Essential Linux Command Cheatsheet for Sysadmins: 14 Handy Scripts
A concise collection of 14 practical Linux shell commands and scripts—ranging from file searching and batch extraction to log cleanup, directory checks, sed replacements, network capture, and firewall rules—helps operations engineers work faster and solve common problems without constantly searching online.
These commands are frequently used in system operations; forgetting them after a few days can hurt productivity. While you can always search online, being able to type them fluently greatly improves work efficiency for professional ops engineers.
1. Move all .zip files to a backup directory
find . -name "*.zip" -exec mv {} ./backup/;2. Delete log files older than 30 days and larger than 100 MB
find . -name "*.log" –mtime +30 –type f –size +100M | xargs rm -rf {};3. Batch unzip all .zip files in the current directory
for i in `find . –name "*.zip" –type f`
do
unzip –d $i /data/www/
doneNote: for i in (command); do … done is a common loop format where i is a user‑defined variable.
4. Find and delete *.log files created more than 3 days ago
find . -mtime +3 -name "*.log" | xargs rm -rf {};5. Move files larger than 100 KB to /tmp
find . -size +100k -exec mv {} /tmp;6. Check if a directory exists, create it if not, otherwise print a message
if [ ! -d /data/backup/ ]; then
mkdir -p /data/backup/
else
echo "目录已存在"
fi-d checks for a directory.
7. Replace a directory path in a file using sed
sed 's:/user/local:/tmp:g' test.txt
# or
sed -i 's//usr/local//tmp/g' test.txt8. Common sed commands
sed -i 's/^.//g' test.txt # remove leading dot
sed 's/^/a/g' test.txt # add 'a' at line start
sed 's/$/a/' test.txt # add 'a' at line end
sed '/rumen/az' test.txt # after a specific line, add 'z'
sed '/rumenz/ic' test.txt # insert 'c' before a line9. Use sed to modify a line matching a pattern
sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/configsed colon syntax example.
sed -i 's:/tmp:/tmp/abc/:g' test.txt # replace /tmp with /tmp/abc/10. List top 20 IPs by request count in an Nginx access log
cat access.log | awk '{print $1}' | sort | uniq -c | sort -nr | head -20Explanation: sort orders, uniq removes duplicates.
11. Replace lines ending with "ab" to "cd"
sed -e 's/ab$/cd/g' b.txt12. Capture network packets with tcpdump (port 80)
# Capture packets to 192.168.56.7 on port 80
tcpdump -nn host 192.168.56.7 and port 80
# Exclude host 192.168.0.22 on port 80
tcpdump -nn host 192.168.56.7 or ! host 192.168.0.22 and port 8013. Show the 20 most used commands from bash history
history | awk '{print $2}' | sort | uniq -c | sort -k1,1nr | head -1014. Simple firewall script to allow only remote access to port 80
iptables -F
iptables -X
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -j REJECT
# or
iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPTSigned-in readers can open the original source through BestHub's protected redirect.
This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactand we will review it promptly.
Efficient Ops
This public account is maintained by Xiaotianguo and friends, regularly publishing widely-read original technical articles. We focus on operations transformation and accompany you throughout your operations career, growing together happily.
How this landed with the community
Was this worth your time?
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.