Operations 6 min read
Essential Linux Command Cheatsheet for Sysadmins: 14 Handy Scripts
A concise collection of 14 practical Linux shell commands and scripts—ranging from file searching and batch extraction to log cleanup, directory checks, sed replacements, network capture, and firewall rules—helps operations engineers work faster and solve common problems without constantly searching online.
Efficient Ops
Efficient Ops
These commands are frequently used in system operations; forgetting them after a few days can hurt productivity. While you can always search online, being able to type them fluently greatly improves work efficiency for professional ops engineers.
1. Move all .zip files to a backup directory
<code>find . -name "*.zip" -exec mv {} ./backup/;</code>2. Delete log files older than 30 days and larger than 100 MB
<code>find . -name "*.log" –mtime +30 –type f –size +100M | xargs rm -rf {};</code>3. Batch unzip all .zip files in the current directory
<code>for i in `find . –name "*.zip" –type f`
do
unzip –d $i /data/www/
done</code>Note: for i in (command); do … done is a common loop format where i is a user‑defined variable.
4. Find and delete *.log files created more than 3 days ago
<code>find . -mtime +3 -name "*.log" | xargs rm -rf {};</code>5. Move files larger than 100 KB to /tmp
<code>find . -size +100k -exec mv {} /tmp;</code>6. Check if a directory exists, create it if not, otherwise print a message
<code>if [ ! -d /data/backup/ ]; then
mkdir -p /data/backup/
else
echo "目录已存在"
fi</code>-d checks for a directory.
7. Replace a directory path in a file using sed
<code>sed 's:/user/local:/tmp:g' test.txt
# or
sed -i 's//usr/local//tmp/g' test.txt</code>8. Common sed commands
<code>sed -i 's/^.//g' test.txt # remove leading dot
sed 's/^/a/g' test.txt # add 'a' at line start
sed 's/$/a/' test.txt # add 'a' at line end
sed '/rumen/az' test.txt # after a specific line, add 'z'
sed '/rumenz/ic' test.txt # insert 'c' before a line</code>9. Use sed to modify a line matching a pattern
<code>sed -i '/SELINUX/s/enforcing/disabled/' /etc/selinux/config</code>sed colon syntax example.
<code>sed -i 's:/tmp:/tmp/abc/:g' test.txt # replace /tmp with /tmp/abc/</code>10. List top 20 IPs by request count in an Nginx access log
<code>cat access.log | awk '{print $1}' | sort | uniq -c | sort -nr | head -20</code>Explanation: sort orders, uniq removes duplicates.
11. Replace lines ending with "ab" to "cd"
<code>sed -e 's/ab$/cd/g' b.txt</code>12. Capture network packets with tcpdump (port 80)
<code># Capture packets to 192.168.56.7 on port 80
tcpdump -nn host 192.168.56.7 and port 80
# Exclude host 192.168.0.22 on port 80
tcpdump -nn host 192.168.56.7 or ! host 192.168.0.22 and port 80</code>13. Show the 20 most used commands from bash history
<code>history | awk '{print $2}' | sort | uniq -c | sort -k1,1nr | head -10</code>14. Simple firewall script to allow only remote access to port 80
<code>iptables -F
iptables -X
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
iptables -A INPUT -p tcp -j REJECT
# or
iptables -A INPUT -m state --state NEW -p tcp --dport 80 -j ACCEPT</code>Written by
Efficient Ops
This public account is maintained by Xiaotianguo and friends, regularly publishing widely-read original technical articles. We focus on operations transformation and accompany you throughout your operations career, growing together happily.
0 followers
Reader feedback
How this landed with the community
Rate this article
Was this worth your time?
Discussion
0 Comments
Thoughtful readers leave field notes, pushback, and hard-won operational detail here.