobs were submitted, but you never logged out:
ps # list jobs
kill -9 < process id> # kill it
2) In a separate session
# process ID appears as column 4
ps -elf | grep -i
kill -9 < process id> # kill it
3) For device (or file)
# find out who is logged in from where
w
# select device, and add /dev ... then use the fuser command
fuser -k /dev/pts/3
# Here nohup.out will not be created; any output will
# show up in test70.log. Errors will appear test70.log also !
nohup /export/spare/hmc/scripts/test70 > test70.log 2>&1 &
===============================================
Redirecting output
******************
# send output to a file
runbackup > /tmp/backup.log
# also redirect error output
runbackup > /tmp/backup.log 2> /tmp/errors.log
# send output to grep program
runbackup | grep "serious"
===============================================
Date stamping
*************
# Date stamping files
# format is :
# touch -t yyyymmddhhmi.ss filename
touch -t 199810311530.00 hallowfile
# lowercase functions (ksh)
typeset -u newfile=$filename
# date formatting, yields 112098 for example
date '+%m%d%y'
# display a calendar (Solaris / AIX)
cal
# route output to both test.txt and std output
./runbackup | tee test.txt
# sleep for 5 seconds
sleep 5
# send a message to all users
wall "lunch is ready"
# edit file, which displays at login time (message of the day)
vi /etc/motd
# edit file, which displays before login time (Solaris)
vi /etc/issue
===============================================
user add
********
/usr/sbin/useradd -d /users/test1 -c "CiscoUser" -s /bin/sh test1
Password status
***************
cmd:passwd -s username
use man passwd to see all the options.
To Lock the account
*******************
cmd:passwd -l username
To unlock the account
*******************
cmd:passwd -u username
To check last login
*******************
cmd: last username
To Disable password expiry settings
***********************************
passwd -x -1 usrrname
Date Conversion
***************
TIME1=`date +%m/%d/%Y`
This will print the date in month/day/year format(05/24/2009)
Getting yesterday date's in Solaris
***********************************
DATE_STAMP=`TZ=CST+24 date +%y%m%d`
in perl : perl -e 'print localtime(time() - 86400) . "\n" '
tomorrow's date : DATE_STAMP=`TZ=CST-24 date +%y%m%d`
getting GMT time : perl -e "require 'ctime.pl'; print &ctime($EPOCH);"
: date -u
Start TFTP service
******************
inetconv
Screen commands
***************
/usr/local/bin/screen -list To view screening
/usr/local/bin/screen -r name to resume existing screening
/usr/local/bin/screen -S name to start new screening
Disable ssh root login in Solaris 10
************************************
1. Change the file /etc/ssh/sshd_config with PermitRootLogin yes to replace PermitRootLogin no
2. restart the services
#svcadm restart svc:/network/ssh:default
Logout ssh after certain period of inactivity
*********************************************
1) Edit /etc/ssh/sshd_config
2) Set ClientAliveInterval to 5 minutes (300 seconds)
ClientAliveInterval 120
ClientAliveCountMax 0
3) Restart sshd
#svcadm restart svc:/network/ssh:default
Find a line number for a particular string
******************************************
grep -n "term to find" file.txt | cut -f1 -d:
Replace the content with particular line number
***********************************************
sed -e "line number s+search for+replace with+g" file name > new file
service related commands
************************
svcs Shows all running services
svcs -x Shows all the failed services
http://www.sun.com/bigadmin/content/selfheal/smf-quickstart.jsp
Remote Login
************
rlogin -l root machine ip
To check ipfilter Status
************************
svcs ipfilter
Enable/Disable ipfilter
***********************
/usr/sbin/svcadm disable network/ipfilter
/usr/sbin/svcadm enable network/ipfilter
Checking package count
**********************
pkginfo -i | wc -l
Checksum command
****************
digest -a md5 filename
Run as other users from root
****************************
su - username -c 'Command"
Find open ports
***************
netstat -an | grep LISTEN
switch machine to sc> prompt
****************************
Enter
#.
Shortcuts
*********
Control-w - deletes the most recent word typed
Control-u - deletes the entire command typed so far
!! - repeats the last command.
CTRL + B Moves the cursor backward one character
CTRL + F Moves the cursor forward one character.
CTRL + H Erase one character. Similar to pressing backspace.
CTRL + P Paste previous line and/or lines.
CTRL + A Moves the cursor to begining of the line
CTRL + E Moves the cursor to end of the line
Use of split command
********************
i) Split the image using split command
split -b 600m sol-10-u7-ga-sparc-dvd.iso.gz Sol510_Image
ii) Merge the splited image using cat command
cat Sol510_Imageaa Sol510_Imageab Sol510_Imageac Sol510_Imagead > sol-10-u7-ga-sparc-dvd.iso.gz
Single line command in shell script
***********************************
if [ -d "10_Recommended" ]; then rm -rf 10_Recommended; fi
Stop and Start vol management
*****************************
/etc/init.d/volmgt stop
/etc/init.d/volmgt start
pkg commands:
************
pkginfo -l pkgname => Print detail information on the package
pkginfo -i pkgname => Print pkgname alone
patch commands
**************
showrev -p
patchadd -p
Cron entries location
**********************
/var/spool/cron/crontabs
* * * * * command to be executed
- - - - -
| | | | |
| | | | +----- day of week (0 - 6) (Sunday=0)
| | | +------- month (1 - 12)
| | +--------- day of month (1 - 31)
| +----------- hour (0 - 23)
+------------- min (0 - 59)
Crontab Commands:
export EDITOR=vi ;to specify a editor to open crontab file.
crontab -e Edit your crontab file, or create one if it doesn't already exist.
crontab -l Display your crontab file.
crontab -r Remove your crontab file.
crontab -v Display the last time you edited your crontab file. (This option is only available on a few systems.)
http://www.adminschoice.com/docs/crontab.htm#Commands
Cron log file location
**********************
/var/cron/log
Systel log file location
************************
/var/log/system
Important commands:
******************
http://www.rocket99.com/unix/unix12.html
Harden steps
************
http://www.qenesis.com/training/sc300/installation.txt
gzip & gunzip
*************
gzip {filename}
gunzip -d {zip file name}
bzip2 uncompress
****************
bzip2 -d
Stop and Start vol management
*****************************
/etc/init.d/volmgt stop
/etc/init.d/volmgt start