2026 Linux Production Ops Command Guide: From Beginner to Expert
This comprehensive guide collects the most essential Linux commands for 2026 production environments, covering system information, service management, file operations, process and network monitoring, user and security administration, system maintenance, advanced shell tricks, and best‑practice checklists for services like MySQL and Redis.
1. System Basics & Monitoring
Key commands for inspecting kernel version, OS release, hostname, uptime, CPU architecture, per‑core usage, memory usage, and detailed memory info:
# System basic information
uname -a # kernel version and hardware info
cat /etc/os-release # distribution info
hostnamectl # hostname and system overview
uptime # uptime and load average
lscpu # CPU architecture and core count
mpstat -P ALL # real‑time usage per core
free -h # memory usage (human readable)
cat /proc/meminfo # detailed memory information2. File System Management
Basic File Operations
Listing, creating, deleting, copying, moving, and touching files and directories with common options:
# Directory / file listing
ls # simple list
ls -l # long format (permissions, size, time, owner)
ls -a # show hidden files
ls -lh # human‑readable sizes
ls -lt # sort by modification time (newest first)
ls -ltr # reverse time order (oldest first)
ls -S # sort by size
ls -R # recursive list
ls -d */ # list only directories
# Create directories
mkdir testdir # single‑level directory
mkdir dir1 dir2 dir3 # create multiple directories
mkdir -p a/b/c/d # recursive creation of missing parents
mkdir -m 755 testdir # set permissions at creation
# Delete files / directories
rm file.txt # delete file (prompt)
rm -f file.txt # force delete without prompt
rm -rf dirname # recursive delete (dangerous)
rm -rf /* # EXTREMELY DANGEROUS: would delete the entire system
rmdir dirname # delete empty directory
# Copy files / directories
cp file.txt /tmp/ # copy file to directory
cp -i file.txt /tmp/ # prompt before overwriting
cp -r dir1 /tmp/ # recursive copy of directory
cp -a dir1 /tmp/ # archive copy (preserve permissions, timestamps, symlinks)
cp -p file.txt /tmp/ # preserve file attributes
cp -u file.txt /tmp/ # copy only if source is newer
# Move / rename
mv oldname newname # rename file or directory
mv file.txt /tmp/ # move file
mv -f file.txt /tmp/ # force overwrite without prompt
mv -i file.txt /tmp/ # prompt before overwriting
# Create or update timestamps
touch test.txt # create file if missing, otherwise update timestamp
touch -t 202501011200 file.txt # set specific modification timeFile Content Handling
Viewing, searching, editing, sorting, and comparing file contents:
# Full view
cat file.txt # output entire file
cat -n file.txt # show line numbers
cat -A file.txt # display invisible characters
tac file.txt # reverse output (last line first)
# Paging
more file.txt # page down line by line
less file.txt # more powerful pager with search
less +G file.txt # jump directly to end of file
# Head / tail
head -n 10 file.txt # first 10 lines
head -c 100 file.txt # first 100 bytes
tail -n 10 file.txt # last 10 lines
tail -f catalina.out # follow log in real time
tail -F catalina.out # follow log across rotations
tail -n +10 file.txt # from line 10 to end
# Search
grep "error" log.log # find lines containing keyword
grep -i "error" log.log # case‑insensitive search
grep -w "error" log.log # whole‑word match
grep -c "error" log.log # count matching lines
grep -n "error" log.log # show line numbers
grep -v "error" log.log # inverse match (exclude)
grep -r "key" /etc/ # recursive directory search
grep -E "warn|error" log.log # extended regex for multiple keywords
grep --color=auto "error" log.log # highlight matches
# Stream editing with sed
sed 's/old/new/g' file.txt # global replace old → new
sed -i 's/old/new/g' file.txt # in‑place edit
sed '/^$/d' file.txt # delete empty lines
sed '/test/d' file.txt # delete lines containing "test"
sed -n '5,10p' file.txt # print lines 5‑10
sed 's/^/prefix /' file.txt # prepend text to each line
sed 's/$/ suffix/' file.txt # append text to each line
# Sorting and deduplication
sort file.txt # lexical sort
sort -n file.txt # numeric sort
sort -r file.txt # reverse order
sort -u file.txt # sort and remove duplicates
sort file.txt | uniq # remove duplicates
sort file.txt | uniq -c # count duplicate occurrences
# Column extraction with awk
awk '{print $1}' file.txt # print first column
awk '{print $NF}' file.txt # print last column
awk '/error/{print $0}' file.txt # print lines matching pattern
awk -F ':' '{print $1,$3}' /etc/passwd # specify field separator
awk 'BEGIN{sum=0}{sum+=$1}END{print sum}' file.txt # sum values in first column
# File comparison
comm -1 file1 file2 # show lines unique to file2
comm -2 file1 file2 # show lines unique to file1
comm -3 file1 file2 # show common lines
# Merge files side by side
paste file1 file2 # combine columns
paste -d '+' file1 file2 # use '+' as delimiterSearch Techniques
In less use /keyword to search forward, ?keyword to search backward, n for next match, and N for previous match.
File Finding & Locating
# Find files
find / -name "file.txt" # global name search
find /home -name "*.log" # wildcard search
find / -type f -size +100M # files larger than 100 MiB
find / -type f -mtime -7 # modified within last 7 days
find / -type f -atime -1 # accessed within last day
find / -type f -ctime -1 # status changed within last day
find / -user root # owned by root
find / -perm 755 # permission 755
find / -name "*.log" -delete # delete found logs
find / -name "*.log" -exec cp {} /tmp \; # copy found logs to /tmp
locate *.mp4 # fast index search for .mp4 files
updatedb # update locate database
locate file.txt # quick locate
# Command location
which nginx # locate executable path
whereis nginx # locate binary, source, and man pages
type cd # show if command is built‑in or externalFile Permission Management
# Permission basics (r=4, w=2, x=1)
# u=user, g=group, o=others, a=all
# Modify permissions
chmod 755 file.sh # rwxr-xr-x
chmod 644 file.txt # rw-r--r--
chmod u+x file.sh # add execute for owner
chmod g+w file.txt # add write for group
chmod o-r file.txt # remove read for others
chmod -R 755 /data # recursive change
# Change group
chgrp group1 file1
# Change owner / group
chown user1 file.txt
chown :group1 file.txt
chown user1:group1 file.txt
chown -R user1:group1 /data
# Special permissions
chmod u+s /usr/bin/passwd # setuid bit
chmod g+s /data/share # setgid bit
chmod o+t /tmp # sticky bitCompression & Extraction
# tar archive and compression
# gz compression
tar -zcvf archive.tar.gz dir/
# bz2 compression
tar -jcvf archive.tar.bz2 dir/
# xz compression
tar -Jcvf archive.tar.xz dir/
# Extraction
tar -zxvf archive.tar.gz
tar -jxvf archive.tar.bz2
tar -Jxvf archive.tar.xz
tar -xvf archive.tar # auto‑detect format
tar -zxvf archive.tar.gz -C /tmp/ # extract to specific directory
# zip / unzip
zip -r dir.zip dir/
unzip dir.zip
unzip dir.zip -d /tmp/
# gzip / bzip2
gzip file.txt
gunzip file.txt.gz
bzip2 file.txt
bunzip2 file.txt.bz23. Process & Network Management
Process Management
# View processes
ps -ef # standard full‑format list
ps aux # BSD format
ps -ef | grep nginx # filter for specific process
pstree # process tree
pstree -p # show PIDs in tree
top # real‑time process monitor
htop # enhanced top
uptime # system load
ps -auxf | sort -nr -k 4 | head -10 # top 10 memory‑hungry processes
ps -auxf | sort -nr -k 3 | head -10 # top 10 CPU‑hungry processes
ps -eo pid,ppid,cmd,%cpu,%mem --sort=-%cpu | head # detailed CPU/memory usage
# Kill processes
kill PID # graceful termination
kill -9 PID # force kill
kill -15 PID # normal termination signal
pkill nginx # kill by name
killall nginx # kill all matching processes
# Background execution
command & # run in background
nohup command & # keep running after logout
jobs # list background jobs
fg %1 # bring job to foreground
bg %1 # resume job in backgroundNetwork & Ports
# Network interface information
ifconfig # legacy interface info
ip addr # modern replacement for ifconfig
ip route # routing table
ping ip # test connectivity
ping -c 3 ip # send only 3 packets
# Port testing
telnet ip port # test TCP port connectivity
nc -vz ip port # port probe
netstat -lntp # list listening ports (old)
ss -lntp # faster replacement for netstat
ss -s # socket statistics
# DNS lookup
nslookup domain # basic DNS query
dig domain # detailed DNS information
# Hostname management
hostname # show current hostname
hostnamectl set-hostname new-host # change hostname4. User & Security Management
# User management
useradd user1 # create user
useradd -m user1 # create user with home directory
userdel -r user1 # delete user and home
passwd user1 # set password
usermod -G group1 user1 # add to supplementary group
# Group management
groupadd group1 # create group
groupdel group1 # delete group
id user1 # display user IDs and groups
who # currently logged‑in users
w # detailed login info
last # login history
# sudo configuration (use with caution in production)
visudo # edit sudoers safely
# add line: username ALL=(ALL) NOPASSWD:ALL # password‑less sudo5. System Maintenance
Log Management
# System logs (traditional)
tail -f /var/log/messages
tail -f /var/log/secure
tail -f /var/log/cron
# systemd journal (modern)
journalctl -xe # view all logs (first step when troubleshooting)
journalctl -u nginx # logs for specific service
journalctl --since "1 hour ago" # logs from the last hour
# Traditional log files
tail -f /var/log/messages # real‑time RHEL‑style logs
tail -f /var/log/syslog # real‑time Debian‑style logs
tail -n 100 /var/log/nginx/access.log # last 100 lines of access log
# Log filtering
grep "error" /var/log/*.log # global error search
tail -f /var/log/syslog | grep sshd # real‑time filter for sshd entriesScheduled Tasks
# Edit current user crontab
crontab -e
# List crontab entries
crontab -l
# Crontab time format examples:
# */5 * * * * → every 5 minutes (monitoring script)
# 0 2 * * * → daily at 02:00 (data backup)
# 0 0 * * 0 → Sundays at midnight (weekly report)
# 0 3 1 * * → first of each month at 03:00 (monthly cleanup)Package Management
# RHEL / CentOS (2026 recommends dnf)
dnf install nginx # install package
dnf remove nginx # uninstall package
dnf list installed # list installed packages
dnf provides */netstat # find which package provides a command
# Ubuntu / Debian
apt update # refresh package index (must run before install)
apt install nginx # install package
apt remove nginx # uninstall package
apt list --installed # list installed packages6. Advanced Tips & Best Practices
Common Shell Tricks
history # command history
!100 # execute 100th command
!! # repeat last command
Ctrl+R # reverse search history
Ctrl+C # terminate command
Ctrl+Z # suspend job
Ctrl+D # exit terminalCommand Composition & Efficiency
# Find large files and sort them
find / -type f -size +100M -exec ls -lh {} \; | sort -k5 -hr
# Monitor system resource changes every second
watch -n 1 'df -h; echo; free -h; echo; uptime'
# Bulk kill processes matching a pattern
ps aux | grep 'pattern' | awk '{print $2}' | xargs kill
# Real‑time monitoring of multiple log files
tail -f /var/log/nginx/access.log /var/log/nginx/error.log
# High‑frequency connection monitoring (TCP layer)
ss -lnt sport = :80 or sport = :443 # listening sockets on HTTP/HTTPS
ss -ant sport = :80 | awk '{print $6}' | sort | uniq -c # count connections by state
# Process and work mode analysis
ps aux --sort=-%cpu | grep nginx # top CPU consumers
pstree -p $(pgrep nginx | head -1) # parent‑child process tree
# Real‑time HTTP status code statistics
tail -f /var/log/nginx/access.log | awk '{print $9}' | sort | uniq -c
# Capture 5xx errors as they appear
tail -f /var/log/nginx/access.log | grep -E "5[0-9]{2}"Performance & Bottleneck Diagnosis
# Measure request latency
time curl -o /dev/null -s -w "HTTP status:%{http_code}
Total time:%{time_total}s
" http://localhost/health
# System call tracing (use with caution)
strace -p $(pgrep nginx | head -1) -c7. Specific Service Management
Database (MySQL Example)
Key focus: query performance, locks, connection count, buffer pool, disk I/O.
# Connections & sessions
mysqladmin processlist # or SHOW FULL PROCESSLIST;
ss -lnt sport = :3306 # check MySQL port connections
# Performance & resources
mysql -e "SHOW ENGINE INNODB STATUS\G" | grep -A 10 "LATEST DETECTED DEADLOCK" # deadlock info
mysql -e "SHOW GLOBAL STATUS LIKE 'Innodb_buffer_pool%';" # buffer pool hit rate
# Slow queries & locks
tail -f /var/log/mysql/slow.log | grep -E "Query_time: ([5-9]|\d\d+)" # queries >5 s
mysql -e "SELECT * FROM information_schema.INNODB_LOCKS;" # current lock info
# System‑level resources
iostat -x 1 | grep -E "Device:|sda" # disk I/O (usually separate data disk)
pidstat -d -p $(pgrep mysqld) 1 3 # detailed per‑process I/OMessage Queue (Redis Example)
Key focus: memory usage, connections, persistence, keyspace.
# Memory & keyspace
redis-cli info memory | grep -E "used_memory:|mem_fragmentation_ratio"
redis-cli info keyspace
# Connections & clients
redis-cli info clients | grep -E "connected_clients|blocked_clients"
redis-cli client list
# Persistence status
redis-cli info persistence | grep -E "rdb_last_save_time|aof_rewrite_in_progress"
# Performance monitoring
redis-cli --latency-history -i 5 # latency sample every 5 seconds8. Production‑Ready Checklists
Website slowdown: run ss -s to check socket exhaustion, then tail -f relevant logs for response times.
大量5xx错误: use grep on error logs to locate failing backend services, then test upstream health with curl.
CPU飙升: capture system calls with strace or profile hot functions with perf top.
Database response slow: check processlist for long queries, then inspect InnoDB status for lock contention.
Connection limit reached: verify with ss, adjust max_connections or terminate idle sessions.
High disk I/O: monitor via iostat, optimize slow queries or consider expanding the InnoDB buffer pool.
By following the commands, examples, and best‑practice recommendations above, operators can efficiently manage Linux production servers, diagnose issues quickly, and maintain reliable, secure services in modern cloud and containerized environments.
Signed-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.
